urlscan.io logo urlscan.io
SecurityTrails logo

www.29news.com Open in urlscan Pro
2a02:26f0:3500:12::1730:17a8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nbc29.com/
Effective URL: https://www.29news.com/
Submission: On December 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 78 IPs in 10 countries across 65 domains to perform 393 HTTP transactions. The main IP is 2a02:26f0:3500:12::1730:17a8, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.29news.com.
TLS certificate: Issued by R3 on December 11th 2023. Valid for: 3 months.
This is the only time www.29news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.179.249 16509 (AMAZON-02)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
49 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:800... 54113 (FASTLY)
3 99.84.149.113 16509 (AMAZON-02)
2 18.64.103.72 16509 (AMAZON-02)
1 18.239.18.14 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 18.66.2.127 16509 (AMAZON-02)
2 2600:1901:0:4... 396982 (GOOGLE-CL...)
3 23.35.236.201 16625 (AKAMAI-AS)
14 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
64 151.101.1.44 54113 (FASTLY)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a04:4e42:200... 54113 (FASTLY)
1 52.54.52.235 14618 (AMAZON-AES)
8 2a00:1450:400... 15169 (GOOGLE)
1 13.227.219.79 16509 (AMAZON-02)
1 34.233.61.246 14618 (AMAZON-AES)
1 16.182.74.120 16509 (AMAZON-02)
1 2600:9000:20a... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 199.232.215.52 54113 (FASTLY)
3 2a02:2638:3::c 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 151.101.65.44 54113 (FASTLY)
5 18.64.97.119 16509 (AMAZON-02)
2 2600:1901:0:6... 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2600:9000:220... 16509 (AMAZON-02)
6 30 104.18.36.155 13335 (CLOUDFLAR...)
3 185.64.189.112 62713 (AS-PUBMATIC)
4 17 37.252.171.149 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
8 104.18.38.76 13335 (CLOUDFLAR...)
4 151.101.65.108 54113 (FASTLY)
20 2600:9000:21c... 16509 (AMAZON-02)
1 198.47.127.19 62713 (AS-PUBMATIC)
2 2a00:1450:400... 15169 (GOOGLE)
8 8 142.250.185.130 15169 (GOOGLE)
3 6 52.46.130.91 16509 (AMAZON-02)
8 8 35.169.223.36 14618 (AMAZON-AES)
4 178.250.1.9 44788 (ASN-CRITE...)
8 35.71.131.137 16509 (AMAZON-02)
2 2 35.204.158.49 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 37.157.5.84 198622 (ADFORM)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
1 3.75.62.37 16509 (AMAZON-02)
1 98.98.134.241 21859 (ZEN-ECN)
4 6 2a05:d018:d29... 16509 (AMAZON-02)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
2 2 35.214.191.231 15169 (GOOGLE)
1 3.228.157.65 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 52.86.155.246 14618 (AMAZON-AES)
1 72.251.245.181 32475 (SINGLEHOP...)
16 141.226.228.48 200478 (TABOOLA-AS)
1 1 142.250.185.134 15169 (GOOGLE)
1 52.212.52.84 16509 (AMAZON-02)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
9 199.232.211.52 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 2.19.217.60 16625 (AKAMAI-AS)
2 35.156.190.4 16509 (AMAZON-02)
4 34.203.54.235 14618 (AMAZON-AES)
2 69.173.144.139 26667 (RUBICONPR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 95.101.54.99 20940 (AKAMAI-ASN1)
1 95.101.54.145 20940 (AKAMAI-ASN1)
1 1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 35.244.193.51 15169 (GOOGLE)
2 162.19.138.83 16276 (OVH)
1 54.77.9.4 16509 (AMAZON-02)
1 141.95.33.120 16276 (OVH)
5 185.64.189.226 62713 (AS-PUBMATIC)
1 141.226.224.32 200478 (TABOOLA-AS)
1 18.64.79.112 16509 (AMAZON-02)
393 78
1    15.197.179.249 (United States)

ASN16509 (AMAZON-02, US)
PTR: a167394200e18bcd4.awsglobalaccelerator.com
nbc29.com
9    2a02:26f0:3500:12::1730:17a8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.29news.com
49    2a02:26f0:480:c::210:f18e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
gray-wvir-prod.cdn.arcpublishing.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
3    99.84.149.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-149-113.txl52.r.cloudfront.net
c.amazon-adsystem.com
2    18.64.103.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-72.txl50.r.cloudfront.net
www.burst.com
1    18.239.18.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-14.ams58.r.cloudfront.net
ugc.zeam.com
2    2600:9000:225f:4000:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2606:4700:20::681a:d56 (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
6    18.66.2.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-127.txl50.r.cloudfront.net
public.tockify.com
2    2600:1901:0:4277::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
reconditerespect.com
3    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
14    2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)
api-esp.piano.io
5    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
64    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
c2.taboola.com
trc.taboola.com
nr-events.taboola.com
hp.taboola.com
images.taboola.com
wf.taboola.com
imprammp.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
vidanalytics.taboola.com
2    2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
684dd325.akstat.io
1    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
webpubcontent.raycommedia.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    52.54.52.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-52-235.compute-1.amazonaws.com
ping.chartbeat.net
8    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    13.227.219.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-79.ams54.r.cloudfront.net
config.aps.amazon-adsystem.com
1    34.233.61.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-61-246.compute-1.amazonaws.com
tockify.com
1    16.182.74.120 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2600:9000:20ab:ee00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    199.232.215.52 (United States)

ASN54113 (FASTLY, US)
apv-launcher.minute.ly
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:480:18d::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
1    2606:4700:20::ac43:48f0 (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.minute.ly
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
10    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
nr-events.taboola.com
cdn.taboola.com
vidstat.taboola.com
pips.taboola.com
5    18.64.97.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-97-119.txl50.r.cloudfront.net
aax.amazon-adsystem.com
2    2600:1901:0:636d::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
operationchicken.com
2    2606:4700:10::6816:48ae (United States)

ASN13335 (CLOUDFLARENET, US)
counter.snackly.co
2    2600:9000:2204:e00:1:4e32:7440:21 (United States)

ASN16509 (AMAZON-02, US)
d3v5317qx0o9g1.cloudfront.net
30    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
17    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4a1f0ea7d3ea6a515ac65312034675b7.safeframe.googlesyndication.com
8    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
4    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
20    2600:9000:21c7:5e00:12:3f97:c680:21 (United States)

ASN16509 (AMAZON-02, US)
d2csfia1ogd5wa.cloudfront.net
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
6    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    35.169.223.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-223-36.compute-1.amazonaws.com
i.liadm.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
6    2a05:d018:d29:3602:e076:33cd:685:7924 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
2    35.214.191.231 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 231.191.214.35.bc.googleusercontent.com
csync.loopme.me
1    3.228.157.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-157-65.compute-1.amazonaws.com
rtb.adentifi.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    52.86.155.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-155-246.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
16    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-match.taboola.com
sync.taboola.com
1    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
1    52.212.52.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
lego-geschenkideen.de
7    2606:4700:10::6816:4aef (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.tldw.me
counter.tldw.me
9    199.232.211.52 (United States)

ASN54113 (FASTLY, US)
apv-static.tldw.me
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.156.190.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    34.203.54.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-54-235.compute-1.amazonaws.com
ioms.bfmio.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    95.101.54.99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-99.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net
1    95.101.54.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-145.deploy.static.akamaitechnologies.com
wkrndbk7mu3ggzl4suba-prpn4y-c003ec93b-clientnsv4-s.akamaihd.net
1    2a02:26f0:480:f::213:7ee3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
trial-eum-clienttons-s.akamaihd.net
1    2a02:26f0:480:f::213:7ec8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
fiaazgbakcqaokqce3yajaaab5sxzfic-prpn4y-b6988c063-clienttons-s.akamaihd.net
1    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    54.77.9.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-9-4.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
lb.eu-1-id5-sync.com
5    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    18.64.79.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-112.txl50.r.cloudfront.net
sb.scorecardresearch.com
Apex Domain
Subdomains		 Transfer
91 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
c2.taboola.com — Cisco Umbrella Rank: 9052
trc.taboola.com — Cisco Umbrella Rank: 648
nr-events.taboola.com — Cisco Umbrella Rank: 11107
vidstat.taboola.com — Cisco Umbrella Rank: 3027
hp.taboola.com — Cisco Umbrella Rank: 22951
trc-events.taboola.com — Cisco Umbrella Rank: 2040
am-trc-events.taboola.com — Cisco Umbrella Rank: 15316
images.taboola.com — Cisco Umbrella Rank: 1870
wf.taboola.com — Cisco Umbrella Rank: 3217
am-vid-events.taboola.com — Cisco Umbrella Rank: 14680
imprammp.taboola.com — Cisco Umbrella Rank: 15008
am-match.taboola.com — Cisco Umbrella Rank: 15404
sync.taboola.com — Cisco Umbrella Rank: 1293
vidstatb.taboola.com — Cisco Umbrella Rank: 5135
pips.taboola.com — Cisco Umbrella Rank: 1659
cds.taboola.com — Cisco Umbrella Rank: 1860
vidanalytics.taboola.com — Cisco Umbrella Rank: 9954
2 MB
49 arcpublishing.com
gray-wvir-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 751848
2 MB
30 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
20 KB
22 cloudfront.net
d3v5317qx0o9g1.cloudfront.net
d2csfia1ogd5wa.cloudfront.net
366 KB
21 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
secure.adnxs.com — Cisco Umbrella Rank: 478
80 KB
20 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
466 KB
16 tldw.me
snippet.tldw.me — Cisco Umbrella Rank: 23235
counter.tldw.me — Cisco Umbrella Rank: 17079
apv-static.tldw.me — Cisco Umbrella Rank: 18036
727 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
82 KB
14 piano.io
api-esp.piano.io — Cisco Umbrella Rank: 13615
114 KB
12 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image6.pubmatic.com — Cisco Umbrella Rank: 793
t.pubmatic.com — Cisco Umbrella Rank: 3146
170 KB
9 29news.com
www.29news.com
790 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
1 KB
8 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
5 KB
8 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
6 KB
8 googlesyndication.com
4a1f0ea7d3ea6a515ac65312034675b7.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
42 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
42 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
4 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
dis.criteo.com — Cisco Umbrella Rank: 550
2 KB
7 tockify.com
public.tockify.com — Cisco Umbrella Rank: 65086
tockify.com — Cisco Umbrella Rank: 61351 Failed
324 KB
6 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
28 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
374 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net — Cisco Umbrella Rank: 2305
wkrndbk7mu3ggzl4suba-prpn4y-c003ec93b-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net — Cisco Umbrella Rank: 2306
fiaazgbakcqaokqce3yajaaab5sxzfic-prpn4y-b6988c063-clienttons-s.akamaihd.net
1 KB
4 bfmio.com
ioms.bfmio.com — Cisco Umbrella Rank: 12536
2 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1767
mab.chartbeat.com — Cisco Umbrella Rank: 2658
26 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
198 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
946 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
291 B
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 870
548 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 snackly.co
counter.snackly.co — Cisco Umbrella Rank: 5407
284 B
2 operationchicken.com
operationchicken.com — Cisco Umbrella Rank: 21308
873 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 minute.ly
apv-launcher.minute.ly — Cisco Umbrella Rank: 4993
snippet.minute.ly — Cisco Umbrella Rank: 7138
39 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1309
c.go-mpulse.net — Cisco Umbrella Rank: 595
51 KB
2 reconditerespect.com
reconditerespect.com — Cisco Umbrella Rank: 27541
29 KB
2 queryly.com
www.queryly.com — Cisco Umbrella Rank: 11671
8 KB
2 burst.com
www.burst.com — Cisco Umbrella Rank: 32652
13 KB
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
299 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
274 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
318 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1596
250 B
1 akstat.io
684dd325.akstat.io — Cisco Umbrella Rank: 70034
202 B
1 gstatic.com
fonts.gstatic.com
21 KB
1 lego-geschenkideen.de
lego-geschenkideen.de
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
283 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1383
424 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
425 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1014
35 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 20274
269 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
187 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1510
349 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11359
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 602
483 B
1 amazonaws.com
s3.amazonaws.com
552 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1455
201 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
30 KB
1 raycommedia.com
webpubcontent.raycommedia.com — Cisco Umbrella Rank: 110245
34 KB
1 zeam.com
ugc.zeam.com — Cisco Umbrella Rank: 33871
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1345
610 B
1 nbc29.com
nbc29.com — Cisco Umbrella Rank: 826826
200 B
0 rlcdn.com Failed
api.rlcdn.com Failed
393 65
Domain Requested by
49 gray-wvir-prod.cdn.arcpublishing.com www.29news.com
gray-wvir-prod.cdn.arcpublishing.com
28 images.taboola.com www.29news.com
20 d2csfia1ogd5wa.cloudfront.net d3v5317qx0o9g1.cloudfront.net
17 cdn.taboola.com www.29news.com
cdn.taboola.com
16 ib.adnxs.com 3 redirects ads.pubmatic.com
acdn.adnxs.com
14 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
14 api-esp.piano.io www.29news.com
code.jquery.com
api-esp.piano.io
10 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
10 trc.taboola.com cdn.taboola.com
www.29news.com
9 apv-static.tldw.me www.29news.com
9 www.29news.com www.29news.com
8 match.adsrvr.org ssum-sec.casalemedia.com
imprammp.taboola.com
am-match.taboola.com
ads.pubmatic.com
8 i.liadm.com 8 redirects
8 cm.g.doubleclick.net 8 redirects
8 securepubads.g.doubleclick.net www.29news.com
securepubads.g.doubleclick.net
6 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
6 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 public.tockify.com www.29news.com
tockify.com
5 t.pubmatic.com ads.pubmatic.com
5 snippet.tldw.me apv-launcher.minute.ly
snippet.tldw.me
5 htlb.casalemedia.com ads.pubmatic.com
5 aax.amazon-adsystem.com c.amazon-adsystem.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.29news.com
5 www.googletagmanager.com www.29news.com
www.googletagmanager.com
public.tockify.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 ioms.bfmio.com vidstat.taboola.com
4 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
4 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
4 am-vid-events.taboola.com www.29news.com
vidstat.taboola.com
4 trc-events.taboola.com cdn.taboola.com
www.29news.com
4 cdn.indexww.com ssum-sec.casalemedia.com
4 dis.criteo.com ssum-sec.casalemedia.com
4 acdn.adnxs.com ads.pubmatic.com
4 js-sec.indexww.com ads.pubmatic.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 region1.google-analytics.com www.googletagmanager.com
3 am-match.taboola.com vidstat.taboola.com
3 hbopenbid.pubmatic.com ads.pubmatic.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 gum.criteo.com cdn.taboola.com
ads.pubmatic.com
3 ads.pubmatic.com www.29news.com
ads.pubmatic.com
3 c.amazon-adsystem.com www.29news.com
c.amazon-adsystem.com
3 cdnjs.cloudflare.com www.29news.com
cdnjs.cloudflare.com
2 vidanalytics.taboola.com cdn.taboola.com
2 id5-sync.com ads.pubmatic.com
2 token.rubiconproject.com eus.rubiconproject.com
2 x.bidswitch.net am-match.taboola.com
2 imprammp.taboola.com www.29news.com
vidstat.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 counter.tldw.me snippet.tldw.me
2 hp.taboola.com cdn.taboola.com
2 csync.loopme.me 2 redirects
2 c1.adform.net 2 redirects
2 um.simpli.fi 2 redirects
2 fonts.googleapis.com client
2 d3v5317qx0o9g1.cloudfront.net public.tockify.com
2 counter.snackly.co snippet.minute.ly
2 operationchicken.com reconditerespect.com
2 nr-events.taboola.com c2.taboola.com
www.29news.com
2 reconditerespect.com www.29news.com
2 www.queryly.com www.29news.com
2 static.chartbeat.com www.29news.com
2 www.burst.com www.29news.com
www.burst.com
1 sb.scorecardresearch.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 lb.eu-1-id5-sync.com ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 lexicon.33across.com ads.pubmatic.com
1 fiaazgbakcqaokqce3yajaaab5sxzfic-prpn4y-b6988c063-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 wkrndbk7mu3ggzl4suba-prpn4y-c003ec93b-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 www.google.com tpc.googlesyndication.com
1 684dd325.akstat.io s.go-mpulse.net
1 vidstatb.taboola.com www.29news.com
1 fonts.gstatic.com fonts.googleapis.com
1 lego-geschenkideen.de www.29news.com
1 ad.doubleclick.net 1 redirects
1 am-trc-events.taboola.com www.29news.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 sync.srv.stackadapt.com 1 redirects
1 s.company-target.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ad.turn.com 1 redirects
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 ups.analytics.yahoo.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 4a1f0ea7d3ea6a515ac65312034675b7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.google.de www.29news.com
1 region1.analytics.google.com www.googletagmanager.com
1 snippet.minute.ly apv-launcher.minute.ly
1 c.go-mpulse.net s.go-mpulse.net
1 apv-launcher.minute.ly cdn.taboola.com
1 mab.chartbeat.com static.chartbeat.com
1 static.adsafeprotected.com www.29news.com
1 s3.amazonaws.com www.29news.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 ping.chartbeat.net www.29news.com
1 tockify.com public.tockify.com
www.29news.com
1 code.jquery.com api-esp.piano.io
1 webpubcontent.raycommedia.com www.29news.com
1 s.go-mpulse.net www.29news.com
1 c2.taboola.com www.29news.com
1 ugc.zeam.com www.29news.com
1 polyfill.io www.29news.com
1 nbc29.com 1 redirects
0 api.rlcdn.com Failed ads.pubmatic.com
393 114
Subject Issuer Validity Valid
gray4.web.arc-cdn.net
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
*.cdn.arcpublishing.com
Entrust Certification Authority - L1K		 2022-12-12 -
2024-01-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-02 -
2024-01-01		 a month crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
burst.com
Amazon RSA 2048 M02		 2023-02-16 -
2024-03-16		 a year crt.sh
ugc.zeam.com
Amazon RSA 2048 M01		 2023-09-14 -
2024-10-12		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.tockify.com
Amazon RSA 2048 M01		 2023-05-12 -
2024-06-09		 a year crt.sh
reconditerespect.com
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
raycom.web.arc-cdn.net
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
tockify.com
Amazon RSA 2048 M02		 2023-02-01 -
2024-02-29		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.minute.ly
R3		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
operationchicken.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
*.snackly.co
Sectigo RSA Organization Validation Secure Server CA		 2022-11-22 -
2023-12-23		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
tldw.me
GTS CA 1P5		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.tldw.me
R3		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh

This page contains 26 frames:

Primary Page: https://www.29news.com/
Frame ID: 5B43408F6B26D8BC552843D6750939E3
Requests: 265 HTTP requests in this frame

Frame: https://tockify.com/wvir.calendar
Frame ID: AA5A950390D081C0C894BF89A4D5B63D
Requests: 1 HTTP requests in this frame

Frame: https://tockify.com/wvir.calendar
Frame ID: 320784AA622304A643FF42C4B49AC5A7
Requests: 36 HTTP requests in this frame

Frame: https://api-esp.piano.io/publisher/unattended/1190?wv=50&v=vz.1.108.13-79dc946e
Frame ID: 4308CBB58CF889FF73056DF2756C7466
Requests: 4 HTTP requests in this frame

Frame: https://4a1f0ea7d3ea6a515ac65312034675b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C52E062E1AD887BD130E2125C56E481F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: AE88D29E1AAFE5F310AFDD653822810D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B27A9169D22B431EFA8F06198D027116
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 007CD92AC9F4B7E300EFF64771A9F15E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 89AE6F55533DAD13FE02F1263CEFF3B0
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F07232776347AF05DDD531972715DB6A
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 04BB9AC9A66140C822DD1762851BB19D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 84E82A8881051D235A0CDB68E47ED690
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 9B2CD5F6D6988F71DC3639F549A4A8A0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5E690F24CE6EB3D0C76D11898E8F2489
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: D932282E13D8C56816A569EC5ACAA8E9
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 11D15C3C79AF408D256C627F871448D1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 98112F9165B4F243C96C92C1B5018491
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 6DC19D4FD38F6244FDD1945426703B15
Requests: 10 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&cmcv=&pix=undefined&cb=1702663425407&uv=3366&tms=1702663425407&abt=adxsub-out_vA!adxsub-out_vB!DLR_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3078f4f4-b55b-426a-be5c-04d8617c378f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D758DE8F30315D74A7AFB634B016E549
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: DFA9635D873C8446104DEA04C29734F4
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: C73B1FF6DDDBC95AF53A175F33F449B2
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 4822E6A5F5186E41C719987004E25D4F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 7CD9117237B56377141E6C2440112ED4
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8K8UCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYGDtAEmuJqaVYzlxi2ym0Vq02I3WCuPCs5Y4d6vZZmXbLJe7ISDJ1cS0ciwnbpHNNFqLFrvRWmFceNYS524126xsm-VyNwUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8h4y_7YZw3iH5EC2iKMAAAAAMiKRhcemaQTVCyq_P__91sBuAIAEMDoZpqAk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpAxrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyPdC0VG2VZ0IKfSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDCwmO0WDpNxLRnMdmvRYrJwKzfDiVvmG9k2m81usxxO3KLXx_TxzRYL42CLBANI9iJ5WqQT0czhcg43E9tutjCsHC7HYGJZGXcT32i38iwWE4tYojlZpBPZZd8xrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyLyxmu4XDZFxLBrPdWrSYLNzKzXDilvlGts1ms9sshxO36PUxfXyzxcI42Dd2g8lsthlNRvvGbjCZzTajyWjfYTI9U5-z0bU8pj0-bdI2FHtsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7IZzxWwylwyWc8Vms0oAAAAAAAAAAJZgmukmAAAAAE4GMZwMh7t1OpjJcjGZjJYLwMJLUhcwCAAAAAAAwK7ICj6sEJH_lGKNPQZxlofzdHvrbk_L3eKxLKcMAKDgkNlmnxHEWq2WNQAAAAFsAAAAAdx0401AKBT3____Pw4AAICMHHoAAABr-4CWjlwp9MKR-BXEYDic7B-ACrFWq9XtxlqtVsAC2sxGown8____JwgAAAAAAKAiCA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D709E6D98A8F316BADCA8515D5756518
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5BB4049917FF2F362EA0AF39E6D835D6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C61BD3CC89E92C0F507449F123FF83E3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WVIR | News, Weather, and Sports | Charlottesville, VA

Page URL History Show full URLs

  1. http://nbc29.com/ HTTP 301
    https://www.29news.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • backbone.*\.js
Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

393
Requests

91 %
HTTPS

42 %
IPv6

65
Domains

114
Subdomains

78
IPs

10
Countries

8500 kB
Transfer

22656 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nbc29.com/ HTTP 301
    https://www.29news.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 187
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 188
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 189
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 190
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 191
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 192
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 193
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPoerFxanRdNiEI9AK6jAek&google_cver=1
Request Chain 197
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 198
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXyVAOsiOdAtItj-6GtG9wAA%263243&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXyVAOsiOdAtItj-6GtG9wAA%263243&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0a7465f6dceb4a74be4670ec8eeee0b8 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 200
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C03EB7438D2A47ACA3051CBDF00A20B1
Request Chain 202
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7742050139372852978&expiration=1703873025
Request Chain 203
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=250231e7-385a-ddb9-861cdef4
Request Chain 205
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVADTkmjo0Qg_NDwqcEAAADSAAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVADTkmjo0Qg_NDwqcEAAADSAAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 207
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXyVADTkmjo0Qg-NDwqcEAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZXyVADTkmjo0Qg-NDwqcEAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyCilz4mHa1EyHBAUqABX4&google_cver=1
Request Chain 208
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXyVADTkmjo0Qg-NDwqcEAAA%263360&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXyVADTkmjo0Qg-NDwqcEAAA%263360&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7323bff2219a4cf3ad9824938cebc28f HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 209
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2951765EF0134BDBA68CB37230FC6131
Request Chain 214
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 215
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXyVAEWQ6nF6Mh-if0IYigAA%265289&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXyVAEWQ6nF6Mh-if0IYigAA%265289&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b4b1addeb11d48ee9adb9d89725f63df HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 216
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJDb96v_JELUjB2kEfIl_3E&google_cver=1
Request Chain 217
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXyVAEWQ6nF6Mh-if0IYigAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZXyVAEWQ6nF6Mh-if0IYigAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENIH7z7gKra5Vh3ROfiWLV8&google_cver=1
Request Chain 218
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=97acdd43-a6b6-4a00-a9aa-c948da29dadc
Request Chain 219
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=748f571b-364c-4f38-a538-922f63397e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 221
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7262416958248687114
Request Chain 224
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXyVAEWQ6nF6Mh-if0IYigAA%265289&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXyVAEWQ6nF6Mh-if0IYigAA%265289&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2dbd0acd33564256b85727e36308e918 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 226
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4118587467095025469
Request Chain 227
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718474625&external_user_id=2818f138-77da-462d-8d1b-de19da1933b6
Request Chain 228
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=302e592b-ed55-45af-9942-0e8475990ece&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 229
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Pr1Je0RqVLhr_HXcS0ZK37Ki0YU
Request Chain 252
  • https://ad.doubleclick.net/ddm/trackclk/N789069.3001245TABOOLADE/B30765488.381177129;dc_trk_aid=571769255;dc_trk_cid=204416305;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1;dc_ref=29news.com HTTP 302
  • https://lego-geschenkideen.de/products/43217?campaign=xmas&utm_source=taboola
Request Chain 307
  • https://pr-bh.ybp.yahoo.com/sync/taboola/0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
Request Chain 313
  • https://pr-bh.ybp.yahoo.com/sync/taboola/0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
Request Chain 316
  • https://pr-bh.ybp.yahoo.com/sync/taboola/0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
Request Chain 336
  • https://pr-bh.ybp.yahoo.com/sync/taboola/0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
Request Chain 351
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=prpn4yv0f HTTP 302
  • https://wkrndbk7mu3ggzl4suba-prpn4y-c003ec93b-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 352
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=prpn4yv0f HTTP 302
  • https://fiaazgbakcqaokqce3yajaaab5sxzfic-prpn4y-b6988c063-clienttons-s.akamaihd.net/eum/results.txt

393 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.29news.com/
Redirect Chain
  • http://nbc29.com/
  • https://www.29news.com/
731 KB
139 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a524b2d1b64d155fb062699f4d4cfb54bdaadec800fc103133619ecb8af170ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 15 Dec 2023 18:03:43 GMT
etag
W/"b5a3f-uanJJ2UOB3cU5jfuVtS2eZdikx4"
expires
Fri, 15 Dec 2023 18:04:43 GMT
last-modified
Fri, 15 Dec 2023 18:03:42 GMT
prerender-cache-tag
prerender-gray-wvir-prod-b308edcd
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=247 origin; dur=830 ak_p; desc="1702663422059_389027496_183223223_107761_13518_8_82_255";dur=1
strict-transport-security
max-age=86400
vary
Accept-Encoding
x-akamai-transformed
9 139748 0 pmb=mRUM,2
x-amz-cf-id
x4oaws-y27rxuSTVnA5nW5fMssZ_Y4or1IlUxZOkLFzK68x-qlKekw==
x-amz-cf-pop
FRA56-P4
x-arc-pb-request-id
dc7c0b58-a14c-4bb2-9acf-177c39124a14 6bbe65aa-a37f-4522-b0c7-9eb6d683c650
x-arc-request-id
0.a8163017.1702663422.aebc3b7

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Fri, 15 Dec 2023 18:03:41 GMT
Location
https://www.29news.com:443/
Server
awselb/2.0
react.js
www.29news.com/pf/dist/engine/ 		842 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/pf/dist/engine/react.js?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4bd9ac56934d76ebef4caeb9c0eb9880378b0fd9e46f098d34e1399c18cc0bc5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
IAD50-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.a8163017.1702663423.aebcdcb
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1702663423278_389027496_183225803_1356_2970_7_0_146";dur=1
content-length
186018
last-modified
Thu, 14 Dec 2023 16:19:49 GMT
server
openresty
etag
W/"52e9bde9eac1bb3706b9fac467fd559b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
jjLqt94KqB5v-JSn3qQ9CLhkxxGqGWc6eBIg8E4nQPABgYu_GLiXIQ==
expires
Sat, 14 Dec 2024 18:03:43 GMT
default.js
www.29news.com/pf/dist/components/combinations/ 		1 MB
275 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a1ce2ebc5559dd55f9d1b9aeb0df3d567623fb2ab8c25358d5c47eaaebfc7642
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
ATL58-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.a8163017.1702663423.aebcdcc
server-timing
cdn-cache; desc=HIT, edge; dur=57, ak_p; desc="1702663423271_389027496_183225804_5753_2656_16_0_146";dur=1
content-length
280658
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"71e7a74e3051163ba9d92db913a2d8d0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
1BqlKphEcMQ1W7o0e543CQa8SwvGkYAsEuJ7fmSLE4fRW2iwMRA0Xw==
expires
Sat, 14 Dec 2024 18:03:43 GMT
main.css
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 		82 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
8257e3f3a5939a2a8e1ea470645bc40d9e2f626c59ec06307d0ed5f3f00b8ab0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
x-edgeconnect-origin-mex-latency
80
date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
EWR53-P1
x-edgeconnect-midmile-rtt
17
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4ef01002.1702663423.27d3648f
server-timing
cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1702663423335_34664526_668165263_478_5134_9_0_255";dur=1
content-length
14170
last-modified
Thu, 14 Dec 2023 16:19:49 GMT
server
openresty
etag
W/"9e40a2a1a5a5fd1291cbb18863b4a93d"
x-edgeconnect-cache-status
3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
5barcSm0RD9YkBDvRU31SBBrp3Gbx8FEVQZ5pdJlOGP1roqxBV5hKw==
expires
Sat, 14 Dec 2024 18:03:43 GMT
main.css
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/ 		99 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
706743694960fca164dfe7fb4ed7d2dc76f97936ef1dbbc17e738b5ba5a14327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
MIA3-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4ef01002.1702663423.27d36482
server-timing
cdn-cache; desc=HIT, edge; dur=10, origin; dur=0, ak_p; desc="1702663423302_34664526_668165250_971_5186_9_25_255";dur=1
content-length
16022
last-modified
Thu, 14 Dec 2023 16:19:50 GMT
server
openresty
etag
W/"b8875683a6ccda26236205cbfde597c8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
_A4hbvwfIAdiOFx3Q-5W94hISq8ebm3QZx4tkD2VuSSxM1GLZ8ynzw==
expires
Sat, 14 Dec 2024 18:03:43 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1267291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18861
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-49ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJMeoRnsxC27yVNNLY5X%2Fau2lXYiUx25y7buD7WA2umqyAHwgn1KeJIGcfvFXnTsOwd1hpA4U1k5zpWRbxXs6qHEzGAs6awBh3ddMdUEfie9VJjwaXVDgWZC%2FzYjmiOeEEtR6rtGd%2FJC5YE3McV6QRfa"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83609adb68479110-FRA
expires
Wed, 04 Dec 2024 18:03:43 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CObject.fromEntries%2CArray.prototype.entries
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 18:03:43 GMT
age
59376
detected-user-agent
Chrome/120.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
120
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/120.0.0
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
gtm.js
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 		584 B
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
ATL58-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4ef01002.1702663423.27d36490
server-timing
cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1702663423335_34664526_668165264_343_5226_9_0_219";dur=1
content-length
305
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"d95f5027a66e33b82dc537faa5603017"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
MQnxnllSO7-AjsKdDIvaCWpZ_l4OMgxyLdc_MUJzS7PTjwIGCrMnGg==
expires
Sat, 14 Dec 2024 18:03:43 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.149.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-149-113.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:41:41 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, TXL52-C1
age
1323
x-amz-server-side-encryption
AES256
etag
W/"d6937d02acbbf691a008906e9d0617e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
g_FPSVXTZLIRKBz9lKtAFyMghAqZrr105rk6s4BdCwn7jRgu-vcWcw==
framework.js
www.burst.com/webapps/embed/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.burst.com/webapps/embed/framework.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-72.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3525aa71e87b50d7a7d289c60539fa25ae854f6e20063ccfe3c4e8fb011af05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
QmTFx6UD2NYS_YSojtwK6cTAvw9NaRbn
content-encoding
gzip
via
1.1 98b89ed6771805fd5b6d059738f20206.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 18:03:43 GMT
last-modified
Tue, 12 Dec 2023 14:49:56 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P3
age
17
etag
W/"e5f6790f2b5e0c546bf463b0ddc9d9a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=10800
x-amz-cf-id
6G0fuzDdRCLzxXKzOkhCAEAoA0moxlIHCK-rTgYcIcUPi_IkkeEiaw==
u2media-plugin.js
ugc.zeam.com/plugin/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugc.zeam.com/plugin/u2media-plugin.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-14.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb401a02cbbd4e277a3b73f94423e52594bbba14871f61b7e40aaa06701e1e2a

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 03:34:20 GMT
content-encoding
gzip
via
1.1 0bdea9339f79fea2216fd97b3f7856f2.cloudfront.net (CloudFront)
x-amz-request-id
FDKY50AKE0APFB71
x-amz-cf-pop
AMS58-P6
x-amz-server-side-encryption
AES256
age
52164
x-cache
Hit from cloudfront
x-amz-id-2
1n1IONrzSg5D4PxaRhLF379l3rslUzUaLecJbA0fRkjfBNGI+3UX5wsGarISnTTUeInc+Mwj2n0=
last-modified
Wed, 29 Nov 2023 16:26:15 GMT
server
AmazonS3
etag
W/"f38a816a64b11cf4de9e4cc30b382e46"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag, x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary
Accept-Encoding
x-amz-cf-id
OvWloLn8YR-g8Qb3XQlPd6-lCXYLzUaWcOgsWaLi6ecfiaGfi771JA==
comscore.js
www.29news.com/pf/resources/js/analytics/ 		168 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/pf/resources/js/analytics/comscore.js?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
IAD50-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.a8163017.1702663423.aebcdca
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702663423271_389027496_183225802_85_3264_7_0_219";dur=1
content-length
49862
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"702fb2c84c6e8b364a6130cb860c7987"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
-lmjm25N3Cp3agXRASdAImD2uY-qHiTMy2rBOdlKFFjxup9WAA-hSQ==
expires
Sat, 14 Dec 2024 18:03:43 GMT
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:4000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
88004917adbd7b6b060b06f46d6b7cffb33406df9e017f5d52a506de5dc7ab1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:56:00 GMT
content-encoding
gzip
via
1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 01:27:01 GMT
server
nginx
x-amz-cf-pop
TXL50-P2
age
463
etag
W/"657a59e5-9672"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
toFo6HmIo81GWy6ejsXkIbyK9pRNbvdzhDlM1IBqR4UIK1vKB0p_vA==
expires
Sat, 16 Dec 2023 17:56:00 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:4000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
73c48a750a107c5809e5b332e74b0f1b32ddd1c24b98f1d9e8febf73322fbb84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:53:49 GMT
content-encoding
gzip
via
1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 01:53:37 GMT
server
nginx
x-amz-cf-pop
TXL50-P2
age
593
etag
W/"657a6021-5f55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-id
eRHSUkXXkxcszpo0AFeNhM4gPM-Brwr-TXpELP2Ub34UuEAf7ZqzGw==
expires
Fri, 15 Dec 2023 19:53:49 GMT
queryly.v4.min.js
www.queryly.com/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.min.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
970dad4102b0f0a1c8b3e84ecc0ed974492db999d232a5e8544861ccdfbdb7db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 15:54:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
272
etag
W/"08b344c95da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucuT7fhBPyzrVYmO%2F5qJHWC8Vtsm1uBmpkHcRY1H%2BHY18StBcKKpjaOLxmmUpQR%2BC3ISSO7wbO1LAj1fzg1O7GpmEC4oQogdJ3rJeIQug3EhlBaYibMxwDxwhDwgyZH9hAPgWV3eJ2cx83n1RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
83609adee950195c-FRA
LAWNENZYMFFK3PWPUW4WF3BZEY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/LAWNENZYMFFK3PWPUW4WF3BZEY.jpg?auth=5d3f855ad575c1a61c0e3a0b100cd1adf4b79921f531ea896a530041a1655746&width=800&height=600&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b33fc2b6a9c1d4e9036c3585b8a798869d3d00f5dda24a01ef2a87b36b300202
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 16:18:41 GMT
server
Akamai Image Manager
etag
"a4bb9dd881aa962df75136c270ba3745"
x-arc-request-id
0.4ef01002.1702663423.27d36491
content-type
image/avif
cache-control
private, no-transform, max-age=31529731
server-timing
cdn-cache; desc=HIT, edge; dur=10, origin; dur=0, ak_p; desc="1702663423335_34664526_668165265_953_10928_9_0_182";dur=1
content-length
39867
expires
Sat, 14 Dec 2024 16:19:14 GMT
2MMRK2YAR5BIVPQXPG7RPDNAQY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2MMRK2YAR5BIVPQXPG7RPDNAQY.jpg?auth=d690fadc74da468c35444b4dd27e8ee358ea2f543f9be22260ebad0b2dbb5524&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e1068fb3ed95f16e7004ceb33a3224db16373fb29330424b2a521247954048ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 10:13:18 GMT
server
Akamai Image Manager
x-serial
482
x-check-cacheable
YES
etag
"2e9ce97772eaed40949109eed49037c4"
x-arc-request-id
0.4ef01002.1702663423.27d36492
content-type
image/avif
cache-control
private, no-transform, max-age=31507803
server-timing
cdn-cache; desc=HIT, edge; dur=508, origin; dur=0, ak_p; desc="1702663423335_34664526_668165266_50740_11373_9_0_182";dur=1
content-length
35530
expires
Sat, 14 Dec 2024 10:13:46 GMT
RBX22BYBGNEMRIPYTKX2JQTEFI.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/RBX22BYBGNEMRIPYTKX2JQTEFI.jpg?auth=5a99c92435f9e5259fd3a88a7f3fe02a1774b4de95ce69d6fca6637b819a17c9&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7cecb1cecfe9f17a2a89be3b10a0b20dc8423a279c06486e34d720761ade15bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 17:16:19 GMT
server
Akamai Image Manager
x-serial
330
x-check-cacheable
YES
etag
"6453fc810bdc8f19eb1d62b2ea9bbc41"
x-arc-request-id
0.4ef01002.1702663423.27d364f8
content-type
image/avif
cache-control
private, no-transform, max-age=31533158
server-timing
cdn-cache; desc=HIT, edge; dur=216, origin; dur=0, ak_p; desc="1702663423373_34664526_668165368_21645_9925_10_0_182";dur=1
content-length
40774
expires
Sat, 14 Dec 2024 17:16:21 GMT
72AYN6HW3BDN7PHJ5RATOXQPLU.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/72AYN6HW3BDN7PHJ5RATOXQPLU.jpg?auth=202bc7ac47f8bfcba6d5b7fa0693e91cbfc0350be858d17b1e7abfd2451805fa&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
13fc33bfd71d1428a6594249042832c3847377cf3a370581971c1f948d054c33
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 15:55:12 GMT
server
Akamai Image Manager
etag
"cab6c0938f07df3a900430a32e0d9aab"
x-arc-request-id
0.4ef01002.1702663423.27d366ed
content-type
image/avif
cache-control
private, no-transform, max-age=31528197
server-timing
cdn-cache; desc=HIT, edge; dur=208, origin; dur=0, ak_p; desc="1702663423611_34664526_668165869_20701_7891_7_0_182";dur=1
content-length
81184
expires
Sat, 14 Dec 2024 15:53:40 GMT
2DTS67JZ5SQUTD3BNE27A3ZV6Y.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2DTS67JZ5SQUTD3BNE27A3ZV6Y.jpg?auth=438c39b43df2dfcfce64dc1aa8579f73eefc05ca2d18dc656fb7efad127b5a04&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
50f6f292a9ff0c4ed168811db3eee056d0212b759a2348cdbbd654bde25c1610
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 16:50:11 GMT
server
Akamai Image Manager
etag
"5c372de7a9d169d08ca74d02141a6139"
x-arc-request-id
0.4ef01002.1702663423.27d36893
content-type
image/avif
cache-control
private, no-transform, max-age=31531523
server-timing
cdn-cache; desc=HIT, edge; dur=129, origin; dur=0, ak_p; desc="1702663423801_34664526_668166291_12902_19917_16_0_182";dur=1
content-length
34994
expires
Sat, 14 Dec 2024 16:49:06 GMT
7NPKQS3QKVAWXFKYUCRNIPD2AE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/7NPKQS3QKVAWXFKYUCRNIPD2AE.jpg?auth=da9d213b5fa6449cc5b6ebc5f554ea452f6c4e88b114b8bc53b4b40b38916ba6&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
208bc6507ffbc9fa47d897119c1486b1442e8b9c82c77f7a0f0ee0fec27b3dcb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 15:55:24 GMT
server
Akamai Image Manager
x-serial
1472
x-check-cacheable
YES
etag
"fe16405ca42aea617d0d9d56857c8764"
x-arc-request-id
0.4ef01002.1702663423.27d3689c
content-type
image/avif
cache-control
private, no-transform, max-age=31528311
server-timing
cdn-cache; desc=HIT, edge; dur=25, origin; dur=0, ak_p; desc="1702663423806_34664526_668166300_2459_8897_7_0_146";dur=1
content-length
38596
expires
Sat, 14 Dec 2024 15:55:34 GMT
GRXSXPCCEVGIRJZQR6YJC6NAVE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/GRXSXPCCEVGIRJZQR6YJC6NAVE.jpg?auth=3db344fd40b964eb73e931fa6c54aa3b6f643ed86e46e5be5abdd9362047e068&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
72c4e33d7aab2ea74efc6b6abbaee16c8293dc3eeab2ace1af9855c8a1460cdc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 14:47:02 GMT
server
Akamai Image Manager
etag
"1f7d748d365b0cbea0ba7e14159d70d8"
x-arc-request-id
0.4ef01002.1702663423.27d3689d
content-type
image/avif
cache-control
private, no-transform, max-age=31524193
server-timing
cdn-cache; desc=HIT, edge; dur=195, origin; dur=0, ak_p; desc="1702663423807_34664526_668166301_19497_8430_9_0_146";dur=1
content-length
16178
expires
Sat, 14 Dec 2024 14:46:57 GMT
XPATKRZWPVGG7FQVSBOM563TVA.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/XPATKRZWPVGG7FQVSBOM563TVA.jpg?auth=6d1e467b49ca0009e8a56228f3a9aaf45bfb292ebe0b2806b123f400998696df&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d8cc8db1b08ef9d78d71de08e93f92e78bc86cbaff68c6617b7f772b2bacdcc6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 08:42:28 GMT
server
Akamai Image Manager
etag
"e718f914cecaa2d0b7991236da201467"
x-arc-request-id
0.4ef01002.1702663423.27d3689e
content-type
image/avif
cache-control
private, no-transform, max-age=31502435
server-timing
cdn-cache; desc=HIT, edge; dur=27, origin; dur=0, ak_p; desc="1702663423807_34664526_668166302_2743_8289_7_0_146";dur=1
content-length
11344
expires
Sat, 14 Dec 2024 08:44:18 GMT
XJH4PO3QOFGMDNE6PI6W3TIHUQ.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/XJH4PO3QOFGMDNE6PI6W3TIHUQ.png?auth=43f6f1fdbe26063240a01e8f8531d39870ea185fd526f33048c8f45f1a23e3cc&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c71022602078c7ac5061344e03b71babd10409cd196086e4d1c46a3cb8239a31
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 08:36:49 GMT
server
Akamai Image Manager
etag
"471d4cc3723eef721d508fd66479e3b8"
x-arc-request-id
0.4ef01002.1702663423.27d3689f
content-type
image/avif
cache-control
private, no-transform, max-age=31502038
server-timing
cdn-cache; desc=HIT, edge; dur=26, origin; dur=0, ak_p; desc="1702663423807_34664526_668166303_2665_8297_7_0_146";dur=1
content-length
54938
expires
Sat, 14 Dec 2024 08:37:41 GMT
ZEMUWNQWXVA2TCRIEPC46VLRGM.jpeg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ZEMUWNQWXVA2TCRIEPC46VLRGM.jpeg?auth=4bf4f511c0ddb4b16dbd313bcaa3248b27bfc034701b530fe87215281f91e76c&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6efef6c9dd71ad085f360c54d04ecfca3467ebb53ce0897d257aa4f1435c7419
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 08:36:48 GMT
server
Akamai Image Manager
x-serial
1877
x-check-cacheable
YES
etag
"9ef36fbdb71a3aef66000323d669463f"
x-arc-request-id
0.4ef01002.1702663423.27d368a0
content-type
image/avif
cache-control
private, no-transform, max-age=31501993
server-timing
cdn-cache; desc=HIT, edge; dur=27, origin; dur=0, ak_p; desc="1702663423807_34664526_668166304_2702_8767_7_0_146";dur=1
content-length
70459
expires
Sat, 14 Dec 2024 08:36:56 GMT
https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_1445cb25af3248209281e6114d332ad9_name_file_1280x720_2000_v3_1_.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_1445cb25af3248209281e6114d332ad9_name_file_1280x720_2000_v3_1_.jpg?auth=497126b9751c5ebaa2d257f7f0d5ed67690d00927224a4e05d0fa9c4829b850b&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e6d9cfc441d6a59c4f39e6bd1f10784799e90ee4e962ff1d2acb39541480ea88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 17:10:41 GMT
server
Akamai Image Manager
etag
"da8faa8abe84aca2b6dabd2ee9a3bb83"
x-arc-request-id
0.4ef01002.1702663423.27d368a1
content-type
image/avif
cache-control
private, no-transform, max-age=31532772
server-timing
cdn-cache; desc=HIT, edge; dur=67, origin; dur=0, ak_p; desc="1702663423807_34664526_668166305_6651_8738_16_0_146";dur=1
content-length
33060
expires
Sat, 14 Dec 2024 17:09:55 GMT
https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-14-2023%2Ft_3de191a080444d4e934b400765d34444_name_file_1280x720_2000_v3_1_.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-14-2023%2Ft_3de191a080444d4e934b400765d34444_name_file_1280x720_2000_v3_1_.jpg?auth=cfe204fecc1b26b39c5f20313854c14eb8f65d5efa11e5bff2bc21cefe35ff8d&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3892fda412b98b9c0f445107d4d429f7bd5401ff5d8f598e34deff6655a18381
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 22:16:13 GMT
server
Akamai Image Manager
x-serial
547
x-check-cacheable
YES
etag
"bfb7b71556b75a1d41552910a882de42"
x-arc-request-id
0.4ef01002.1702663423.27d368a2
content-type
image/avif
cache-control
private, no-transform, max-age=31464845
server-timing
cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, ak_p; desc="1702663423807_34664526_668166306_1503_8735_7_0_146";dur=1
content-length
51070
expires
Fri, 13 Dec 2024 22:17:48 GMT
https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-14-2023%2Ft_8f173c333b4d45fcb48effbb586793a9_name_file_1280x720_2000_v3_1_.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-14-2023%2Ft_8f173c333b4d45fcb48effbb586793a9_name_file_1280x720_2000_v3_1_.jpg?auth=8a71e60a5f0458ba4f7431762aa970491ed9722864c7e4d74b6ef39423459734&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6a543cf4a8affcda10deb77c4c95495bdc6dacf8b81d020e16a1bd70d8c7040f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 22:28:51 GMT
server
Akamai Image Manager
x-serial
1151
x-check-cacheable
YES
etag
"ee11f4493390ff9074bd1e84ffdcd3bb"
x-arc-request-id
0.4ef01002.1702663423.27d368a3
content-type
image/avif
cache-control
private, no-transform, max-age=31465513
server-timing
cdn-cache; desc=HIT, edge; dur=14, origin; dur=0, ak_p; desc="1702663423807_34664526_668166307_1424_8696_7_0_146";dur=1
content-length
14359
expires
Fri, 13 Dec 2024 22:28:56 GMT
https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-14-2023%2Ft_70726b9b1e634eb195b5b6b65ce93c13_name_file_1280x720_2000_v3_1_.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-14-2023%2Ft_70726b9b1e634eb195b5b6b65ce93c13_name_file_1280x720_2000_v3_1_.jpg?auth=0c80aea47833ab39dcffe32145cc9f9ec29646188b834ec62e68ea6240a602b8&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e2b3deab75e783acd0162aff687ce9f72fe00f4241bdfc774c5b35228bea5cae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 22:12:15 GMT
server
Akamai Image Manager
x-serial
529
x-check-cacheable
YES
etag
"430627feb5ae65b8013bd01149bc8743"
x-arc-request-id
0.4ef01002.1702663423.27d368a4
content-type
image/avif
cache-control
private, no-transform, max-age=31464583
server-timing
cdn-cache; desc=HIT, edge; dur=253, origin; dur=0, ak_p; desc="1702663423807_34664526_668166308_25273_16926_9_0_146";dur=1
content-length
19090
expires
Fri, 13 Dec 2024 22:13:27 GMT
embed.js
public.tockify.com/browser/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com/browser/embed.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-127.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
992bed67acbd5174ae1d6609291b0309c7e5391fe302f4d7b6468c5a2787847f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:02:27 GMT
content-encoding
br
via
1.1 36e42f052a24feab91529d442c70cf34.cloudfront.net (CloudFront)
last-modified
Mon, 20 Nov 2023 13:06:24 GMT
server
nginx
x-amz-cf-pop
TXL50-P1
age
98
etag
W/"655b59d0-6439"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=180
x-amz-cf-id
WK_V8Rizk06h2OD5A6FXzRl9niW4mMtT6zSWlOFClc9dofkP5k0z5Q==
expires
Fri, 15 Dec 2023 18:05:05 GMT
5KKGJUV5NCSVU5X2JBLNSL6Q6E.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/5KKGJUV5NCSVU5X2JBLNSL6Q6E.jpg?auth=2a680452c98d2557189e81661e0c995cd4ae8b22ffd47c6c68ee55e519b16281&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cd623a181d7067e8732e06a3e47430ca66602d9d604ebd821e3390be94852fce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 22:20:38 GMT
server
Akamai Image Manager
x-serial
1137
x-check-cacheable
YES
etag
"218c00de9dd5f194b5cf40e6e6d49061"
x-arc-request-id
0.4ef01002.1702663423.27d368b4
content-type
image/avif
cache-control
private, no-transform, max-age=31464979
server-timing
cdn-cache; desc=HIT, edge; dur=379, origin; dur=0, ak_p; desc="1702663423812_34664526_668166324_37891_9223_13_0_146";dur=1
content-length
23873
expires
Fri, 13 Dec 2024 22:20:03 GMT
UMZXTD5465HCRGETDO2HAJWTCM.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/UMZXTD5465HCRGETDO2HAJWTCM.png?auth=62a0b9595e9d2fe85376f466912265fb5bbca94be7c17b1195cfbd285a0a70df&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3fa3d3aac092c8453ede9ae0397911dfbc0add561679d1faa196320ed4863fac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 20:23:55 GMT
server
Akamai Image Manager
etag
"7b31125cb21e8ebf6990ffa21728248f"
x-arc-request-id
0.4ef01002.1702663423.27d368b5
content-type
image/avif
cache-control
private, no-transform, max-age=31458031
server-timing
cdn-cache; desc=HIT, edge; dur=22, origin; dur=0, ak_p; desc="1702663423812_34664526_668166325_2175_13664_9_0_146";dur=1
content-length
19827
expires
Fri, 13 Dec 2024 20:24:14 GMT
I2OAQYULQJDUPBRAQ2O6XAJD5Y.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/I2OAQYULQJDUPBRAQ2O6XAJD5Y.jpg?auth=f4a397d7c435fa431f40d5af28d698cf352c505df01f75252edf6f1b3899a13e&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9b34aab60bc8c097636dd38398590e81d458bdda50b06bf250eb6f3bb2ddfb37
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 21:12:38 GMT
server
Akamai Image Manager
x-serial
381
x-check-cacheable
YES
etag
"7bbc54b749a1b6367df003b5476871e9"
x-arc-request-id
0.4ef01002.1702663423.27d368b6
content-type
image/avif
cache-control
private, no-transform, max-age=31460920
server-timing
cdn-cache; desc=HIT, edge; dur=28, origin; dur=0, ak_p; desc="1702663423813_34664526_668166326_2907_8896_10_0_146";dur=1
content-length
20641
expires
Fri, 13 Dec 2024 21:12:23 GMT
ULIWOHBKKFAITO3MHX4GVMZCTE.bmp
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ULIWOHBKKFAITO3MHX4GVMZCTE.bmp?auth=a68148e206393922bb56920860e9e31adc55a167932eeca03b8419af5f86962c&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5b4f9cffdd7f6ac1d0d615f65024064a9f261e21e448e110f279aea148e6da39
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 23:42:16 GMT
server
Akamai Image Manager
x-serial
1346
x-check-cacheable
YES
etag
"69182ab92a84a201fdbfbd8f63011e67"
x-arc-request-id
0.4ef01002.1702663423.27d368b7
content-type
image/avif
cache-control
private, no-transform, max-age=31469925
server-timing
cdn-cache; desc=HIT, edge; dur=26, origin; dur=0, ak_p; desc="1702663423812_34664526_668166327_2519_9012_8_0_146";dur=1
content-length
10193
expires
Fri, 13 Dec 2024 23:42:28 GMT
SNKGWGON6VF3FGAKE4DXIEI6HI.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/SNKGWGON6VF3FGAKE4DXIEI6HI.jpg?auth=9693bb4d549e8f4408eff1e4509d063018738a269ff2e41a014264a3ad30acb4&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ec7bbd80a20739e0e95342a018f055bb6d7104aa9f21a123485520070664e150
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 19:55:08 GMT
server
Akamai Image Manager
etag
"5b0a2dbaccb1dfcdebc91061f32c520a"
x-arc-request-id
0.4ef01002.1702663423.27d368b8
content-type
image/avif
cache-control
private, no-transform, max-age=31456299
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1702663423812_34664526_668166328_647_8864_7_0_146";dur=1
content-length
21569
expires
Fri, 13 Dec 2024 19:55:22 GMT
NCZZWGJDF5HKDL422RITGIXIJM.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/NCZZWGJDF5HKDL422RITGIXIJM.jpg?auth=434de340c6b697a8f27c6aefaed2fb52671649f19e76a86b4f2453704b47dd0d&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
593feb16e7310f6ec96f40794a8f32efeed162b216d20ab61a4cc6178da5f261
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Tue, 12 Dec 2023 10:18:20 GMT
server
Akamai Image Manager
x-serial
727
x-check-cacheable
YES
etag
"944866ce3e341cf85ac61b532ff1348b"
x-arc-request-id
0.4ef01002.1702663423.27d368b9
content-type
image/avif
cache-control
private, no-transform, max-age=31248752
server-timing
cdn-cache; desc=HIT, edge; dur=29, origin; dur=0, ak_p; desc="1702663423812_34664526_668166329_2947_9170_10_0_146";dur=1
content-length
10939
expires
Wed, 11 Dec 2024 10:16:15 GMT
B3QIDSQJFNAGPKUX3MLECVJUAE.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/B3QIDSQJFNAGPKUX3MLECVJUAE.png?auth=0dc914ac9e61ead55a371e3cd472726d57ba3b89b7fddfd7b483423ee5838ad2&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4bd0b039a1ab966889e5df5946799add86c82b348316216b22e2dd62856944f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 18:37:48 GMT
server
Akamai Image Manager
x-serial
1777
x-check-cacheable
YES
etag
"1b6599b6647c214a53ca7cd3edac376e"
x-arc-request-id
0.4ef01002.1702663423.27d368ba
content-type
image/avif
cache-control
private, no-transform, max-age=31451556
server-timing
cdn-cache; desc=HIT, edge; dur=16, origin; dur=0, ak_p; desc="1702663423812_34664526_668166330_1568_8822_7_0_146";dur=1
content-length
15502
expires
Fri, 13 Dec 2024 18:36:19 GMT
7RT2UHALSJBV5NFIDKIIGC7U3A.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/7RT2UHALSJBV5NFIDKIIGC7U3A.jpg?auth=2dabcf6840bdd61e85492db8801a1a0182f180536d2e773f9fe5182551c1e92d&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c509be37bdfb00f2faa69c9a8e6e9c0cbfd021d24f23e109bb3ebfe1bb929e60
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 19:19:02 GMT
server
Akamai Image Manager
etag
"6ec0c84e7fffad318eadb95188f04a80"
x-edgeconnect-cache-status
1
x-arc-request-id
0.4ef01002.1702663423.27d368bc
content-type
image/avif
cache-control
private, no-transform, max-age=31454233
server-timing
cdn-cache; desc=HIT, edge; dur=195, origin; dur=0, ak_p; desc="1702663423813_34664526_668166332_19455_9423_9_0_146";dur=1
content-length
14194
expires
Fri, 13 Dec 2024 19:20:57 GMT
5HRCUTHOUZCUHMZX6E63O7QEKY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/5HRCUTHOUZCUHMZX6E63O7QEKY.jpg?auth=5b51b74c5e8fda8bf28398fe620fb4a23d75d8a3bcfc7a1ce7381ac802f0b7e7&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ec7679d6d29b15719ee656bd5e67fe006ae97e5c0704f8d6ddd245ed361436a5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Tue, 12 Dec 2023 11:21:18 GMT
server
Akamai Image Manager
etag
"2d6cd9cd2711ce3f44160d9102f11d5b"
x-arc-request-id
0.4ef01002.1702663423.27d368be
content-type
image/avif
cache-control
private, no-transform, max-age=31252526
server-timing
cdn-cache; desc=HIT, edge; dur=24, origin; dur=0, ak_p; desc="1702663423813_34664526_668166334_2422_13748_10_0_146";dur=1
content-length
28008
expires
Wed, 11 Dec 2024 11:19:09 GMT
GM7OBGDJSVYZBRDNNHGUVYNMPQ.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/GM7OBGDJSVYZBRDNNHGUVYNMPQ.jpg?auth=f807080f22e0f3ed86feceaaa28e46f2a002cd7a682f39f4b7042b8466d8da90&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b33e910ec4484710548384d4fdf7bed5bc864ba8af1b818086c530c371a58d17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 16:04:13 GMT
server
Akamai Image Manager
etag
"a9fa08ec50c2725511d70b4902759cf4"
x-arc-request-id
0.4ef01002.1702663423.27d368bf
content-type
image/avif
cache-control
private, no-transform, max-age=31442515
server-timing
cdn-cache; desc=HIT, edge; dur=10, origin; dur=0, ak_p; desc="1702663423813_34664526_668166335_1125_8586_7_0_146";dur=1
content-length
19018
expires
Fri, 13 Dec 2024 16:05:38 GMT
QIQCPFSWLNB7VAA7U6FUP6PZBE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/QIQCPFSWLNB7VAA7U6FUP6PZBE.jpg?auth=e37ac08e9efefe9793c0d0dea4a7a513e229d5f53cca08a965a47ca5f222d638&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5aec68c8b080515c3ca98f7465a63204af99556ae6f2b8f33f73c08da2cdb12b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 10:18:29 GMT
server
Akamai Image Manager
x-serial
361
x-check-cacheable
YES
etag
"06fee1453026dd6c9fba05a8789ffea9"
x-arc-request-id
0.4ef01002.1702663423.27d368c0
content-type
image/avif
cache-control
private, no-transform, max-age=31421644
server-timing
cdn-cache; desc=HIT, edge; dur=24, origin; dur=0, ak_p; desc="1702663423813_34664526_668166336_2471_9342_8_0_146";dur=1
content-length
10606
expires
Fri, 13 Dec 2024 10:17:47 GMT
VQ2ZFR6K75CEZMH47C6WVCIO3I.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/VQ2ZFR6K75CEZMH47C6WVCIO3I.jpg?auth=5d5a0abf9b14b33ad8233e42a3f85281a380fba0a505ede1033aebe97b392d31&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7833516acca930521def5b1e9586064f95aad52f9da5133effff8fe7cc623268
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 14:03:25 GMT
server
Akamai Image Manager
x-serial
613
x-check-cacheable
YES
etag
"6c4624e50168828f4a77269b4f38868e"
x-arc-request-id
0.4ef01002.1702663423.27d368c1
content-type
image/avif
cache-control
private, no-transform, max-age=31435150
server-timing
cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="1702663423813_34664526_668166337_1176_8598_7_0_146";dur=1
content-length
24824
expires
Fri, 13 Dec 2024 14:02:53 GMT
BNKLWRBCMNEZ5CKJFEZH26BPFI.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/BNKLWRBCMNEZ5CKJFEZH26BPFI.png?auth=801774b2faa4ea10b7b10d31604d28ab002b282e112a0420c13fc474bab41279&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d247a0ee3081c2f2ccba6be6b27788bf7dc1aea91e6751095ca0f0305bf17809
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 08:26:32 GMT
server
Akamai Image Manager
etag
"7146ba7b863a809247fd434bc5f7556d"
x-arc-request-id
0.4ef01002.1702663423.27d368c2
content-type
image/avif
cache-control
private, no-transform, max-age=31414967
server-timing
cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, ak_p; desc="1702663423813_34664526_668166338_1523_8577_7_0_146";dur=1
content-length
36534
expires
Fri, 13 Dec 2024 08:26:30 GMT
MFWU3CWYUVCAVFTMUE7RADWFFY.bmp
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MFWU3CWYUVCAVFTMUE7RADWFFY.bmp?auth=78e07446adc1798a005f6b04481dcbf1ca1de55b3259c7b7cc8401c9cb4b0031&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4fdbceb89e5935d469bbd06461e0d4a8ea77fbb676a3c70370afd6a3abb66b86
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 08:26:25 GMT
server
Akamai Image Manager
etag
"f778b270de66754ea3898262d3736dfc"
x-arc-request-id
0.4ef01002.1702663423.27d368c3
content-type
image/avif
cache-control
private, no-transform, max-age=31415020
server-timing
cdn-cache; desc=HIT, edge; dur=25, origin; dur=0, ak_p; desc="1702663423815_34664526_668166339_2715_10896_10_0_146";dur=1
content-length
42686
expires
Fri, 13 Dec 2024 08:27:23 GMT
B2DPH2VWHZGIHBOYICW5EBUGSQ.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/B2DPH2VWHZGIHBOYICW5EBUGSQ.png?auth=2bdb4acba36fe96233d90106299ebe74ef53466d63a158dc443641f7b88e7137&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
829757b09694cd2f23ec049863d1e83b44cb5996dedce234a4ed23d0316bbbe9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 08:24:49 GMT
server
Akamai Image Manager
x-serial
1577
x-check-cacheable
YES
etag
"da66dea8a2ed961682dbcb641c5616e7"
x-arc-request-id
0.4ef01002.1702663423.27d368c4
content-type
image/avif
cache-control
private, no-transform, max-age=31414906
server-timing
cdn-cache; desc=HIT, edge; dur=16, origin; dur=0, ak_p; desc="1702663423813_34664526_668166340_1634_8681_7_0_146";dur=1
content-length
14745
expires
Fri, 13 Dec 2024 08:25:29 GMT
FQYSPOJGKNHSVMMF3XMVYUYPCY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/FQYSPOJGKNHSVMMF3XMVYUYPCY.jpg?auth=5e5b2edc06cc0f70b6c516ef159684fc5eb4ae4ca17bbd995e255df35acf9a85&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
179ead95645da3c6c9383919bc6c1474a3832dfc733cc3e05e2f99503fd5d8e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 08:24:50 GMT
server
Akamai Image Manager
etag
"63f55a99930f08b7868f5672cec2ae10"
x-arc-request-id
0.4ef01002.1702663423.27d368c5
content-type
image/avif
cache-control
private, no-transform, max-age=31414895
server-timing
cdn-cache; desc=HIT, edge; dur=22, origin; dur=0, ak_p; desc="1702663423813_34664526_668166341_2234_13198_9_0_146";dur=1
content-length
28600
expires
Fri, 13 Dec 2024 08:25:18 GMT
ITOJPTUP7FAGHFKQRVUPIHEMRI.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ITOJPTUP7FAGHFKQRVUPIHEMRI.jpg?auth=769ab6c04fb85a4052eedddff35e07b988f1423001d0d0dfa82976889cfb0794&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a707a5968189b1c2df7e2128d3827528eb7f06c41775002929a01f14bf119d6b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 13 Dec 2023 21:51:05 GMT
server
Akamai Image Manager
etag
"758fb4a020aa59f57d98d29c3b6117ab"
x-arc-request-id
0.4ef01002.1702663423.27d368c6
content-type
image/avif
cache-control
private, no-transform, max-age=31376906
server-timing
cdn-cache; desc=HIT, edge; dur=194, origin; dur=0, ak_p; desc="1702663423813_34664526_668166342_19436_12853_9_0_146";dur=1
content-length
25137
expires
Thu, 12 Dec 2024 21:52:10 GMT
45LC32AEYJBNZPA2OC64PBDT2U.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/45LC32AEYJBNZPA2OC64PBDT2U.png?auth=53818e82ecfe2a5067b42208310d57284a572714e57f0626f95441612f013055&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e4f2089638ba79d8c06048430413378bb30c336be5f2b2573291e2a7c8415b84
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 13 Dec 2023 19:51:27 GMT
server
Akamai Image Manager
etag
"496bc219994b06a1e4caa2624dc4a363"
x-arc-request-id
0.4ef01002.1702663423.27d368c7
content-type
image/avif
cache-control
private, no-transform, max-age=31369803
server-timing
cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, ak_p; desc="1702663423813_34664526_668166343_1573_13197_7_0_146";dur=1
content-length
38405
expires
Thu, 12 Dec 2024 19:53:46 GMT
YBOC6EE7QVC3JB7BQZLBC7PLBI.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/YBOC6EE7QVC3JB7BQZLBC7PLBI.jpg?auth=fc5800223bec32142236f3eebcfdf929bae5e4e69b220a122cd668a08fda1470&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7a4c8fc173c2a42476bc5987f3f045a45c2ec067ce14c68dddd85c604611c67d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 13 Dec 2023 22:31:41 GMT
server
Akamai Image Manager
x-serial
1633
x-check-cacheable
YES
etag
"1c09173b6a77670030154a0456d41384"
x-arc-request-id
0.4ef01002.1702663423.27d368c8
content-type
image/avif
cache-control
private, no-transform, max-age=31379162
server-timing
cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, ak_p; desc="1702663423813_34664526_668166344_1508_13050_7_0_146";dur=1
content-length
26381
expires
Thu, 12 Dec 2024 22:29:45 GMT
MPTVW77XSW2N4566K6ZGWL5GPY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MPTVW77XSW2N4566K6ZGWL5GPY.jpg?auth=caa2a40740a11d4ff11ed87a8d88d2d6d9257840ec0d11f141644648859dcea4&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
384f960ee1afb7f74397b7eb922a45e488c22332c62a9b25c159c1158111692c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 13 Dec 2023 18:19:06 GMT
server
Akamai Image Manager
x-serial
889
x-check-cacheable
YES
etag
"ac8270be9f6fef9d5252560d2164fc98"
x-arc-request-id
0.4ef01002.1702663423.27d368c9
content-type
image/avif
cache-control
private, no-transform, max-age=31364184
server-timing
cdn-cache; desc=HIT, edge; dur=195, origin; dur=0, ak_p; desc="1702663423813_34664526_668166345_19460_9290_9_0_146";dur=1
content-length
13554
expires
Thu, 12 Dec 2024 18:20:08 GMT
TBOZ76I5XFCX7GF32VP62HFZ6Q.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/TBOZ76I5XFCX7GF32VP62HFZ6Q.jpg?auth=44597e68a2208f307285f811946b8c5306cefc4727c4b7664c0275e05758392a&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0abf4b657c7a21c13aaed04ea5c6d03ecdcb5c3acf04da23eaf2c67af65b7668
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Tue, 12 Dec 2023 05:01:17 GMT
server
Akamai Image Manager
etag
"539ddd3a074d13797dff0868fbc357dc"
x-arc-request-id
0.4ef01002.1702663423.27d368ca
content-type
image/avif
cache-control
private, no-transform, max-age=31229593
server-timing
cdn-cache; desc=HIT, edge; dur=194, origin; dur=0, ak_p; desc="1702663423813_34664526_668166346_19396_12960_9_0_146";dur=1
content-length
6962
expires
Wed, 11 Dec 2024 04:56:57 GMT
RZE767VC4ZAVPLTVWZET4QRRGU.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/RZE767VC4ZAVPLTVWZET4QRRGU.jpg?auth=ba632a52f4cc583a204ad2253ae547b8e92bd5face050d4c490e74909ff1affa&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1955ca11feebf419a1cd26025fdfaaab7a67ed493016d853be8697ad3434d301
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 13 Dec 2023 19:57:13 GMT
server
Akamai Image Manager
x-serial
1841
x-check-cacheable
YES
etag
"4828ba763e2e4fef995646328acd2693"
x-arc-request-id
0.4ef01002.1702663423.27d368cb
content-type
image/avif
cache-control
private, no-transform, max-age=31370126
server-timing
cdn-cache; desc=HIT, edge; dur=21, origin; dur=0, ak_p; desc="1702663423813_34664526_668166347_2169_12967_8_0_146";dur=1
content-length
25643
expires
Thu, 12 Dec 2024 19:59:09 GMT
v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw
reconditerespect.com/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reconditerespect.com/v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
40572e2870859e9bc07c0f3926541e4f071dba735921d38ba47633497446c216
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 15 Dec 2023 18:03:43 GMT
x-datacenter
gce-europe-west1
etag
"ea2176d5dfaa8f6e5021b724f298648815318f559ed25564c48e82ffaec4f615"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-zlrc
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2sglPwD6cv16a0cnFC0rQ1CHpbVfM07j9ojCzxSbHxiBayPvsnqIuSLXL0EjVtTQDR7yhgNv36s
reconditerespect.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reconditerespect.com/v2sglPwD6cv16a0cnFC0rQ1CHpbVfM07j9ojCzxSbHxiBayPvsnqIuSLXL0EjVtTQDR7yhgNv36s
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
53b988c3d873cd2c0c14d099834524858337e92c5a0a69884f102468a3d469a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Fri, 15 Dec 2023 18:03:43 GMT
x-datacenter
gce-europe-west1
etag
"f9d72b2af7cf431988ddca3811b8e1144e6b4353ce5a7d12d3070e0f2df518a7"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-zlrc
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.149.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-149-113.txl52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 fe14b43a6dfec5fc809a25185c7fce42.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 18:00:16 GMT
x-amz-cf-pop
TXL52-C1
age
2160
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Z6zKH5EoRfXY24bYrL1sEalsKm3DN5imLuqW1JoNhxm8d76I6VHt4A==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161733/6819/ 		535 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
01b83ab9dd12f79d5f3ec8b655c274567e016aacc9f3341ba33947bc269ce41a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2023 14:41:30 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=125780
accept-ranges
bytes
content-length
165409
expires
Sun, 17 Dec 2023 05:00:03 GMT
sdk.js
api-esp.piano.io/public/sdk/v04/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
15496
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 10 Oct 2023 08:51:13 GMT
server
cloudflare
etag
W/"1bbec-18b18c87a69"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
83609adef8e64da2-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sat, 14 Dec 2024 18:03:43 GMT
gtm.js
www.googletagmanager.com/ 		227 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
92e3563c6a93f2d3b97e374afb2903a048100b2407b61c39830eed2bc22c6155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66774
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 18:03:43 GMT
loader.js
cdn.taboola.com/libtrc/meredith-network/ 		1 MB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
040c78d841eae99549ecfe2bc5348dc251601cc0cbd152e993808472cacf750a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9m4gCxFK1kljirtO.bout6ooYLbFumWm
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:43 GMT
x-amz-request-id
TRN9KT80TWT1HD28
age
7068
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
23
x-amz-replication-status
PENDING
content-length
87309
x-amz-id-2
ZTZXEoSn1F2zxBKCWjwlL857flRbINIc/sQoj8RofW7tf33rIsq6GJezd4fPQ9jfU+FsSLWL65Q=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Fri, 15 Dec 2023 16:04:27 UTC
server
nginx
x-timer
S1702663424.952309,VS0,VE2
etag
"9aab0b631a9921c500e53962acae70acef269463"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
18
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
newsroom.js
c2.taboola.com/nr/graytv-wvirnbc29/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/graytv-wvirnbc29/newsroom.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42963e20b8df6dff7886465257fe87c44a0e83d6b91cb2ef458f4129d71d0e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:44 GMT
x-amz-request-id
E4T5308YXP4D44D9
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17724
x-amz-id-2
b4GU8IKYq/17GJNYXuPKs18cbZ7IglU2nmhqBHQPo17V6xGthuH03sB/AY0mQai8ONQuwRlTM68=
x-served-by
cache-fra-eddf8230078-FRA
last-modified
Thu, 30 Nov 2023 20:08:58 GMT
server
AmazonS3
x-timer
S1702663424.112996,VS0,VE209
etag
"4c7297fc357ed14ce2091d8eaf90fa48"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-cache-hits
1
47DAA-RMGFC-4U4YY-9C4XF-UTQN5
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/47DAA-RMGFC-4U4YY-9C4XF-UTQN5
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Fri, 08 Dec 2023 05:55:35 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
wvir.jpg
www.29news.com/pf/resources/images/mastheads/backgrounds/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.29news.com/pf/resources/images/mastheads/backgrounds/wvir.jpg?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c038356f5dd062dc662f8b140c3fe86b5f1726ccc4c83edfc2022c02f6adc356
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
x-check-cacheable
YES
x-arc-request-id
0.a8163017.1702663423.aebd340
server-timing
cdn-cache; desc=HIT, edge; dur=214, origin; dur=0, ak_p; desc="1702663423830_389027496_183227200_21349_30283_8_0_146";dur=1
content-length
52730
last-modified
Thu, 14 Dec 2023 16:40:58 GMT
server
Akamai Image Manager
x-serial
1567
etag
W/"dc617ededc1a6f4d944c275e2275789e"
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31444687
expires
Fri, 13 Dec 2024 16:41:51 GMT
wvir.svg
www.29news.com/pf/resources/images/mastheads/logos/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.29news.com/pf/resources/images/mastheads/logos/wvir.svg?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
66d7b2344b1aef077bbf6359f32faa055b4cba8d9f2d873a6b9cc04330f01749
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
EWR53-P1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.a8163017.1702663423.aebd342
server-timing
cdn-cache; desc=HIT, edge; dur=78, origin; dur=0, ak_p; desc="1702663423830_389027496_183227202_7787_3057_6_0_219";dur=1
content-length
2884
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"8946c09575006a782d182025491807b7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
u-BI4tN1fJBdybhigngjOaduSmVs1E4IBD3ioaldx-6vatpqmPHXEA==
expires
Sat, 14 Dec 2024 18:03:43 GMT
privacyOptionsIcon.svg
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/privacyOptionsIcon.svg?d=376
Requested by
Host: gray-wvir-prod.cdn.arcpublishing.com
URL: https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
ORD58-P3
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4ef01002.1702663423.27d368e5
server-timing
cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="1702663423831_34664526_668166373_773_5144_7_0_146";dur=1
content-length
781
last-modified
Thu, 14 Dec 2023 16:19:49 GMT
server
openresty
etag
W/"8051dee1dd72e78a9528a16c062cff66"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
5Nf5XTV97qlEKJeyf10z4kN3MWzDZZKkxJ27ZMn__6zegT_wVK3-cA==
expires
Sat, 14 Dec 2024 18:03:43 GMT
grayLogoHorizontal.svg
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=376
Requested by
Host: gray-wvir-prod.cdn.arcpublishing.com
URL: https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 15 Dec 2023 18:03:43 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
IAD50-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4ef01002.1702663423.27d368ef
server-timing
cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1702663423838_34664526_668166383_392_4724_8_0_146";dur=1
content-length
5010
last-modified
Thu, 14 Dec 2023 16:19:49 GMT
server
openresty
etag
W/"4228f26a863969873e28bcee1a6a4ded"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
LNC4BC4yonucfnPAqyOIgTO59hLey_7qFAZ5diZ3yiF1xgxweLKy3Q==
expires
Sat, 14 Dec 2024 18:03:43 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 		153 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
248269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
156496
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-26350"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0j%2FMtrQMieY48mC%2BpaKJNCG6PpaG6pv1cbZ8Vw%2BrznOxd3I6CUIOR0enwEjVnpGeC0IGzkDCvasByQ9xWSbdM354Tcve8XgablFZd6EbQNt8EaB%2BVPzKWnFiU7G%2FK6RVblm88EGb08TnK9JSF4VMAAy%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83609adf0fff3612-FRA
expires
Wed, 04 Dec 2024 18:03:43 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a302b34ce783fda0c1a493fe5161d2222b71d2409accaa88d454b866ba807ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1262419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25452
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-636c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cMVB68tHVDNPgIzfyzNoZahclMXq1%2F1QH1kIJfwxxUeBID1wKptinlK1AgzKuBiyI2OhFNMsZMKyCAeS1L0XM%2FtqyC4AaVMkL9v5iuAbyIF9GXHQaXDa5co434l8fyZZjHhKNhQvrxo8B51%2Fqtqkpmp"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83609adf0ffa3612-FRA
expires
Wed, 04 Dec 2024 18:03:43 GMT
7day.jpg
webpubcontent.raycommedia.com/wvir/weather/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpubcontent.raycommedia.com/wvir/weather/7day.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79fe15ad2d6100c55591e6a238ee20b224ca6eb75d7cf55785d63ef141da0cd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
120
date
Fri, 15 Dec 2023 18:03:44 GMT
last-modified
Fri, 15 Dec 2023 10:02:55 GMT
server
AmazonS3
x-amz-meta-user-agent-id
wvir@s-69172a5d8df84f908
x-amz-cf-pop
IAD79-C2
etag
"e596ca8c16cac95e84ade88aa3e6afc6"
x-amz-meta-user-agent
AWSTransfer
x-arc-request-id
0.867d1302.1702663424.12a5ecf7
content-type
image/jpeg
cache-control
private, max-age=60
server-timing
cdn-cache; desc=HIT, edge; dur=433, origin; dur=0, ak_p; desc="1702663423981_34831750_312863991_43207_8113_6_21_146";dur=1
content-length
34445
x-amz-cf-id
os7qvf5dHUja1nnexPJCUqbBa2UepaIlgIpdkkQFfdORxhAEOx2x8w==
expires
Fri, 15 Dec 2023 18:04:44 GMT
jquery-2.2.0.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7861224
x-cache
HIT, HIT
content-length
29875
x-served-by
cache-lga21967-LGA, cache-fra-etou8220037-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702663424.044697,VS0,VE0
etag
W/"28feccc0-14e55"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
13, 37107
wvir.calendar
tockify.com/ Frame AA5A 		0
0
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 15:55:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7175
etag
"4c9d5a55c95da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gfu5YSYVKLF7sIP%2B6SwgZF%2FFAwmgXugM4XvSWAfriY5oW4spqpySNoSt0jbsEMMD%2BflupiVlgBKGJY%2BE%2Baypv%2FS27pBAvjmBO9rYZf%2Byd5Sdc1Jn0dpsROLirlcNnhfuemcjdh3HOWhkbEpuIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
83609ae01ae5195c-FRA
content-length
816
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=nbc29.com&p=29news.com&u=CfsacTDasXrj6xk3K&d=29news.com&g=39189&g0=%2Fhomepage&g1=No%20Author&g4=section&n=1&f=00001&c=0&x=0&m=0&y=7009&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.29news.com%2F&b=2269&t=DY6Qk2CG1JoxVIoHaCMUrGTBmkStX&V=142&i=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&tz=-60&sn=1&sv=CiwWKDQKVNHDIddH5cMeFbDTDc5d&sr=external&sd=1&im=06072ffa&_
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.52.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-52-235.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
framework.css
www.burst.com/webapps/embed/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.burst.com/webapps/embed/framework.css
Requested by
Host: www.burst.com
URL: https://www.burst.com/webapps/embed/framework.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.103.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-103-72.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Qu8MEetew_9Ci7_W6T894OBW0f_93GQS
content-encoding
gzip
via
1.1 98b89ed6771805fd5b6d059738f20206.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 18:03:44 GMT
last-modified
Tue, 12 Dec 2023 14:49:56 GMT
server
AmazonS3
x-amz-cf-pop
TXL50-P3
age
48
etag
W/"72f8f831414cf37903a38162b0291620"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=10800
x-amz-cf-id
uN5D3F1lVSFEONmVKtAtyT6DrM_vWzbs6Iba-SX0HmAhjLslI0vFGA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c02f264a42cf5db3e5cbe304c001d03a311661f5af442afc52d0f2366266371a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29098
x-xss-protection
0
server
cafe
etag
835 / 19706 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 18:03:44 GMT
3793
config.aps.amazon-adsystem.com/configs/ 		532 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3793
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-79.ams54.r.cloudfront.net
Software
CloudFront /
Resource Hash
0d39bbdcae43253b7e0d7a69841e70d8781ac7aaca5cd9a20fc9edbf5c643e76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:35:18 GMT
via
1.1 6e44e48abc671a9155ea845c36f68920.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS54-C1
age
1706
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
DOOv834XEoud3a4htMOEZJVtcigMYbLFqWxmZEdjrdbsFbpJWhkjUg==
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3793&u=https%3A%2F%2Fwww.29news.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.149.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-149-113.txl52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 16:41:09 GMT
via
1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
TXL52-C1
age
4954
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.29news.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Kx9WEr-3DS7dxJdI988YDmZ2yHKseT9AUSgxFGmnuv45HkYX-BGMXg==
wvir.calendar
tockify.com/ Frame 3207 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tockify.com/wvir.calendar
Requested by
Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.61.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-61-246.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b5be35c4730e85c556511d6d2576c8e73c92906ba75804dece48c79857ff5c01
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allowall
X-Xss-Protection 1; report=/api/csp-report/5f3f05c46e0627d2acfe4857ed84e8fc8dde6ef2

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-encoding
br
content-type
text/html;charset=utf-8
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
Fri, 15 Dec 2023 18:03:44 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=300; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
allowall
x-proxy-cache
HIT
x-xss-protection
1; report=/api/csp-report/5f3f05c46e0627d2acfe4857ed84e8fc8dde6ef2
wx-current-conditions-v3
www.29news.com/pf/api/v3/content/fetch/ 		332 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/pf/api/v3/content/fetch/wx-current-conditions-v3?_website=wvir&filter=%7B%0A++imperial+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A++metric+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A%7D
Requested by
Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
981f918f3a2a769e6b57605882059a9102ad0b0de2e1467d56c8ddda9095626e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
25, 25
x-arc-pb-request-id
603dc966-8447-42c9-a46a-99643705f623, 603dc966-8447-42c9-a46a-99643705f623
content-encoding
gzip
date
Fri, 15 Dec 2023 18:03:44 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
MIA3-P6
strict-transport-security
max-age=86400
x-arc-request-id
0.a8163017.1702663424.aebd5a5
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=415, origin; dur=54, ak_p; desc="1702663424101_389027496_183227813_47123_2190_8_0_219";dur=1
content-length
191
last-modified
Fri, 15 Dec 2023 18:01:13 GMT
server
openresty
etag
W/"14c-sgv1i86dN+0YNA80aW1F6DyDbuo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=0
x-amz-cf-id
Xr3VWfXNCrcEOfFqsIsswglgJRwu0iDi45NtSIw2qvDK7iL-EgG7_g==
expires
Fri, 15 Dec 2023 18:03:44 GMT
WVIR_poll.json
s3.amazonaws.com/grayfilestore-wvir/gpollData/ 		16 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/grayfilestore-wvir/gpollData/WVIR_poll.json?rnd=320777&arc-site=wvir
Requested by
Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.182.74.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
46be8ce52fecfdee4715f55f764c2de0bc4ca0903c75c9e08f0bd86e1f37e419

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 18:03:45 GMT
Last-Modified
Mon, 09 Aug 2021 19:20:25 GMT
Server
AmazonS3
x-amz-request-id
WQT2KW4FCY69BXKA
ETag
"1ed55897beeab14ca466d97dc048f79e"
Access-Control-Max-Age
3600
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
16
x-amz-id-2
fVaXuxIaCMLQ0wxuRSLGGZPdr9BBqioLfrKa10FpELJEBsAuhNIbgBkIpL5Tw+t3+CKDUfihBLY=
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/161733/6819/ 		9 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/161733/6819/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbaf73b17df4502b13e2338b607ffe9e05eeaff41c340977be65aa9d4682420b

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
gzip
last-modified
Fri, 15 Dec 2023 14:40:05 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=2230
access-control-allow-credentials
true
accept-ranges
bytes
content-length
746
expires
Fri, 15 Dec 2023 18:40:54 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_7435261
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 8be6e843d0ee8ff03a0a07d811ce5bf8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
347641
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
XiPQImYn6vepR9fQ_kgTzLsyRzDxgc_IDgMpbbyzDjYwhuCZTSojyA==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		160 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nbc29.com&domain=29news.com&path=%2F29news.com
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3d9fa4b41ab500d0edb279e71568c7a3a141c34d879da27d3a60baed756e475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1
date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
623
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
129
x-served-by
cache-fra-eddf8230106-FRA
x-timer
S1702663424.151927,VS0,VE2
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Wed, 13 Dec 2023 17:53:21 GMT
impl.20231214-9-RELEASE.js
cdn.taboola.com/libtrc/ 		820 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
48b3c9773a97bd00a751c09a47e3606a5eddd6f6fd64cb203b61c6c95ca46143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
C2BWvNaNjPeGDmk71rQiWjjd24F1jAiS
content-encoding
br
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:44 GMT
x-amz-request-id
P6FDX2XADHWD8EBC
age
27055
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173948
x-amz-id-2
ScM5CK/UiUX4jm5QHBrg/JhgNZhNT9whEhFQ/Rpih+JBmtcro59IWGNwSwW1M3IaHbotxe3Jk3U=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 10:25:12 GMT
server
AmazonS3-br
x-timer
S1702663424.152910,VS0,VE0
etag
"d2bbcfa496a6b16f3403985c047b4588"
vary
Accept-Encoding
content-type
application/javascript
abp
53
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
116
gtm.js
www.googletagmanager.com/ 		220 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58WCCRN&l=RCdataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
daf6a07714c428068cd3728fa53c9e819c3fde4b35cce89bc2d8d88b452a90df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74679
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 18:03:44 GMT
441
api-esp.piano.io/publisher/fusion/lucid/data/ 		2 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/441?email=&visitor=&stored_visitor=&pnespid=
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c43599361b32526bbdd006963950ea20b51d70db4b465b81c4c4660d913ac87
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"77a-VteRMUm4gBmlwsObMV2t8lbAIz4"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
83609ae22da14da2-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
441
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/441?email=&visitor=&stored_visitor=&pnespid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.29news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83609ae159648fd1-FRA
date
Fri, 15 Dec 2023 18:03:44 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
HEUFV3NF4JD5DIHECFIUBXL6EU.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/Sul4bhvKqvlMbe6r3-bj-hjiznI=/arc-photo-gray/arc3-prod/public/ 		356 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/Sul4bhvKqvlMbe6r3-bj-hjiznI=/arc-photo-gray/arc3-prod/public/HEUFV3NF4JD5DIHECFIUBXL6EU.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1eb12c64933bfb56ae7bb304b7fb3bc74a834099b9120c6cec15cbae47e5bea2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:57:34 GMT
server
Akamai Image Manager
etag
"d58c539e34592c19a1553ef1e1c8410b92b4da21"
x-arc-request-id
0.4ef01002.1702663424.27d36c12
content-type
image/avif
cache-control
private, no-transform, max-age=30858878
server-timing
cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1702663424208_34664526_668167186_561_6735_11_0_146";dur=1
content-length
364184
expires
Fri, 06 Dec 2024 21:58:22 GMT
VJD7SQENYJFDZNJIGRC43Z5NRM.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/H4xP_iSFVzqGptfijrUPfCHD3n0=/arc-photo-gray/arc3-prod/public/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/H4xP_iSFVzqGptfijrUPfCHD3n0=/arc-photo-gray/arc3-prod/public/VJD7SQENYJFDZNJIGRC43Z5NRM.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9a64421605751d54fb234f9074079b0e65a9c976c8dbdffdbaa633a4d7dfd28a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 08 Nov 2023 01:48:39 GMT
server
Akamai Image Manager
etag
"bef336be3eaeb1a7e1b3bdb2f5f9016bc72f4002"
x-arc-request-id
0.4ef01002.1702663424.27d36c13
content-type
image/avif
cache-control
private, no-transform, max-age=30632160
server-timing
cdn-cache; desc=HIT, edge; dur=11, origin; dur=0, ak_p; desc="1702663424208_34664526_668167187_1147_6049_11_0_146";dur=1
content-length
121543
expires
Wed, 04 Dec 2024 06:59:44 GMT
CXHM6ZZ7PVBLHJI7XM4ZMKHYVI.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/Lv5Y8Z2udk0ZL6XeD7_WImGsu6k=/arc-photo-gray/arc3-prod/public/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/Lv5Y8Z2udk0ZL6XeD7_WImGsu6k=/arc-photo-gray/arc3-prod/public/CXHM6ZZ7PVBLHJI7XM4ZMKHYVI.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
69c9c7972745e942e10c40a8342e85ca9e3dcf5af2689d3f7a37d536cd635b17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:59:01 GMT
server
Akamai Image Manager
x-serial
1487
x-check-cacheable
YES
etag
"e6e5eab4021fee8fca3b45104390d702f7f63062"
x-arc-request-id
0.4ef01002.1702663424.27d36c2d
content-type
image/avif
cache-control
private, no-transform, max-age=30858851
server-timing
cdn-cache; desc=HIT, edge; dur=16, origin; dur=0, ak_p; desc="1702663424215_34664526_668167213_1666_5677_14_0_146";dur=1
content-length
40947
expires
Fri, 06 Dec 2024 21:57:55 GMT
S7FQB57LCJAZHICBTZG2N5AA5Y.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/SwLjQiv8gJMyFszlIWaH-9oW7XI=/arc-photo-gray/arc3-prod/public/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/SwLjQiv8gJMyFszlIWaH-9oW7XI=/arc-photo-gray/arc3-prod/public/S7FQB57LCJAZHICBTZG2N5AA5Y.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a8cae91460a7edc608e6f397fad2e02bdfc361a3984caabd5c49bb3f82b2b104
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:50:52 GMT
server
Akamai Image Manager
x-serial
632
x-check-cacheable
YES
etag
"7154ed0b0643ab2932e5ccd0c28b83919e61cdb8"
x-arc-request-id
0.4ef01002.1702663424.27d36c2e
content-type
image/avif
cache-control
private, no-transform, max-age=30858358
server-timing
cdn-cache; desc=HIT, edge; dur=196, origin; dur=0, ak_p; desc="1702663424214_34664526_668167214_19569_6539_35_0_146";dur=1
content-length
50463
expires
Fri, 06 Dec 2024 21:49:42 GMT
BCI4FGORUZFK3MEJHGY6ETNQWM.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/_F753I4Wp1va_-nWuhFxxlav8uw=/arc-photo-gray/arc3-prod/public/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/_F753I4Wp1va_-nWuhFxxlav8uw=/arc-photo-gray/arc3-prod/public/BCI4FGORUZFK3MEJHGY6ETNQWM.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4ef54920cf0c52bc49c149f8378cc6bf1667ea9e653b5725cd1983c21dc8ca40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
x-check-cacheable
YES
x-arc-request-id
0.4ef01002.1702663424.27d36c2f
server-timing
cdn-cache; desc=HIT, edge; dur=14, origin; dur=0, ak_p; desc="1702663424214_34664526_668167215_1496_6378_13_0_146";dur=1
content-length
25599
last-modified
Fri, 15 Dec 2023 06:53:03 GMT
server
Akamai Image Manager
x-serial
1843
etag
"9836ad292acd0352a6d813fd60cbe835d922d1f3"
x-edgeconnect-cache-status
1
content-type
image/avif
cache-control
private, no-transform, max-age=31495772
expires
Sat, 14 Dec 2024 06:53:16 GMT
6HT5MDOOAZA3LFFT5DYRSGSCLY.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/RtnOTcM2H4Lhv3wY1i4dOnOpvAQ=/arc-photo-gray/arc3-prod/public/ 		354 KB
355 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/RtnOTcM2H4Lhv3wY1i4dOnOpvAQ=/arc-photo-gray/arc3-prod/public/6HT5MDOOAZA3LFFT5DYRSGSCLY.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ac2385054d54aaaaa1ab1a74929b654508aee4c06726ace247a020b318e2a904
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:54:04 GMT
server
Akamai Image Manager
etag
"15f2ee7b3bdf3c489b0048454f6003f5a2fb7bbc"
x-edgeconnect-cache-status
3
x-arc-request-id
0.4ef01002.1702663424.27d36c31
content-type
image/avif
cache-control
private, no-transform, max-age=30858692
server-timing
cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="1702663424214_34664526_668167217_1265_6322_11_0_146";dur=1
content-length
362462
expires
Fri, 06 Dec 2024 21:55:16 GMT
7G32DHW225DLHENVWLSPHCX4PQ.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/flC5_SyIqttXGu5ypE93KjfYn4M=/arc-photo-gray/arc3-prod/public/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/flC5_SyIqttXGu5ypE93KjfYn4M=/arc-photo-gray/arc3-prod/public/7G32DHW225DLHENVWLSPHCX4PQ.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0be9ea3282b9037d764f4c4b12ee0da74f6613310f3ff39bd9236b0c7f8e0d36
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:59:37 GMT
server
Akamai Image Manager
x-serial
1653
x-check-cacheable
YES
etag
"9c7c7ad36a1b2b04252629a0f0ca5866bc803544"
x-arc-request-id
0.4ef01002.1702663424.27d36c32
content-type
image/avif
cache-control
private, no-transform, max-age=30858918
server-timing
cdn-cache; desc=HIT, edge; dur=25, origin; dur=0, ak_p; desc="1702663424214_34664526_668167218_2535_6308_22_0_146";dur=1
content-length
37943
expires
Fri, 06 Dec 2024 21:59:02 GMT
GHR5IMKK35FQ7EZ7JXF7N246EE.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/NNqB_qUwpRdjD8hZtx061JEvWy8=/arc-photo-gray/arc3-prod/public/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/NNqB_qUwpRdjD8hZtx061JEvWy8=/arc-photo-gray/arc3-prod/public/GHR5IMKK35FQ7EZ7JXF7N246EE.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8dd30a683c4179f1cba9bf85ef3231bac1ed1ffde80ba7321fa154cb34967ef4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:56:17 GMT
server
Akamai Image Manager
etag
"09819c155f305090c45f770c758f5b97cb747d7a"
x-arc-request-id
0.4ef01002.1702663424.27d36c33
content-type
image/avif
cache-control
private, no-transform, max-age=30858836
server-timing
cdn-cache; desc=HIT, edge; dur=13, origin; dur=0, ak_p; desc="1702663424214_34664526_668167219_1316_5456_11_0_146";dur=1
content-length
42227
expires
Fri, 06 Dec 2024 21:57:40 GMT
MIN-516310.js
apv-launcher.minute.ly/api/launcher/ 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-516310.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.215.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.25.1 /
Resource Hash
66f807b4adc100789cbaea28bdd4b71ca60a1999d35d6d675a56f588c97b7e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 14 Dec 2023 14:10:15 GMT
date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
age
100408
x-cache
HIT, HIT
content-length
10830
x-xss-protection
1; mode=block
x-request-id
41ef9bf2-7746-4bc4-8718-bfd4b2c3e9be
x-served-by
cache-iad-kcgs7200088-IAD, cache-fra-eddf8230135-FRA
x-runtime
0.421016
referrer-policy
strict-origin-when-cross-origin
x-debug-req-method
GET
server
nginx/1.25.1
x-timer
S1702663424.335958,VS0,VE2
etag
W/"66f807b4adc100789cbaea28bdd4b71c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-debug-app-get
GET
x-debug-server-name
apv-launcher.minute.ly
access-control-allow-credentials
true
cache-control
max-age=30
accept-ranges
bytes
access-control-allow-headers
APP-GET,Content-Type
x-cache-hits
44, 1
spa-detector.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f71465fe82a54e04c86fb95fd62a67f92a74c88537a304a7aeeb3659bf59e9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
.ZcyW5IIGs7P7HZQG6e7hkKhdjPGAGEy
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:44 GMT
x-amz-request-id
14MJ4XSZS248RFE5
age
113319
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
L7YNjkzChb7Us1hjQj7Ec9r4lXa1+LzbTDHUvmqZ1G9eqOSlUYTGR68eodwN7LYHFUBb8+rpD3c=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 10:35:05 GMT
server
AmazonS3
x-timer
S1702663424.236418,VS0,VE0
etag
"a60bd91033ce8540f31b13a591554cfb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
12
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
126474
card-interference-detector.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29cf8c7bc1c0e3373f0b2d9634a35a1f9658c72a1e4d7ce6b6c178c2bf2e7a4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vGtkxEOxG_97LgMHR3DQhpw5TTapivwe
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:44 GMT
x-amz-request-id
BBF41T38XST9P2SH
age
113283
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2180
x-amz-id-2
5d6bI1Ft2T6Af4apCvXNNePCr+PV1ycWWy+hXID85SO8rjBbtRA9aQ0pw2hOgijKK6449iakhEE=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 10:35:40 GMT
server
AmazonS3
x-timer
S1702663424.236820,VS0,VE0
etag
"c5730794734b589c0fd10823beb6f595"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
70275
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
258823
expires
60
json
trc.taboola.com/graytv-wvirnbc29/trc/3/ 		125 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/graytv-wvirnbc29/trc/3/json?tim=19%3A03%3A44.241&lti=deflated&data=%7B%22id%22%3A674%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1702656228884%2C%22vi%22%3A1702663424238%2C%22cv%22%3A%2220231214-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.29news.com%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5861%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22orig_uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22cd%22%3A512.578125%2C%22mw%22%3A389.5%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22video-reel-sc%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Video%20Reel%20Homepage%22%2C%22orig_uip%22%3A%22Video%20Reel%20Homepage%22%2C%22cd%22%3A2235.640625%2C%22mw%22%3A841.328125%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A5455%2C%22mw%22%3A1270%7D%5D%2C%22ex%22%3A%5B%22%2F2023%2F12%2F15%2Fapplesauce-pouches-may-have-been-intentionally-contaminated-fda-official-says%2F%22%2C%22%2F2023%2F12%2F15%2Fcovenants-reese-dalton-maddie-gardiner-ready-run-unc%2F%22%2C%22%2F2023%2F12%2F15%2Fbiden-envoy-meet-with-abbas-us-floats-possible-palestinian-security-role-postwar-gaza%2F%22%2C%22%2F2023%2F12%2F15%2Fhundreds-used-microcat-during-initial-weeks-program-may-expand%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fpolice-investigating-reported-robbery-albemarle-store-12p%2F%22%2C%22%2Fvideo%2F2023%2F12%2F14%2Fvirginians-concerned-about-holiday-mail-delays-rep-spanberger-says%2F%22%2C%22%2Fvideo%2F2023%2F12%2F14%2Fcharlottesville-area-elks-lodge-giving-60k-nonprofits%2F%22%2C%22%2Fvideo%2F2023%2F12%2F14%2Fmore-charges-coming-suffolk-man-charlottesville-abduction-case%2F%22%2C%22%2F2023%2F12%2F15%2Fteen-girl-hospitalized-after-being-hit-by-school-bus-roanoke%2F%22%2C%22%2F2023%2F12%2F15%2Fvsp-investigating-after-body-found-along-highway%2F%22%2C%22%2F2023%2F12%2F15%2Fpolice-investigating-reported-robbery-albemarle-store%2F%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%2C%2CHomepage%20Native%20Backfill%3Dthumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%2C%2CVideo%20Reel%20Homepage%3Dvideo-reel-sc%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66e795d90833daa5a12dd1faaf5f317219b9545c7d7495b28f90407deb76dd7d

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
739
date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.6789583333333334
x-fastly-to-nlb-rtt
7430
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1702663424.249526,VS0,VE739
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
432 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 13:14:16 GMT
x-content-type-options
nosniff
age
17368
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
441821
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 14 Dec 2024 13:14:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		65 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.29news.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0336d12efac90b631e202f3a3c37ec4b468eb77863782160e60549ba98d0105f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Fri, 15 Dec 2023 18:03:44 GMT
js
www.googletagmanager.com/gtag/ 		258 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LQ23MJC9WT&l=RCdataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58WCCRN&l=RCdataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
152ba9565d821a08fd52cda47362cdfba9d479a0bd8f0bed733c33ae3e31d464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89488
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 18:03:44 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58WCCRN&l=RCdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 17:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
930
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Dec 2023 19:48:14 GMT
config.json
c.go-mpulse.net/api/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=47DAA-RMGFC-4U4YY-9C4XF-UTQN5&d=www.29news.com&t=5675545&v=1.720.0&sl=0&si=0a1357f1-2f69-40d6-8769-64cebccd0ff8-s5pzi6&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=677334
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/47DAA-RMGFC-4U4YY-9C4XF-UTQN5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:18d::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
01a35b750e5c341f6d56f6030c7e77cdf282c64854a486f186735262a376bb83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 18:03:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
881
855.ee2c11f4d8ec19c3e644.js
public.tockify.com//app/ Frame 3207 		632 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/855.ee2c11f4d8ec19c3e644.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-127.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
4710dce6e41f2e1551ed4127aa8c5f0caf1f42805c5671d34b2b0a2abf13f9f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 12:09:55 GMT
content-encoding
br
via
1.1 36e42f052a24feab91529d442c70cf34.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
age
3822829
x-cache
Hit from cloudfront
last-modified
Wed, 01 Nov 2023 12:08:31 GMT
server
nginx
etag
W/"65423fbf-9dfc6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
42SYSZ6e_wcUogMCLQFLIEeNQGJ6do0zkbo6zYpUWB3n-EJ1OLT_Kg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
201.ac5bc9ef1c62d61e35d9.js
public.tockify.com//app/ Frame 3207 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/201.ac5bc9ef1c62d61e35d9.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-127.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
224a5b8eaaf3653d627299347111991d79dc40bd42ec6b61c55921da4a3e40ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 12:09:55 GMT
content-encoding
br
via
1.1 36e42f052a24feab91529d442c70cf34.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
age
3822829
x-cache
Hit from cloudfront
last-modified
Wed, 01 Nov 2023 12:08:31 GMT
server
nginx
etag
W/"65423fbf-fcc4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
VUCv2K58AQM8eSoGYoBiyEsXCiq6zAVMS90_jmFF1UNqeTEJj0lIfA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
736.ef286327c36ee15e6da4.js
public.tockify.com//app/ Frame 3207 		432 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/736.ef286327c36ee15e6da4.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-127.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
ceec13d8c655e8054fdb414719c64ba880b50a4f9059026a4f1eaecd2ee05c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:35:39 GMT
content-encoding
br
via
1.1 36e42f052a24feab91529d442c70cf34.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
age
2618885
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:34:11 GMT
server
nginx
etag
W/"65549ea3-6bfd0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
KOPQIhOTPlrBqGA_xt9QmDXhnZ4YbHVlidFr5mXf8cy_ODzviJg4Og==
expires
Thu, 31 Dec 2037 23:55:55 GMT
viewer.e536a60d5a573dc03c37.js
public.tockify.com//app/ Frame 3207 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/viewer.e536a60d5a573dc03c37.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-127.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
7cfff10d1716acbf183fef47552add779d67b323e3d8ad6f5c788b0d3fcd0cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:22:58 GMT
content-encoding
br
via
1.1 36e42f052a24feab91529d442c70cf34.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
age
2619646
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:21:35 GMT
server
nginx
etag
W/"65549baf-628a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Dw1yLHdeMqAx61wNZgZsq5SkKpm03eshIGd4zckPOmt5knj1_m80mw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
polyfill.7a1639b94b22e6ded050.js
public.tockify.com//app/ Frame 3207 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/polyfill.7a1639b94b22e6ded050.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.2.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-2-127.txl50.r.cloudfront.net
Software
nginx /
Resource Hash
50d9594f0c84c61608f60a47071b4051c9052407eb928afb38f5b82686b98885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 12:09:55 GMT
content-encoding
br
via
1.1 36e42f052a24feab91529d442c70cf34.cloudfront.net (CloudFront)
x-amz-cf-pop
TXL50-P1
age
3822829
x-cache
Hit from cloudfront
last-modified
Wed, 01 Nov 2023 12:08:31 GMT
server
nginx
etag
W/"65423fbf-6237"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
3SUsyZYZWML4e6P5c-v8ISPj1xm0ofhGm7uPeDZW0gTko3G7s_-ZnA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
mi-scraper-1.17.0.32.js
snippet.minute.ly/publishers/gray_group/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-516310.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
790e90d45636000ad24f407cb54e878f2a793a795fbf95497396074aa0d39ddb

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y2D1XN7SFMDJMPJS
age
2081415
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-id-2
rWLsRYGEaH2TWDNAQ/v6SUziAk57Z+qqp06+TqiVFyaP8wC0MG1UH4LN/YW01YQRZ0qx4b3jnEc=
x-served-by
cache-iad-kcgs7200020-IAD, cache-fra-eddf8230106-FRA
last-modified
Wed, 10 May 2023 08:47:33 GMT
server
cloudflare
x-timer
S1702663424.451252,VS0,VE0
etag
W/"60cdfd1f3dea6013e68c22afa83110bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLjryFKJYAWuHgYXs4AZIMAZfXcqqVahp1u5vyhrxjU96hwDPprpmsWDujggkHpGAf9CiY3V0WVQ5QXWlQEv62aRCU3lloya2lfsQ84G79lPBaSIF1indvZqG%2FyFCxaQckKrj3cywHfIW7da8%2Fjs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
83609ae2baa9047a-FRA
access-control-allow-headers
content-type
x-cache-hits
39, 88
collect
region1.analytics.google.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LQ23MJC9WT&gtm=45je3bt0v890211784z8813349527&_p=1702663423798&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1089476568.1702663424&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702663424&sct=1&seg=0&dl=https%3A%2F%2Fwww.29news.com%2F&dt=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&uid=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.date_published=&ep.published_day=&ep.published_month=&ep.published_year=&ep.content_type=section&ep.primary_section_name=&ep.content_owner=wvir&ep.content_provider=wvir&ep.content_id=%2Fhomepage&ep.ad_target=%2Fhomepage&ep.platform_name=PageBuilder%20Fusion%20-%20Arc%20Publishing&ep.author=&ep.user_timezone_timestamp=Fri%20Dec%2015%202023%2019%3A03%3A43%20GMT%2B0100%20(Central%20European%20Standard%20Time)&ep.timezone_offset=%2B01%3A00&ep.content_name=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&ep.content_keywords=&ep.distributor_name=&ep.distributor_category=&ep.distributor_subcategory=&ep.distributor_reference_id=&ep.distributor_model=&ep.output_type=default&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&tfd=2632
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQ23MJC9WT&l=RCdataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LQ23MJC9WT&cid=1089476568.1702663424&gtm=45je3bt0v890211784z8813349527&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQ23MJC9WT&l=RCdataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LQ23MJC9WT&cid=1089476568.1702663424&gtm=45je3bt0v890211784z8813349527&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1794142255
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get-action
nr-events.taboola.com/newsroom/1.0/graytv-wvirnbc29/ 		132 B
448 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/graytv-wvirnbc29/get-action?page.url=https%3A%2F%2Fwww.29news.com%2F&view.id=170849320701638720&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/graytv-wvirnbc29/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5f2e09179a891c2a6806d7e2653d6694d613eff4b6a94c5a164ebb669bdef350

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

tbl-x-upstream
10.44.219.141:80
date
Fri, 15 Dec 2023 18:03:44 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
83
content-length
132
x-application-context
front-page-event-server:production
x-served-by
cache-fra-etou8220107-FRA
server
nginx
x-timer
S1702663425.501903,VS0,VE94
vary
Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=136953814&t=pageview&_s=1&dl=https%3A%2F%2Fwww.29news.com%2F&ul=en-us&de=UTF-8&dt=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1115692934&gjid=1247468801&cid=1089476568.1702663424&tid=UA-82494642-170&_gid=97303530.1702663424&_r=1&_slc=1&gtm=45He3bt0n8158WCCRNv813349527&cg1=%2Fhomepage&cg2=section&cg3=wvir&cg4=%2Fhomepage&cd5=section&cd6=0&cd8=wvir&cd9=wvir&cd10=%2Fhomepage&cd11=%2Fhomepage&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=&cd14=NBC29%20is%20Charlottesville%27s%20most%20experienced%20and%20most%20watched%20televisions%20station.&cd16=Fri%20Dec%2015%202023%2019%3A03%3A43%20GMT%2B0100%20(Central%20European%20Standard%20Time)&cd17=%2B01%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd19=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&cd40=default&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=874863515
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=wIB52pen83HKJ&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-mkywJqKEAia-Oj593RdATjrnZqykuxlGSbUxGPfIVTpYA9NQsU%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-97-119.txl50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
TXL50-P3
x-amz-rid
59VQWHMZ95JDD3901S58
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Ln4PF1gwKDodp3A7GmmxoDY7dsJwYDI0yHPdThbcrL7Q0r2ocxu1ng==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=wIB52pen83HKJ&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-TuMmwkuzZWPnoL3Qdq35jim1JR5-GqT0-YogM_4RVrCYGVcxFM%22%2C%22s%22%3A%5B%221024x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-97-119.txl50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
TXL50-P3
x-amz-rid
YZ56K1CB9D1DXS8M49P1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
a2QGHBvV24RSw7sY2EBVb9awrDQDhCnU7bFBPP5uweFjrxwFfMkH1Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=wIB52pen83HKJ&cb=2&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-e4kqiHFVIIAXqUVPDNZg-97-Nkdm8STOGBj66Yr0Pht4ShWNTt%22%2C%22s%22%3A%5B%221900x1200%22%2C%220x0%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-97-119.txl50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
TXL50-P3
x-amz-rid
NM27B66WQQ58D6WMHSEE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Tp2in8NCWYpmDoOmfJsuctP1qYEVTdp84DJPBAcF0e0xk_2PCiaJ9w==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=wIB52pen83HKJ&cb=3&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-IbJ9MqUQ5Ep8p256r3EHAgeDDMPJGCmiCv2pdBqX7JkwVXDi5D%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%2Fstory-feature%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-97-119.txl50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
TXL50-P3
x-amz-rid
QBVPZTM851PTGMHQJ4AA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
cO4yPXY9UYOdCqNQIR9LutxODdOJL1e2P3dBjCcOYlXcopeRJ3bwtQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=wIB52pen83HKJ&cb=4&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-ULJmeY-GpDV1k4KYI8F4ilED9GaKkF7m7tVfjSY_iI6Wd_q1US%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.97.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-97-119.txl50.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 169e8a8ce77089c8b2871ba43b8eb480.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
TXL50-P3
x-amz-rid
X7ZMMP3GEKQ2ZVNPZRDM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
n-HtiTZX-SjLc-jCcieXOceIoo_2RJO8X0BYhtsAUnbbPWn-2kgpIw==
notify-impression
nr-events.taboola.com/newsroom/1.0/graytv-wvirnbc29/ 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/graytv-wvirnbc29/notify-impression?page.url=https%3A%2F%2Fwww.29news.com%2F&view.id=170849320701638720&page.template=home&page.dashboard=home
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230020-FRA
tbl-x-upstream
10.45.40.105:80
date
Fri, 15 Dec 2023 18:03:44 GMT
via
1.1 varnish
server
nginx
x-timer
S1702663424.441388,VS0,VE10
x-cache
MISS
access-control-allow-origin
*
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
d86cf21e4ded8d4e0cbb03b63f4192bd1ac800f844bd6ddc
operationchicken.com/confirm/a66326/ 		303 B
807 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://operationchicken.com/confirm/a66326/d86cf21e4ded8d4e0cbb03b63f4192bd1ac800f844bd6ddc
Requested by
Host: reconditerespect.com
URL: https://reconditerespect.com/v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
515c271a58a621c8d2e693ccd933058d68a083c2db93a0f685f697679fa9dc8b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 15 Dec 2023 18:03:44 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
x-hostname
fen-hoothoot-europe-west1-zlrc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 15 Dec 2023 18:03:43 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-82494642-170&cid=1089476568.1702663424&jid=1115692934&gjid=1247468801&_gid=97303530.1702663424&_u=YCDACEAABAAAACAAI~&z=1187740060
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 15 Dec 2023 18:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
787
api-esp.piano.io/tracker/lucid/visit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/787?story_url=https%3A%2F%2Fwww.29news.com%2F&visitor=zu8c2g8ztbxazg1n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.29news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83609ae32be98fd1-FRA
date
Fri, 15 Dec 2023 18:03:44 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
787
api-esp.piano.io/tracker/lucid/visit/ 		65 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/787?story_url=https%3A%2F%2Fwww.29news.com%2F&visitor=zu8c2g8ztbxazg1n
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492f4ef40ecd4502bb3330e3040b62091fc61758533b1cdd3b23b6b2517e61d1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"41-s+qa31d6m6TCH4nsElwtpdMf20c"
access-control-max-age
36000
vary
X-HTTP-Method-Override
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
83609ae3dd35921a-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
iframeResizer.min.js
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vz.1.108.13-79dc946e&p=787
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
15472
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"2e2f-18c447e5b90"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
83609ae32c34921a-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sat, 14 Dec 2024 18:03:44 GMT
state-machine.min.js
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vz.1.108.13-79dc946e&p=787
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
15471
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"f2a-18c447e5b94"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
83609ae32c36921a-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sat, 14 Dec 2024 18:03:44 GMT
displayer.js
api-esp.piano.io/public/sdk/vx/widgets/base/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vz.1.108.13-79dc946e&p=787
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
15471
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"8abb-18c447e5b94"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
83609ae32c37921a-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sat, 14 Dec 2024 18:03:44 GMT
displayer.js
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vz.1.108.13-79dc946e&p=787
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
15471
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"19c7-18c447e5b94"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
83609ae32c38921a-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sat, 14 Dec 2024 18:03:44 GMT
_.gif
counter.snackly.co/ 		0
38 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83609ae37e74920e-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Fri, 15 Dec 2023 18:03:44 GMT
_.gif
counter.snackly.co/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:48ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83609ae37e72920e-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Fri, 15 Dec 2023 18:03:44 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=136953814&t=pageview&_s=1&dl=https%3A%2F%2Fwww.29news.com%2F&ul=en-us&de=UTF-8&dt=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABCAAAACAAI~&jid=454533225&gjid=1550264800&cid=1089476568.1702663424&tid=UA-81117537-17&_gid=97303530.1702663424&_slc=1&z=307596094
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81117537-17&cid=1089476568.1702663424&jid=454533225&gjid=1550264800&_gid=97303530.1702663424&_u=ACCAgEABCAAAAGAAI~&z=430377917
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 15 Dec 2023 18:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1190
api-esp.piano.io/publisher/unattended/ Frame 4308 		138 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/unattended/1190?wv=50&v=vz.1.108.13-79dc946e
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6063e91e9d9d53e4251784c15ba4b1791ef0fa94b86f853f6cc44c8fd489ea5a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000 public
cf-cache-status
DYNAMIC
cf-ray
83609ae36c9b921a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 15 Dec 2023 18:03:44 GMT
etag
W/"22694-Cnvubv+wsSDGcu0G+J7ex4yCWsk"
expires
Sat, 14 Dec 2024 18:03:44 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
x-cache-status
HIT
truncated
/ Frame 3207 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
fontcss
d3v5317qx0o9g1.cloudfront.net/ Frame 3207 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Requested by
Host: public.tockify.com
URL: https://public.tockify.com//app/855.ee2c11f4d8ec19c3e644.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:e00:1:4e32:7440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e69b75877807cbc3c8a90b55b7607df6ea93978cb1ab8f0ada09e00307c16794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 14:03:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
187211
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
0
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=604800,stale-while-revalidate=604800
timing-allow-origin
*
link
<https://d2csfia1ogd5wa.cloudfront.net>; rel=preconnect; crossorigin
x-amz-cf-id
oB4fznKISUGeeDDMg_5Zq05RBh-FKYgUjnCWurVsuBfFnBcmIePs-w==
expires
Wed, 13 Dec 2023 14:03:33 GMT
fontcss
d3v5317qx0o9g1.cloudfront.net/ Frame 3207 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Requested by
Host: public.tockify.com
URL: https://public.tockify.com//app/855.ee2c11f4d8ec19c3e644.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2204:e00:1:4e32:7440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9dc0571019f0847eeb755ad6ffc8bcebe2d09af91fd1348e0f69d246facadf14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:03:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS50-C1
age
64806
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
0
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=604800,stale-while-revalidate=604800
timing-allow-origin
*
link
<https://d2csfia1ogd5wa.cloudfront.net>; rel=preconnect; crossorigin
x-amz-cf-id
1ijchJuky4LBRNLHmH4Y-isUib115bJcsqlM4gVbcVhs7l8yjsDpUQ==
expires
Fri, 15 Dec 2023 00:03:38 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfdcf81fd2c0705162775909ef37c8ca2ebd21b940e8c1704bda8bb31b41aa7a

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6UQhDDzQGJaoHzlrS2fTWooalwSnM0m%2BqaFn3M3cXNde%2FbfOZX2sojQmA3L95t0Pt8zLBdNZZfuUkPv9VJCoQAEyEQb%2BNerY34hWjKogNZ78%2FaupvTeb9wjDwipEZGOK%2BmQgrz6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83609ae40c6e8ffa-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=810
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Fri, 15 Dec 2023 18:03:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		138 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
116878fe0d8e666a2cad251a1359c56896e5e664d1cc001733fb5d66d9b3db0b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
31181382-285b-4b07-aca1-8adb52e6df6b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e9a5d21c53b8e58c6c70936d28b41c8020e777dd93aad5be7fbf36267042094d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
1d3db988-80d7-46be-8dc5-732e0cb4f650
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		35 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f378c883bff2c713cacbb88c0b4e93ae79d692aeb80ccbf1c3245777d6f7b0b

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQSm1f78R2ngmyqW1mlzcqqB6OWtenajg6xs5ChVDufvKyJXVwum%2BEyHEJEkXspQFdndEqrLN75Prc3DZIXN2izMCGTfe4hTfWtrPKO8cuPAFcEn8WmYWDItk1nBiyfF3PCDSOuK"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83609ae40c718ffa-FRA
alt-svc
h3=":443"; ma=86400
content-length
35
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=419
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Fri, 15 Dec 2023 18:03:43 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b48b9768a3bd757212ea03b630e12e7aca7c0944b2aa5880aeffc620d04759e2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
0fec9bba-71cd-4b8f-ab40-01d6aacd2cc5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2c15bfc012c4dbd35af44f48c804bfa481e9b4526ffd0ed04244c656043caf

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zu9yrxlfcK5MyI3qGhXYW%2BR5bgnK0HZvQWzS0wDb0uYAqFnntQJ8Mp6d6CUqzCgfvtWUKNlsEfif%2Bmx9uBfEu5e%2BDdqG2HA%2FuxSeSypc73ZjtS%2FUOA%2FS75a1O%2FCB1fP9ndD4Taeo"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83609ae40c728ffa-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb50029231e38925bde6abe76df57ae8945b1d88d2ff7ecb7849a88c5d204cc

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZjCh6JO1ETUC4obMliA0T4mLHYIytFX21iz2Q8ht8qJVBNv1wuqt2A6vuScfykQoPEEQR12Dl939ymg3dWigq57rwdR6U68mIK%2FSWMtplhX%2FUU%2FoZ324Lodw5zqbm8DKB4cr3%2FH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83609ae40c708ffa-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f3da7d623af4d2eb10a0ae36455204cf1b8964a5c7371ddc2356aff1884764b9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
5ada2183-31c5-42a3-a3d5-afc2f3889374
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
34.svg
www.29news.com/pf/resources/images/weather/weather-condition-icons/svgs/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.29news.com/pf/resources/images/weather/weather-condition-icons/svgs/34.svg?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f9eb6c867550109c6cce3fd0c4b4cde28024919576f6149ebf86ca27d7f74fbb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
IAD50-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.a8163017.1702663424.aebdad4
server-timing
cdn-cache; desc=HIT, edge; dur=23, origin; dur=0, ak_p; desc="1702663424644_389027496_183229140_2279_3014_8_0_146";dur=1
content-length
2461
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"1d595a6d45fb37eb0edbcc239e9c5510"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
bwkrhoWbETETnd-IOEORmjIUFObY9wqBtVJM8ECdcE4sbVER9--iqw==
expires
Sat, 14 Dec 2024 18:03:44 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b4ec482560a62c554dcec6fc68b07492994cf7550dba087186ee088482825f2

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGyHRlULSwyife0TKC5GUhpaZ5p64x0X5JOLz4tRzn6auP2NCPBDdkERyN%2BkBaBbVt1giBm%2Fgau4HAN5v%2FC9o81dW%2BAVLjYgtk34I%2BmSoXEfO8gOVxJRGM8ANc1Up3xS2DLgElTr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
83609ae44cc68ffa-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=800
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Fri, 15 Dec 2023 18:03:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
466c851210a39469c433d7ecc5cbee8dae10dd8f6ec689090cf205688993225d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
15a8942b-e23a-47c6-a901-aaaa379c098f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		694 B
376 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124055698009864&correlator=4011379746628356&eid=31079724&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1024x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702663424702&lmt=1702663422&adxs=288&adys=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1089476568.1702663424&ga_sid=1702663425&ga_hid=136953814&ga_fc=true&dlt=1702663423245&idt=1166&prev_scp=position%3D101%26pt%3Dsection%26cid%3D%252Fhomepage%26amznbid%3D2%26amznp%3D2&adks=3269400603&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7834031b17b574a64726d724fbabcf779b355d1d45997710700d435d94f995cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
345
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4a1f0ea7d3ea6a515ac65312034675b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C52E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a1f0ea7d3ea6a515ac65312034675b7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
Sat, 14 Dec 2024 18:03:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		545 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124055698009864&correlator=4011379746628356&eid=31079724&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1900x1200&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702663424716&lmt=1702663422&adxs=-150&adys=186&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=1600x109&msz=1900x109&fws=4&ohw=1600&ga_vid=1089476568.1702663424&ga_sid=1702663425&ga_hid=136953814&ga_fc=true&dlt=1702663423245&idt=1166&prev_scp=position%3D1%26pt%3Dsection%26cid%3D%252Fhomepage%26amznbid%3D2%26amznp%3D2&adks=3874151075&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e86b7137f4f98144d7a5cb12b426c48f69497a9902f9314b8f6332c41eedd7e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
269
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
f81218cfcfb976c97302a765e8ef1c2d2271626846cb4aa1444fab
operationchicken.com/ 		3 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://operationchicken.com/f81218cfcfb976c97302a765e8ef1c2d2271626846cb4aa1444fab
Requested by
Host: reconditerespect.com
URL: https://reconditerespect.com/v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 15 Dec 2023 18:03:44 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
x-hostname
fen-hoothoot-europe-west1-zlrc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 15 Dec 2023 18:03:43 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		617 B
303 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124055698009864&correlator=4011379746628356&eid=31079724&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702663424732&lmt=1702663422&adxs=1135&adys=578&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=300x317&msz=300x285&fws=512&ohw=0&ga_vid=1089476568.1702663424&ga_sid=1702663425&ga_hid=136953814&ga_fc=true&dlt=1702663423245&idt=1166&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1%26amznbid%3D2%26amznp%3D2&adks=30860469&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
893e409bd818cf35943dedefed32b2b2f2d279a8939a363032ab0f96fa6aa457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
272
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame AE88 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
247
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83609ae4cf332bc6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
Fri, 15 Dec 2023 22:03:44 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame B27A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
45138
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Dec 2023 18:03:44 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
494, 286397
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220051-FRA
X-Timer
S1702663425.797173,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 007C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
45138
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Dec 2023 18:03:44 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
494, 287481
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220037-FRA
X-Timer
S1702663425.797779,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 89AE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=56442
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
Sat, 16 Dec 2023 09:44:26 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F072 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
247
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83609ae4df432bc6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
Fri, 15 Dec 2023 22:03:44 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 04BB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
247
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83609ae4df402bc6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
Fri, 15 Dec 2023 22:03:44 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 84E8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
45138
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Dec 2023 18:03:44 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
494, 286398
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220051-FRA
X-Timer
S1702663425.815304,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 9B2C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
247
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
83609ae4cf362bc6-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
Fri, 15 Dec 2023 22:03:44 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5E69 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
45138
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 15 Dec 2023 18:03:44 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
494, 285607
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230119-FRA
X-Timer
S1702663425.797877,VS0,VE0
ads
securepubads.g.doubleclick.net/gampad/ 		630 B
309 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124055698009864&correlator=4011379746628356&eid=31079724&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage%2Cstory-feature&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702663424745&lmt=1702663422&adxs=165&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=954x141&msz=954x109&fws=0&ohw=0&ga_vid=1089476568.1702663424&ga_sid=1702663425&ga_hid=136953814&ga_fc=true&dlt=1702663423245&idt=1166&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D2%26amznbid%3D2%26amznp%3D2&adks=1590941138&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59ed228f99fa7ee4309a8d8e0536d02530a446af9b453bf0b6b68d2f7cf29c61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
278
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		617 B
305 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3124055698009864&correlator=4011379746628356&eid=31079724&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702663424751&lmt=1702663422&adxs=165&adys=202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=1270x125&msz=1270x109&fws=0&ohw=0&ga_vid=1089476568.1702663424&ga_sid=1702663425&ga_hid=136953814&ga_fc=true&dlt=1702663423245&idt=1166&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1%26amznbid%3D2%26amznp%3D2&adks=1540326768&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
678235b764d973903bce3aa9a5bd46322ca09dc0a8b59f108ea2a0dc0cdc66fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 21:25:42 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1197482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
N3QWxOGwXNi2lIRBK7klJ6UkL-TpG9iVb3-EJandfgcjdj95hsUMpQ==
expires
Sat, 30 Nov 2024 21:25:42 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 16:05:47 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
957477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
StVpWPU6T8ANazquUeN7hd9DfXv-Wk6VVWwVn7cbWCjsoFnxnaCvvA==
expires
Tue, 03 Dec 2024 16:05:47 GMT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 3207 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 07:28:26 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
4790118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19752
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
tvMfBR-REjSzh1Bagf06stY63_dn1ciWt5dHyoefqR1-NW_qLmk67Q==
expires
Sun, 20 Oct 2024 07:28:26 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 3207 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:03:12 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
936032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DB_isuk2R05fg-H941IHegL-xoknYtT6HTQT2WP1xopDnJ4bEBNYGw==
expires
Tue, 03 Dec 2024 22:03:12 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 3207 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:58:42 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1177502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
L7rlzRlQJk2NafK9JUungwnFsf_K08nb8FgmK0YrmXbJYRhQs9lK9A==
expires
Sun, 01 Dec 2024 02:58:42 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 3207 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 10:05:12 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1151912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
m2EYnaP-Urr1qU65xA0TUt5s1A_btaaz9ZQjBSzEotD37nZbuidxJQ==
expires
Sun, 01 Dec 2024 10:05:12 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 3207 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:23:41 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
960003
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19720
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:47:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Sol-0ZRWutuZAHwqVNh1Z3km9bPyyu3-kROWX5AEIKlTbdYY9K6GtQ==
expires
Tue, 03 Dec 2024 15:23:41 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 3207 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:48:29 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1232115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vRsbdr4snpNcl1t2J--PbvwzRyByHHn0W2Ut9RUgHUvTwmPmTpRQ0g==
expires
Sat, 30 Nov 2024 11:48:29 GMT
u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 3207 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 16:38:39 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1128305
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19900
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ydcqzXqEYZUtXWNAz3sAiPN6JmUDqWJ0pfm05TBwNEPNLP6rtICEfQ==
expires
Sun, 01 Dec 2024 16:38:39 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 3207 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 17:16:19 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
7346845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19844
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
XKtr3SLokYJiTlqAwgAXnoopgysnABb08Iz0IcseCtH6zvpTKw32ug==
expires
Fri, 20 Sep 2024 17:16:19 GMT
KFOkCnqEu92Fr1MmgVxIIzI.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:02:09 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1148495
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Lp1GsAPoLpJ9cx8Ptl-twzMY1NQlvdP2CW1-BS_XWnp_Q7s8fRXRUA==
expires
Sun, 01 Dec 2024 11:02:09 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:16:12 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
960452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QkeeVkG04bq78t4A7ry0wCc1fztIo1o71rmE3bq-CfRDQUI6XbErgQ==
expires
Tue, 03 Dec 2024 15:16:12 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 20:50:19 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1804405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
XI_Bf0Nh5L1LGzHV6vEvTEAVJzPKSw47Ckbz7FRHIEIQewgIyxiAYQ==
expires
Sat, 23 Nov 2024 20:50:19 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 20:50:18 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1199606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6wAnXL_eAgfQZs1bY3urhvQF4CJRZxESG6YTDLsC80EtDC2wjT5aJA==
expires
Sat, 30 Nov 2024 20:50:18 GMT
KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 01:40:36 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1182188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17060
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
TgyxT4YNEYram6qgbhAbNBiJyojcIvNYAF7jl3IyEJhgoyVjdQVn6w==
expires
Sun, 01 Dec 2024 01:40:36 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 13:49:34 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1743250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17508
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1fE4T6cChTrKklAuF6rzUexkKEyVck4mRqA-LkD3jE7CGFE2CvgouQ==
expires
Sun, 24 Nov 2024 13:49:34 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:45:04 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
771520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
6-ZNbkTgO1me_DauspOYXeBbrinDY4Lksavt7mWdF33tMNAmiNtHcg==
expires
Thu, 05 Dec 2024 19:45:04 GMT
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 08:28:22 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
898522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17336
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Rx8QbgsWty7PEc-i7VCFRl80xxngfOJimqRHpwuz6cRmoO9Vd7DiDw==
expires
Wed, 04 Dec 2024 08:28:22 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 22:35:37 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
1106887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17032
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
85raLnRQgJwzbcEKFe7KTfrqPfbLizIMvcrwP3YUcco4TrRDjvLExg==
expires
Sun, 01 Dec 2024 22:35:37 GMT
KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 3207 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:5e00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 23:12:38 GMT
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
age
931866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17552
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
b4q176b-0IN0nCp9lX7Gz2R2rsdIDepEeb9tUCTdcZsGW4tz7GiAow==
expires
Tue, 03 Dec 2024 23:12:38 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 89AE 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68522931&p=161733&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:43 GMT
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame D932
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfaee838778ac2f5aedac42cd121fd1c43772d5015989729debd5c99818e6638

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83609ae54f391e6a-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4NwRp0OhvhLvhG3y0cZZnZif4fHZ9ylqFwjUtVFl6oV9HYYvHJKvhg9oQrCxcpp8IYOmGgWO8OfgRk0p9Oeo0LcCmiGfDB2tRCXg87rFwD%2Fgu7ekuV%2FX852FjuGA5rqV1UtyYkxx1N0ig%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83609ae50dcd8ffa-FRA
content-length
0
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycZDExMdHw2J%2BNDF81z%2B9mY50mBd4gz1WsStl3qNDQRrQpqIPOsU0fuWv6xpQWg7DZKXU0er%2BHK5VUXT%2BBqCxGw6Sb04NHp7BhVvq%2B2M8ObWyXEsKx%2FY1pCSr4f%2B1U6ERx7qxWqqsYZnbg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 11D1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4437be8ebb563d6e6c98d0a29afbb41bcc5f1db2e21a34e093360660b118d71

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83609ae54f3d1e6a-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pfXuoWVhUHRldW0IrFgRpFl1b%2BWgi%2BWCEME%2FpERZs50LWXC5Ej1wHBu2WBOqaYo7Wq26Jl%2FTm%2BFdmUIz4ipX9BB9kxroWB6apqKv2leE2kNtOkpqw9wJ2%2Flns0w6ufydekUiRbdOrQvFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83609ae50dcb8ffa-FRA
content-length
0
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXomjcwcHguBkB7XvO0qE740GPiW3kBxt2lCrWhGnoyKBcvB29hBEwb1IyN3dwCNb97CRa4sOE6xlvcMvuicImHtSKUKqF7y4BjI9yS%2BzPfZUM9K1Dfd3WbMTbxsqzmR6GK4EgQABHuleA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 9811
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67bfebbf0035268de63ccc8a1c24dd1b13cd8e9c8ede858fcf8836144ca3b378

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83609ae53f171e6a-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCtNEbqE%2BSQlZC20zBINcI9DbXJbrISyG26NYpYITY1%2FMG8Y221rmG5NtWP6aZaMGc9ePkDx2iFseK1J6BuGR2Vg9eGZff7tCf8UwgUJexkp%2BWDQdbHpHnm9pAbSGfbJjYioqdgADDvPoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83609ae50dce8ffa-FRA
content-length
0
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CofxpG8O6cC%2BYHrShaIRTczptjxlScTN7kun2AK72vAQ5tF1fn0YzTqkcc1GFa0Gvr2FvvPqO7%2FGFQbTxcsRAxjTqt0rHOam33aWc8xmUFXaLyOAynQ0ri7u8snQRksE%2FkNkF7FdnKaPJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 6DC1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab813fde6b5a25d8e9bae7e6f6035e5774c6f930856eae0812a401bd6d1c20b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83609ae53f151e6a-FRA
content-encoding
br
content-type
text/html
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2RRt6HMA%2FSgVzYK38rxyXREDb5WiezFijP3biP8S8CxGdcotl9rFM05UVoMNVOA2FnxGYmX7iyywHVgHloxmbhehKvapXiy74BD7L9dS5fThpw0bolekq47aXtmhA3kpGznEqygbvhqQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
83609ae50dd78ffa-FRA
content-length
0
date
Fri, 15 Dec 2023 18:03:44 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJ9ASGe1xfkZOBxdx7F5eOFzYl%2BuXvsjqVM7x5U%2FrEry6oT%2FsWSJvBPebVz%2Bx5r%2FphQpNtNHrfvR6gdinNyEnSFtZUpqTR9akzS1t3sFZGQhzkPqPaLFWupJifL9fofh9quXvauKELCf%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bounce
ib.adnxs.com/ Frame B27A
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
6674474d-9c01-4210-8bc6-b30ba362a7a3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
b334213b-0bb4-43fe-8424-cd0f9b35dbbd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 007C
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
aeeb12c9-da0a-44be-9eaf-a1a4749fc2b0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
65e57565-769d-4d36-9b9e-221e47c851ff
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 5E69
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
d7be48d2-28ac-4507-948d-def1eff7dd10
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
9a199b0a-4cf1-4662-9c20-8a767cd3381e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 84E8 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
5afeda19-5cd7-47b7-b609-048eae6dc3a9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 4308 		2 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-esp.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 18:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 16:28:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Dec 2023 18:03:44 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6DC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPoerFxanRdNiEI9AK6jAek&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPoerFxanRdNiEI9AK6jAek&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kdm32j8rVB%2FHFahv3jX7tA2zwKdgAkVETanGbrdICRQf%2BHjOKv%2FlPfsXa0pjEQ4o6qo8tmd0fe7N3ncayYy83eHa63yw3f%2Fmzg3EHffF7WrxCR12b%2FJJrUcFoqQzVIl5A63uXP20OkRFew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae638fb1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPoerFxanRdNiEI9AK6jAek&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6DC1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DPN6YVFS322NJ71CF9Y7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QCQZDVBT9VZ73G3W3BJ0
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAOsiOdAtItj_6GtG9wAADKsAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 6DC1
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXyVAOsiOdAtItj-6GtG9wAA%263243&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXyVAOsiOdAtItj-6GtG9wAA%263243&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=0a7465f6dceb4a74be4670ec8eeee0b8
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
195147
expires
Fri, 15 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
3
casale
match.adsrvr.org/track/cmf/ Frame 6DC1 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 6DC1
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C03EB7438D2A47ACA3051CBDF00A20B1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C03EB7438D2A47ACA3051CBDF00A20B1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhR426tAMlXRZpNj5jWZZ6VzLSSwJ7ChKFJS7hEd%2BWb1UN73zJIlVWT3SamRwA0w3GFsn4SNGxRKPjPWLKV0sFuF%2F1ihciOd321meuKTs5CdJ9ApX9DcP0zdi29mZyvm189F87WlQqRMgw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae618a71e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C03EB7438D2A47ACA3051CBDF00A20B1
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 14 Dec 2023 18:03:44 GMT
ix
ad4m.at/ad/sim/ Frame 6DC1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 6DC1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7742050139372852978&expiration=1703873025
43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7742050139372852978&expiration=1703873025
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YWNboZ1NPuMm74rw2aRksvaUXPJesuLtbYge1jQ%2B3AjKSdboatGYloiG7bhGtt40dIVRTJRI2707nyVMWEBLQjDmkFfniOcclsmf6ThGWt61lfG38P3xANTs4OGF5b1fiHX4a1T4MIwUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae6ba191e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7742050139372852978&expiration=1703873025
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum.casalemedia.com/ Frame 6DC1
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=250231e7-385a-ddb9-861cdef4
43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=250231e7-385a-ddb9-861cdef4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQPMszhSCx%2B2RzT1UtiidXkU1gIPbkJxZcC7kYn2Eln0Fo1j%2F%2FNjTS%2BQbCpEwYaVwdHhnR6Wsde79DeF6qhWcT4vPWUNdOOru2lqF%2FhpvsdiL3VWctLSHj8tbVecrIGCCvDjnNcr"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae6d82e8ffa-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 15 Dec 2023 18:03:44 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=250231e7-385a-ddb9-861cdef4
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6DC1 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZXyVAOsiOdAtItj-6GtG9wAA%263243
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
57827
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83609ae588c42bc6-FRA
content-length
43
expires
Sat, 16 Dec 2023 18:03:44 GMT
dcm
s.amazon-adsystem.com/ Frame 9811
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVADTkmjo0Qg_NDwqcEAAADSAAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVADTkmjo0Qg_NDwqcEAAADSAAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVADTkmjo0Qg_NDwqcEAAADSAAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T29DWHBJFGCD9HCK87D0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J3GC19M01DS81GJ2AH9N
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVADTkmjo0Qg_NDwqcEAAADSAAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9811 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 9811
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXyVADTkmjo0Qg-NDwqcEAAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZXyVADTkmjo0Qg-NDwqcEAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyCilz4mHa1EyHBAUqABX4&google_cver=1
43 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyCilz4mHa1EyHBAUqABX4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hGAcDT%2BlSi%2FoYgN8KG%2FU0iqWsx6kB1wziTZPgtarIdgKTX%2B%2Fqyo%2B6s8K%2BaPaAMHhVjtNCFLCRrJNCt1FUZBU7mWGly0%2Fc1KpqJ7lBpad2R13k9IM%2Bfcr%2FjtmPhwtxAY2CLnD441yD%2FxUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae638f31e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIyCilz4mHa1EyHBAUqABX4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 9811
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXyVADTkmjo0Qg-NDwqcEAAA%263360&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXyVADTkmjo0Qg-NDwqcEAAA%263360&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7323bff2219a4cf3ad9824938cebc28f
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
211798
expires
Fri, 15 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame 9811
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2951765EF0134BDBA68CB37230FC6131
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2951765EF0134BDBA68CB37230FC6131
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8fDwZKqqeGMQXW2v%2B6N9q7k0bszqnChSM1EdFWeupVcNmCZiU6%2BYfe7cR26a7zNpAiuXFVu5sWkiFjwXUTYvgfYs2iRSynnk%2FDXBqnNn60aiVaKKzV1pv6EAKl63L4iBNIkmqvZa6wbgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae6189c1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=2951765EF0134BDBA68CB37230FC6131
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 14 Dec 2023 18:03:44 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 9811 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZXyVADTkmjo0Qg_NDwqcEAAADSAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9811 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
ZXyVADTkmjo0Qg_NDwqcEAAADSAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9811 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXyVADTkmjo0Qg_NDwqcEAAADSAAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:e076:33cd:685:7924 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9811 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZXyVADTkmjo0Qg-NDwqcEAAA%263360
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
57827
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83609ae588bb2bc6-FRA
content-length
43
expires
Sat, 16 Dec 2023 18:03:44 GMT
dcm
s.amazon-adsystem.com/ Frame D932
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CY7TBZKYVX9Q94XHX3Y5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CK9B0K0QNSF6PDJN2Q7H
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame D932
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXyVAEWQ6nF6Mh-if0IYigAA%265289&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXyVAEWQ6nF6Mh-if0IYigAA%265289&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b4b1addeb11d48ee9adb9d89725f63df
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
195448
expires
Fri, 15 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
6
usermatchredir
ssum-sec.casalemedia.com/ Frame D932
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJDb96v_JELUjB2kEfIl_3E&google_cver=1
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJDb96v_JELUjB2kEfIl_3E&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUEJ5D5gd0CU1zkQU%2BBQgYMnv03fBFPTpLgegi3enskiVQI0AFG%2FT6Eb2Y%2BX%2B75KXgCy5AHujXXsT1avQVYzzwREutKj1xyPjXZz4U%2BNvQDJqBAcVZDQXay8wI3GP5Jx4vgF4YPkVNExTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae638fc1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJDb96v_JELUjB2kEfIl_3E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D932
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXyVAEWQ6nF6Mh-if0IYigAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZXyVAEWQ6nF6Mh-if0IYigAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENIH7z7gKra5Vh3ROfiWLV8&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENIH7z7gKra5Vh3ROfiWLV8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmNMcaAVuPU9IW3JNQKWlG7xg%2FbnKmCv%2BnnuvByY9hDfLqbTRM1tcN%2F51BCXV1mxpeg%2BkBsqjQu%2B1dhlhMU3KVcyh05lAdNYroiiKyGRKXleGJwUqxI8oHpl9%2BynW6LJvOIbrOah80g4hw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae6ba121e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENIH7z7gKra5Vh3ROfiWLV8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D932
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=97acdd43-a6b6-4a00-a9aa-c948da29dadc
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=97acdd43-a6b6-4a00-a9aa-c948da29dadc
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nf5Trvf5MMZxauWiOw1CKNWY1Fpk21SzK87rd5%2BBUdddwPxhL%2Fa8Xk9FjKdWyqqAPckrFbrbqYZJ7M8TXer9wF5QRgLUu%2FeGQI6kgCS7ufczxlUSyH24kAqa9Q1y7d%2FAIg4vX0walBmV1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae628c51e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=97acdd43-a6b6-4a00-a9aa-c948da29dadc
date
Fri, 15 Dec 2023 18:03:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame D932
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=748f571b-364c-4f38-a538-922f63397e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=748f571b-364c-4f38-a538-922f63397e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kdmlcStZA6%2BBDYoCe6rusYZrl%2FMvEIFCy9RV1VrFnpJBmJ4QQSeoQxLsce75RPySLr0ROlMVps8Qi%2Bn9dLUpErHVsJ7tNH9sDGEQoQ54hLUn9lWp4X4e5aJv0FUIk8PDpAI9hTKbFnbGpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae638ea1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=748f571b-364c-4f38-a538-922f63397e8e&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 15 Dec 2023 18:03:44 GMT
server
_
content-length
0
CookieIndex
rtb.adentifi.com/ Frame D932 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.157.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-157-65.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
rum
dsum-sec.casalemedia.com/ Frame D932
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7262416958248687114
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7262416958248687114
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5YLjQvvnkHnnKlwEgn8JUDw4SiUJeq0yV36R4BN%2FUSdNlWaffRdNk8YqF0DV0MEoF8pNa9wdc9PyI5xlMV%2FKdMF6mWzIhMFmMWj8JWgWXk7lNrPTvuHv760GVEIesbUUlc3IVZ%2Bg3YNpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae608761e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7262416958248687114
pragma
no-cache
date
Fri, 15 Dec 2023 18:03:43 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
htw-pixel.gif
cdn.indexww.com/ht/ Frame D932 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZXyVAEWQ6nF6Mh-if0IYigAA%265289
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
57827
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83609ae588c92bc6-FRA
content-length
43
expires
Sat, 16 Dec 2023 18:03:44 GMT
casale
match.adsrvr.org/track/cmf/ Frame 11D1 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
server
Kestrel
content-length
70
content-type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 11D1
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZXyVAEWQ6nF6Mh-if0IYigAA%265289&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZXyVAEWQ6nF6Mh-if0IYigAA%265289&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2dbd0acd33564256b85727e36308e918
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
309760
expires
Fri, 15 Dec 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Fri, 15 Dec 2023 18:03:45 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 11D1 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZXyVAEWQ6nF6Mh_if0IYigAAFKkAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:e076:33cd:685:7924 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 11D1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4118587467095025469
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4118587467095025469
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=812UUwCRcrg0nPOWjI8an65cFYyuQfcKtFeqHdRobFN6sa90RQp8qGqhli5NniuaYJP%2FtGqI1zb%2FbDUX2LYEW%2BCn8%2BpLnqRVdY4T8HuOcwHrGNHR3iUulnjy2DXtdjrM3te4G56OhLR2qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae5f85e1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:44 GMT
an-x-request-uuid
9f31296b-f204-4425-bed1-c3e235bed8b1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4118587467095025469
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 11D1
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718474625&external_user_id=2818f138-77da-462d-8d1b-de19da1933b6
43 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718474625&external_user_id=2818f138-77da-462d-8d1b-de19da1933b6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BtEgpLWRAItGU%2FCf2upFYNuo2KWPbi2j2KEsJUFfu2t4DzPRPSLotO%2FXadmQlQLKvLwj4Lvse5e3KDklHxbzRT%2B6hk%2F1b2pIX%2BzDhXqOmi9VROckDDMMZErj5Gs7SmQXD6NV0A%2FfXmZUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae6faab1e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1718474625&external_user_id=2818f138-77da-462d-8d1b-de19da1933b6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame 11D1
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=302e592b-ed55-45af-9942-0e8475990ece&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=302e592b-ed55-45af-9942-0e8475990ece&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nyex4TA9qs6JujcMofDarFBEtOYjPXlNEGBAIcA2hF%2FBITGq7Hx%2B%2BFmogPJQvhD38Eufx3aDZdTar%2FhvGqAS49diA2RipopLxV0j1u5oSxCe0%2ByBZd2l5IOD3b55xaRE79RWpithd9%2F2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae638e81e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=302e592b-ed55-45af-9942-0e8475990ece&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 15 Dec 2023 18:03:44 GMT
server
_
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 11D1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Pr1Je0RqVLhr_HXcS0ZK37Ki0YU
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Pr1Je0RqVLhr_HXcS0ZK37Ki0YU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Dl%2FXJ9kiGZtDquTEVwRhUSMr84%2FCLq%2FQDs4d5nPjbATBNTjvu1ZPnUlR33cl%2FQ14dUuh0R%2F5QS9nuZpMG8pmXAuYKNQszfWzXfs9v6h9kiCIofeIgV%2Fk%2BCDHpqLdbgKpLh5Qxdz9mBVIA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83609ae87d551e6a-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Pr1Je0RqVLhr_HXcS0ZK37Ki0YU
Date
Fri, 15 Dec 2023 18:03:45 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
bridge
cm.adgrx.com/ Frame 11D1 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-8
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 11D1 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZXyVAEWQ6nF6Mh-if0IYigAA%265289
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
57827
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
83609ae588ce2bc6-FRA
content-length
43
expires
Sat, 16 Dec 2023 18:03:44 GMT
mail-logo.png
api-esp.piano.io/public/sdk/v04/assets/ Frame 4308 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-esp.piano.io/public/sdk/v04/assets/mail-logo.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-esp.piano.io/publisher/unattended/1190?wv=50&v=vz.1.108.13-79dc946e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
15473
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
18301
last-modified
Tue, 10 Oct 2023 08:51:13 GMT
server
cloudflare
etag
W/"477d-18b18c87a65"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
83609ae5dff6921a-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sat, 14 Dec 2024 18:03:44 GMT
success.png
api-esp.piano.io/public/sdk/v04/assets/ Frame 4308 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-esp.piano.io/public/sdk/v04/assets/success.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-esp.piano.io/publisher/unattended/1190?wv=50&v=vz.1.108.13-79dc946e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:44 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
14868
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
20011
last-modified
Thu, 26 Oct 2023 06:35:45 GMT
server
cloudflare
etag
W/"4e2b-18b6ab2358c"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
83609ae5dff8921a-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sat, 14 Dec 2024 18:03:44 GMT
w_shown
api-esp.piano.io/tracker/lucid/event/787/1190/ 		39 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/event/787/1190/w_shown?src_story=https%3A%2F%2Fwww.29news.com%2F&visitor=zu8c2g8ztbxazg1n
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
39
server
cloudflare
etag
W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-max-age
36000
access-control-allow-credentials
true
cf-ray
83609ae6f96c921a-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
w_shown
api-esp.piano.io/tracker/lucid/event/787/1190/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/event/787/1190/w_shown?src_story=https%3A%2F%2Fwww.29news.com%2F&visitor=zu8c2g8ztbxazg1n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.29news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
83609ae5dfa68fd1-FRA
date
Fri, 15 Dec 2023 18:03:45 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
video-reel.js
cdn.taboola.com/ui-ab-tests/video-reel/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfbe54b8cccdae69aca8b2da4cdcbc0f61a4e142ccdcbe72d65fb767cd46eb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
KvQtu.MFG3yZl31_3R4jp.Co0Nm2lgRh
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
P7J8WXEPCG44E6JJ
age
24197
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
10622
x-amz-id-2
iXZPiOgtSsTFXAsjv6t8NpKuzLH6mpWFVxxbJ/tbA8SbqdUIx+SqqiCufHdZT1x2w5cpNAusvxU=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 11:20:26 GMT
server
AmazonS3
x-timer
S1702663425.004352,VS0,VE0
etag
"e7c1b011fd739806c383e202beb1ad36"
vary
Accept-Encoding
content-type
application/x-javascript
abp
4
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5331
video-reel.css
cdn.taboola.com/ui-ab-tests/video-reel/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3996eb66cb853fa453b95aaa992fcbed2ff3f176fe8bea6c19429edaa177525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MH3BbPBKSG_lXERKhMaG5ggjY4rw8rfH
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
XPE0BME9YK174T8G
age
24199
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2611
x-amz-id-2
SbXaUY2kwY0MHJ9IODevnohDUTxOFKMCekSoXV/YUpyC7dWkGEaH9JdLkH3k3Q6FugUTPhBrlAk=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 11:20:25 GMT
server
AmazonS3
x-timer
S1702663425.004234,VS0,VE0
etag
"803a96d34abbdd0ad7b05d2c05b72cdd"
vary
Accept-Encoding
content-type
text/css
abp
69
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
5283
loader.js
cdn.taboola.com/libtrc/meredith-network/ 		1 MB
86 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c7e530b39de2238b0551f68526c1067b23363897d88be4c218d4d124f3fa6c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
1NCmmi5DpcRqOX0sh9GHXIyg7jreOWf_
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
5SHW0T8Q3YSBZYDQ
age
6826
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
34
x-amz-replication-status
FAILED
content-length
87308
x-amz-id-2
p1oa1naX5JkWhFc6RL6iTVwU8RoJYKyNOJClKxvFWo2s2zWAdVdUd3ky6NYqZJV52nKCmXd0xgo=
x-served-by
cache-fra-etou8220107-FRA
last-modified
Fri, 15 Dec 2023 16:09:59 UTC
server
nginx
x-timer
S1702663425.008367,VS0,VE2
etag
"5567591311cf4c1e69c0734c2365ec62c3ae8f5a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
31
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
UnitInstreamDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.5/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.6.5/UnitInstreamDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f1e2aff8baeea2cb4962805e9a8f098013c38cae12af54691cfed60a31b9da3

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
180412
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34191
x-served-by
cache-fra-etou8220107-FRA
last-modified
Wed, 13 Dec 2023 15:44:08 GMT
server
AmazonS3
x-timer
S1702663425.019879,VS0,VE0
etag
"6864d48baf873d271259624a7f62a8c7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
9R_gz_cETg9mhAQg_GZLAFO_VF_e-ZI-5e4XUk69Q65856V50gEyew==
x-cache-hits
2999
userx.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fd57fcaa8ad308df1294bec4cac27c6d3de96d4ddd8c9ccc0e64bbf53405c1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
0w2Kzly3isndPbrevoFCAXmSdzyXCJks
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
YFCDEYY3N9YCDVEJ
age
113336
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
TNNTZARWu7CjvPpq3w8eYNj4guDerff1G6w2MIBKwqehoxfRml64bg2IpDa0lgf2zGXcIbi7MYg=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 10:34:49 GMT
server
AmazonS3
x-timer
S1702663425.019498,VS0,VE0
etag
"8e107f1dd6be47202c60bb3cae1364bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
54059
distance-from-article.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbff9b65ef8723e80ceca2e6e427a2ab2504dc2ded26428e63b031271efb1567

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
lW7YGGeN6hcYeF66iX_fhz2y856dmCTe
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
A35HNKK4CQS7KMRY
age
113287
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
C8BvsT6/ttWQnxoeCzouv73UXc++BPmkmRIsVo/7NLFd+MMqo5lSFiaV6nQpApCebgyIwjB2O+E=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 10:35:36 GMT
server
AmazonS3
x-timer
S1702663425.019798,VS0,VE0
etag
"dd412c7d99a54edade3091a2b2ef3541"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
8
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
266061
article-detection.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3561c9de219c6c970eee73fe84ad5bf1cabc27795b956a798c9b3c7856e88a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
EIWEQi6Z_h9z4q2CNc_AgVz6tATB9PZJ
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
GM8JVX1ZSFS4MZM8
age
113280
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
BQwo9+Ltxp+C3F2Ho8rGHoSzSfWffzHO6w9UGg+OeTBXyNVyrVWLPvkggxz3Hf8y3+kR8CIhA5k=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 10:35:45 GMT
server
AmazonS3
x-timer
S1702663425.019824,VS0,VE0
etag
"8bd5d4c95ab5925470f34d1b54d8584d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
35
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
265886
article-and-feed-area-scanner.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a790c4426c39f8a3c6d8fbc63bb0921a1679f6e994bc96b14ac212d5f8de1e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
o9NWirnmpyfw_2bfYdpRllp.Avyh8Ij.
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
8E1WM9RDWHE3NAYJ
age
113278
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1149
x-amz-id-2
6eO03uxpowresnLGdiB0ygl94drpYFj1tvvqpmv9JqKDg6HO5t6nRcs22wa98zGMTm2ZC1zbr4s=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 10:35:46 GMT
server
AmazonS3
x-timer
S1702663425.020441,VS0,VE0
etag
"a06e9c954ac81096ccad58bd03650876"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
76
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
85768
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.5/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d14db5aa3a9a0f4c0196782e2f038cf75c37c41b3dee5770c9c73b5f79b5b63

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
181018
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34196
x-served-by
cache-fra-etou8220107-FRA
last-modified
Wed, 13 Dec 2023 15:44:08 GMT
server
AmazonS3
x-timer
S1702663425.020280,VS0,VE0
etag
"c00c10ab2c90d22318ea8bb174cb61ec"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
oVEanwhuuTb2obkvu8uyjVd3Pae76NsuRCS0qcwVvLJ5r8RVeHZopQ==
x-cache-hits
11458
feed-card-placeholder.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dc3395f1ebb5b9a3540c4f66c1137e123f0559efe4ffe7394a036951e8f2150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ljFZxInz.r7lTZ88icjfA0iOUXikUcz6
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
ZK4Z7DD89BBX9YF1
age
113301
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
2mqN8vtFL4Fpfw4k60MAxiU9dHAo3BnWueheaxFd3Ox9ZsQOzCPOwegVQg7F3mEsJ51dbiPHJV8=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 10:35:24 GMT
server
AmazonS3
x-timer
S1702663425.020818,VS0,VE0
etag
"c08dd6376a0e380b7b11e56045024f65"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
44
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
248432
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
30
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1702663425.052389,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
96
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
48
json
hp.taboola.com/graytv-wvirnbc29/trc/3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/graytv-wvirnbc29/trc/3/json?tim=19%3A03%3A45.051&lti=deflated&data=%7B%22id%22%3A952%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663424_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA%22%2C%22ui%22%3A%220167aad8-2067-412a-938b-f7d63337398b-tuctc761a80%22%2C%22uifp%22%3A%220167aad8-2067-412a-938b-f7d63337398b-tuctc761a80%22%2C%22lbt%22%3A1702656228884%2C%22vi%22%3A1702663424238%2C%22cv%22%3A%2220231214-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.29news.com%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7916%2C%22nsid%22%3A%22meredith-network%22%2C%22ad%22%3A%7B%22hp4uGetRegions%22%3Atrue%7D%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20Latest%20Headlines%201%22%2C%22orig_uip%22%3A%22HP%20Latest%20Headlines%201%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20More%20News%201%22%2C%22orig_uip%22%3A%22HP%20More%20News%201%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22ex%22%3A%5B%22%2F2023%2F12%2F15%2Fapplesauce-pouches-may-have-been-intentionally-contaminated-fda-official-says%2F%22%2C%22%2F2023%2F12%2F15%2Fcovenants-reese-dalton-maddie-gardiner-ready-run-unc%2F%22%2C%22%2F2023%2F12%2F15%2Fbiden-envoy-meet-with-abbas-us-floats-possible-palestinian-security-role-postwar-gaza%2F%22%2C%22%2F2023%2F12%2F15%2Fhundreds-used-microcat-during-initial-weeks-program-may-expand%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fpolice-investigating-reported-robbery-albemarle-store-12p%2F%22%2C%22%2Fvideo%2F2023%2F12%2F14%2Fvirginians-concerned-about-holiday-mail-delays-rep-spanberger-says%2F%22%2C%22%2Fvideo%2F2023%2F12%2F14%2Fcharlottesville-area-elks-lodge-giving-60k-nonprofits%2F%22%2C%22%2Fvideo%2F2023%2F12%2F14%2Fmore-charges-coming-suffolk-man-charlottesville-abduction-case%2F%22%2C%22%2F2023%2F12%2F15%2Fteen-girl-hospitalized-after-being-hit-by-school-bus-roanoke%2F%22%2C%22%2F2023%2F12%2F15%2Fvsp-investigating-after-body-found-along-highway%2F%22%2C%22%2F2023%2F12%2F15%2Fpolice-investigating-reported-robbery-albemarle-store%2F%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Latest%20Headlines%201%3Dorganic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%2C%2CHP%20More%20News%201%3Dorganic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22trcDomain%22%3A%22hp.taboola.com%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
82a47b279570ec5ea213da84215bdfb20b8bccb886288e859a9bf5fd1081ceff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
97
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.7139583333333334
x-fastly-to-nlb-rtt
7535
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1702663425.074595,VS0,VE97
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abtests
trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-dupChecker%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1702663425052%7D&tim=19%3A03%3A45.052&id=3127&llvl=2&ri=5936257a6b0ef5c292f4fc00cd45feb5&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663424_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.29news.com
pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-ct%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1702663425052%7D&tim=19%3A03%3A45.052&id=2122&llvl=2&ri=5936257a6b0ef5c292f4fc00cd45feb5&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663424_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.29news.com
pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1702663425053%7D&tim=19%3A03%3A45.053&id=1786&llvl=2&ri=5936257a6b0ef5c292f4fc00cd45feb5&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663424_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.29news.com
pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?route=AM:AM:V&tvi2=11800&tvi48=9598&tvi50=10882&lti=deflated&ri=5936257a6b0ef5c292f4fc00cd45feb5&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663424_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&wi=-7992345245744169175&pt=home&vi=1702663424238&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1702663425019%7D&tim=19%3A03%3A45.019&id=5906&llvl=2&cv=20231214-9-RELEASE&
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
43217
lego-geschenkideen.de/products/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackclk/N789069.3001245TABOOLADE/B30765488.381177129;dc_trk_aid=571769255;dc_trk_cid=204416305;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_tdv=1...
  • https://lego-geschenkideen.de/products/43217?campaign=xmas&utm_source=taboola
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lego-geschenkideen.de/products/43217?campaign=xmas&utm_source=taboola
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
HTTP/1.1
Server
52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-52-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://lego-geschenkideen.de/products/43217?campaign=xmas&utm_source=taboola
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?route=AM:AM:V&tvi2=11800&tvi48=9598&tvi50=10882&lti=deflated&ri=5936257a6b0ef5c292f4fc00cd45feb5&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663424_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&wi=-7992345245744169175&pt=home&vi=1702663424238&d=%7B%22data%22%3A%22%7B%5C%22isSpa%5C%22%3Atrue%2C%5C%22isAngularJs%5C%22%3Afalse%2C%5C%22isAngular%5C%22%3Afalse%2C%5C%22isReact%5C%22%3Atrue%2C%5C%22isVue%5C%22%3Afalse%7D%22%2C%22type%22%3A%22spa-measurements%22%7D&tim=19%3A03%3A45.052&id=6701&llvl=2&cv=20231214-9-RELEASE&
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
16
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7409
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663425.074594,VS0,VE16
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
5d8f748f789a440fe805d5b022f5a86b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d8f748f789a440fe805d5b022f5a86b.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
40be85e49b3f93704d987ffb4512e2017afd68b1e694250399cfec9122849f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d8f748f789a440fe805d5b022f5a86b.jpg
age
5748833
edge-cache-tag
586580346761278615482713400418741491477,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
586580346761278615482713400418741491477,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
143
req-referer
https://adeptosdebancada.com/
content-length
10792
x-request-id
5678ac8bfa6ce65ea7bb1e943d3cad75
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200171-IAD, cache-iad-kcgs7200171-IAD, cache-lax10664-LGB, cache-iad-kjyo7100068-IAD, cache-fra-eddf8230020-FRA
last-modified
Wed, 26 Jul 2023 15:40:41 GMT
server
nginx
x-timer
S1702663425.078531,VS0,VE0
etag
"0a26fdd4ee92a80fce9abc2ae6367ed7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 14, 1, 89, 3
631df4c75b4f02dc29d72a916064592e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b4b79f93d04ee843317ae786148195e7ad8792e9dac286ed0dc3b47f1017e38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
age
4355384
edge-cache-tag
533785047141029851524565568207219022138,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
533785047141029851524565568207219022138,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
112
req-referer
https://tenki.jp/
content-length
20286
x-request-id
b2cfccf2eb4a62b7458d895ecab9bfe5
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100151-IAD, cache-iad-kcgs7200128-IAD, cache-sna10729-LGB, cache-iad-kjyo7100128-IAD, cache-fra-eddf8230020-FRA
last-modified
Sun, 10 Sep 2023 20:16:03 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=26689,owidth=1200,oheight=800,obytes=488780
x-timer
S1702663425.077738,VS0,VE0
etag
"9951a6d43ba0d41d919c7c691018ae42"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 504, 3
8a653486300d8c52f2917d74d7bf0ba9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a653486300d8c52f2917d74d7bf0ba9.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f75dfcbdba9be39242d06661b1f16c62de1a6173e64dba2474f8b3ed42181a4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
11
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a653486300d8c52f2917d74d7bf0ba9.jpg
age
86116
edge-cache-tag
361622521737844553088363406536810830058,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
361622521737844553088363406536810830058,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
178
req-referer
https://wandern24.eu/
content-length
38274
x-request-id
1fa2ac54e584f4253f70cbd59bdb2ff6
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200165-IAD, cache-iad-kiad7000150-IAD, cache-lax-kwhp1940051-LAX, cache-iad-kiad7000056-IAD, cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 15:30:13 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=131213,owidth=1000,oheight=600,obytes=674340,ef=(1,13,17,23,30)
x-timer
S1702663425.078151,VS0,VE11
etag
"0339f7f5d6b4729634f4d9e66cd37e27"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 1
6c4f7419d94152374757fb469f501c9a.jpg
images.taboola.com/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c4f7419d94152374757fb469f501c9a.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3cbc3abef3fe9a054162de67758565065ca58a9e7c2ccacc03f12c833f6a1efd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c4f7419d94152374757fb469f501c9a.jpg
age
3799880
edge-cache-tag
569126397462242710429608695922450715783,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
cache-tag
569126397462242710429608695922450715783,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
248
req-referer
https://dl.gmx.net/
content-length
51396
x-request-id
f967aa0e519f2bed62b89dfc05bf1007
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000050-IAD, cache-iad-kcgs7200044-IAD, cache-lga21949-LGA, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230020-FRA
last-modified
Wed, 01 Nov 2023 12:59:54 GMT
server
nginx
surrogate-reporting
width=1080,height=600,bytes=234342,owidth=1000,oheight=600,obytes=256665
x-timer
S1702663425.078633,VS0,VE0
etag
"619c539ee562158186cbd31e75a92069"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 1, 212
74aa6a0700d807baa40e5b7136c24110.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/74aa6a0700d807baa40e5b7136c24110.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
06ffe7a1a5d90fdce562c52de2954b5ca11983fff1db4c6bc573bda09bdacbf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/74aa6a0700d807baa40e5b7136c24110.jpg
age
1326995
edge-cache-tag
417540723306279814694522687855936531435,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
417540723306279814694522687855936531435,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
170
req-referer
https://cdn.taboola.com/
content-length
24746
x-request-id
8b9a29b4ca4445a5439db3d3cae830e2
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kcgs7200082-IAD, cache-lga21982-LGA, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230020-FRA
last-modified
Thu, 30 Nov 2023 09:27:11 GMT
server
nginx
surrogate-reporting
width=1129,height=628,bytes=64347,owidth=1200,oheight=628,obytes=399994
x-timer
S1702663425.120743,VS0,VE1
etag
"363462cae933be8edaf64515f00baff3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 9, 1
djsam6hxgcwlrfyb74t0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/djsam6hxgcwlrfyb74t0.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
34bbac29263450fa7419fbb99bb4d481ee7b70e3993195e93b24a6688390fa17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/djsam6hxgcwlrfyb74t0.jpg
age
1977151
edge-cache-tag
552484223611607983875918282273428470467,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
552484223611607983875918282273428470467,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
62
req-referer
https://weather.com/
content-length
10524
x-request-id
acea28044bb1f0561844c8e2fb5ce4b0
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000080-IAD, cache-iad-kiad7000117-IAD, cache-lax-kwhp1940096-LAX, cache-iad-kcgs7200096-IAD, cache-fra-eddf8230020-FRA
last-modified
Wed, 22 Nov 2023 20:51:14 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=22570,owidth=800,oheight=450,obytes=21815
x-timer
S1702663425.120299,VS0,VE0
etag
"365def712cbc8c5c45c6459f0c1d51a3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 2
f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2126%2Cx_1%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2126%2Cx_1%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb423582b9ae8da1b09c5bfcee5d7491563ad0a00ef0c75e99e9d0bbc3662fc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2126%2Cx_1%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
age
4780913
edge-cache-tag
409691005524497662989470082405191960683,536504714413833311431724736666244151882,29ecf9b93bbf306179626feeda1fab70
cache-tag
409691005524497662989470082405191960683,536504714413833311431724736666244151882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
539
req-referer
https://www.tvmovie.de/
content-length
157552
x-request-id
22ce0398d7e7fd6a2eff2083a8833137
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kiad7000083-IAD, cache-iad-kjyo7100051-IAD, cache-fra-eddf8230020-FRA
last-modified
Mon, 11 Sep 2023 15:47:51 GMT
server
nginx
surrogate-reporting
width=2126,height=1196,owidth=2128,oheight=1200,obytes=256593
x-timer
S1702663425.119146,VS0,VE2
etag
"472951798c2d16996e6a4b1d0ecdfeab"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 1
409839f5814da4af9798b9c2c99597a8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/409839f5814da4af9798b9c2c99597a8.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8defab2a2ccf0575e3805a5e780a9dba81d6ff898f9af8531264dffd944e1214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/409839f5814da4af9798b9c2c99597a8.jpg
age
1590042
edge-cache-tag
584867077343911572408429671196254320815,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
584867077343911572408429671196254320815,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
85
req-referer
https://www.index.hr/vijesti/clanak/video-megaoluja-u-rusiji-izvanredno-stanje-na-krimu-ovo-je-armagedon/2516026.aspx?index_ref=naslovnica_vijesti_ostalo_d
content-length
14216
x-request-id
506c2530089af52fcdb0df9af08cf1dd
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000054-IAD, cache-iad-kjyo7100049-IAD, cache-lga21951-LGA, cache-iad-kjyo7100040-IAD, cache-fra-eddf8230020-FRA
last-modified
Mon, 27 Nov 2023 08:23:01 GMT
server
nginx
surrogate-reporting
width=750,height=416,bytes=30832,owidth=750,oheight=420,obytes=40853
x-timer
S1702663425.119110,VS0,VE0
etag
"05a9bdae4d7d9b41ef41c6aee7ebcb63"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 2
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
abf68c057b4e82c8d2291dba2f4980eee5378280fe9358c49f88adf452b5f867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
5030715
edge-cache-tag
539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
249
req-referer
https://auto-motor-seite.de/
content-length
62382
x-request-id
3682b69c412c522819dbb327cd439298
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200166-IAD, cache-iad-kcgs7200166-IAD, cache-chi-kigq8000034-CHI, cache-iad-kjyo7100048-IAD, cache-fra-eddf8230020-FRA
last-modified
Sun, 10 Sep 2023 19:03:59 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=118461,owidth=1200,oheight=800,obytes=1756948
x-timer
S1702663425.154266,VS0,VE0
etag
"33d64e6f46762b33b7b0d79ea8388430"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 41, 1, 35, 12
948828d2cbf981ca63d90293a3632a8c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/948828d2cbf981ca63d90293a3632a8c.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
04ed1891ede8f9120734f6c13e8f6fb01027de342373e13dbbf573886a1078e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/948828d2cbf981ca63d90293a3632a8c.png
age
1567902
edge-cache-tag
535583396589244946199483342191156569065,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
535583396589244946199483342191156569065,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
317
req-referer
https://www.werstreamt.es/
content-length
60132
x-request-id
d680ec2da682ca2f9242e045265f4826
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100021-IAD, cache-iad-kjyo7100032-IAD, cache-lga21934-LGA, cache-iad-kcgs7200076-IAD, cache-fra-eddf8230020-FRA
last-modified
Mon, 27 Nov 2023 12:50:28 GMT
server
nginx
surrogate-reporting
width=1920,height=1066,bytes=286752,owidth=1920,oheight=1080,obytes=3529117
x-timer
S1702663425.154194,VS0,VE2
etag
"c4d119115c2755c7d0bf8e0fb5047a63"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 1, 1
12ff71eef5f06498678e3627575ca00b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12ff71eef5f06498678e3627575ca00b.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a838f49e9b9edf2f8236818d9a69beacb3f6c776870fbb9bddaacd2063c8ef37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12ff71eef5f06498678e3627575ca00b.jpg
age
835634
edge-cache-tag
326364151522114477972497735096292784950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
326364151522114477972497735096292784950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
161
expiration
expiry-date="Mon, 11 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.thehindu.com/
content-length
24664
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100074-IAD, cache-iad-kjyo7100074-IAD, cache-sna10744-LGB, cache-iad-kiad7000085-IAD, cache-fra-eddf8230020-FRA
last-modified
Fri, 11 Aug 2023 14:47:31 GMT
server
nginx
x-timer
S1702663425.154174,VS0,VE2
etag
"2576c6dcce80a988696837749936445c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 25, 1, 2, 1
ed89af6f1af279bb79a3abdf19499892.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed89af6f1af279bb79a3abdf19499892.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e1e004f4c70dfffe823ed526dc0519b625022cfc3d4325cde69ee367bc9e4420

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed89af6f1af279bb79a3abdf19499892.jpg
age
3303435
edge-cache-tag
530703350846937101190438214570534100145,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
530703350846937101190438214570534100145,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
310
expiration
expiry-date="Mon, 27 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
35176
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100032-IAD, cache-iad-kjyo7100032-IAD, cache-lga21939-LGA, cache-iad-kcgs7200166-IAD, cache-fra-eddf8230020-FRA
last-modified
Fri, 27 Oct 2023 14:05:17 GMT
server
nginx
surrogate-reporting
width=1023,height=568,bytes=124816,owidth=1023,oheight=609,obytes=1038490
x-timer
S1702663425.191857,VS0,VE2
etag
"fd4687aa8f50bbadb05b44dd39d20e1a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 0, 0, 1
434fc2aec9c0fc1e01dbd020427d0bd2.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
960e93d018c45bcf3ec1f8c6094433afdaa268edfd4a1aaf90f4da83a86224d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
age
5535629
edge-cache-tag
557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
cache-tag
557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
283
expiration
expiry-date="Wed, 04 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.radioguetersloh.de/
content-length
53186
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100123-IAD, cache-iad-kiad7000130-IAD, cache-iad-kjyo7100125-IAD, cache-fra-eddf8230020-FRA
last-modified
Sun, 03 Sep 2023 14:48:55 GMT
server
nginx
surrogate-reporting
width=2048,height=1152,owidth=2048,oheight=3072,obytes=423405
x-timer
S1702663425.212327,VS0,VE0
etag
"eb9ab7a7acee76059b3d4e6f6dd7935c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 569
50819fcde7813c5acd208424238c4af6.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_1000%2Cx_0%2Cy_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_1000%2Cx_0%2Cy_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50819fcde7813c5acd208424238c4af6.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f304e1b6e0cf794ac6d60dab66cde75213410d5b3c26f0598996ac09dbf1eb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.3333%2Cw_1000%2Cx_0%2Cy_134/http%3A//cdn.taboola.com/libtrc/static/thumbnails/50819fcde7813c5acd208424238c4af6.jpg
age
542129
edge-cache-tag
347069272109224579417698434331925769915,549349036258431556078759018008273182566,29ecf9b93bbf306179626feeda1fab70
cache-tag
347069272109224579417698434331925769915,549349036258431556078759018008273182566,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
738
req-referer
https://ads.taboola.com/
content-length
95654
x-request-id
3de3a3fc81bed638119ff4f31c357485
x-backend-name
US_nlb104
x-served-by
cache-iad-kjyo7100023-IAD, cache-iad-kiad7000058-IAD, cache-lga21978-LGA, cache-iad-kiad7000177-IAD, cache-fra-eddf8230020-FRA
last-modified
Sat, 09 Dec 2023 11:27:57 GMT
server
nginx
surrogate-reporting
width=1000,height=750,bytes=143752,owidth=1000,oheight=1000,obytes=697811
x-timer
S1702663425.212347,VS0,VE2
etag
"cacb84d3957e6cf391c314b03417a555"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		138 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-516310.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985e21298ee9f5e3c80214000d34a1827d8032d57422934f2feef400fa591f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
2, 1
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
6T8EQD04FMBV2YR4
age
2078660
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
40656
x-amz-id-2
NXy3xO+Gm9ocEKnOXL2ZSdoY8Vf24Cir6GUW/7ATFl+MxpLEGtHyPST3rtaUMzuEbOUH2BhrxI8=
x-served-by
cache-iad-kcgs7200066-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 15 Oct 2023 07:17:24 GMT
server
cloudflare
x-timer
S1702663425.284680,VS0,VE20
etag
"3418050a21530b192c1bab2fc7e163b1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83609ae7ef6339d4-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=8ccd8652d5af056f528fd249c99997d9&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663424_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&d=%7B%22type%22%3A%22videoReel-pageload%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=19%3A03%3A45.101&id=9621&llvl=2&cv=20231214-9-RELEASE&
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7509
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663425.212883,VS0,VE14
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
supply-feature
trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/graytv-wvirnbc29/log/3/supply-feature?lti=deflated&ri=5936257a6b0ef5c292f4fc00cd45feb5&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663424_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%222.6875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=19%3A03%3A45.126&id=9413&llvl=2&cv=20231214-9-RELEASE&
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
5d8f748f789a440fe805d5b022f5a86b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d8f748f789a440fe805d5b022f5a86b.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
40be85e49b3f93704d987ffb4512e2017afd68b1e694250399cfec9122849f28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5d8f748f789a440fe805d5b022f5a86b.jpg
age
5748833
edge-cache-tag
586580346761278615482713400418741491477,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
586580346761278615482713400418741491477,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
143
req-referer
https://adeptosdebancada.com/
content-length
10792
x-request-id
5678ac8bfa6ce65ea7bb1e943d3cad75
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200171-IAD, cache-iad-kcgs7200171-IAD, cache-lax10664-LGB, cache-iad-kjyo7100068-IAD, cache-fra-eddf8230020-FRA
last-modified
Wed, 26 Jul 2023 15:40:41 GMT
server
nginx
x-timer
S1702663425.222594,VS0,VE0
etag
"0a26fdd4ee92a80fce9abc2ae6367ed7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 14, 1, 89, 4
631df4c75b4f02dc29d72a916064592e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b4b79f93d04ee843317ae786148195e7ad8792e9dac286ed0dc3b47f1017e38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/631df4c75b4f02dc29d72a916064592e.png
age
4355384
edge-cache-tag
533785047141029851524565568207219022138,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
533785047141029851524565568207219022138,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
112
req-referer
https://tenki.jp/
content-length
20286
x-request-id
b2cfccf2eb4a62b7458d895ecab9bfe5
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100151-IAD, cache-iad-kcgs7200128-IAD, cache-sna10729-LGB, cache-iad-kjyo7100128-IAD, cache-fra-eddf8230020-FRA
last-modified
Sun, 10 Sep 2023 20:16:03 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=26689,owidth=1200,oheight=800,obytes=488780
x-timer
S1702663425.222918,VS0,VE0
etag
"9951a6d43ba0d41d919c7c691018ae42"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 504, 4
8a653486300d8c52f2917d74d7bf0ba9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a653486300d8c52f2917d74d7bf0ba9.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f75dfcbdba9be39242d06661b1f16c62de1a6173e64dba2474f8b3ed42181a4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8a653486300d8c52f2917d74d7bf0ba9.jpg
age
86116
edge-cache-tag
361622521737844553088363406536810830058,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
361622521737844553088363406536810830058,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
178
req-referer
https://wandern24.eu/
content-length
38274
x-request-id
1fa2ac54e584f4253f70cbd59bdb2ff6
x-backend-name
LA_nlb204
x-served-by
cache-iad-kcgs7200165-IAD, cache-iad-kiad7000150-IAD, cache-lax-kwhp1940051-LAX, cache-iad-kiad7000056-IAD, cache-fra-eddf8230020-FRA
last-modified
Thu, 14 Dec 2023 15:30:13 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=131213,owidth=1000,oheight=600,obytes=674340,ef=(1,13,17,23,30)
x-timer
S1702663425.222902,VS0,VE0
etag
"0339f7f5d6b4729634f4d9e66cd37e27"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1, 2
6c4f7419d94152374757fb469f501c9a.jpg
images.taboola.com/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c4f7419d94152374757fb469f501c9a.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3cbc3abef3fe9a054162de67758565065ca58a9e7c2ccacc03f12c833f6a1efd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_423,w_760,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6c4f7419d94152374757fb469f501c9a.jpg
age
3799880
edge-cache-tag
569126397462242710429608695922450715783,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
cache-tag
569126397462242710429608695922450715783,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
248
req-referer
https://dl.gmx.net/
content-length
51396
x-request-id
f967aa0e519f2bed62b89dfc05bf1007
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000050-IAD, cache-iad-kcgs7200044-IAD, cache-lga21949-LGA, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230020-FRA
last-modified
Wed, 01 Nov 2023 12:59:54 GMT
server
nginx
surrogate-reporting
width=1080,height=600,bytes=234342,owidth=1000,oheight=600,obytes=256665
x-timer
S1702663425.222884,VS0,VE0
etag
"619c539ee562158186cbd31e75a92069"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 1, 213
djsam6hxgcwlrfyb74t0.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/djsam6hxgcwlrfyb74t0.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
34bbac29263450fa7419fbb99bb4d481ee7b70e3993195e93b24a6688390fa17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//c3.taboola.com/libtrc/static/thumbnails/so_auto/f_jpg/v1700686231/djsam6hxgcwlrfyb74t0.jpg
age
1977152
edge-cache-tag
552484223611607983875918282273428470467,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
552484223611607983875918282273428470467,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
62
req-referer
https://weather.com/
content-length
10524
x-request-id
acea28044bb1f0561844c8e2fb5ce4b0
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000080-IAD, cache-iad-kiad7000117-IAD, cache-lax-kwhp1940096-LAX, cache-iad-kcgs7200096-IAD, cache-fra-eddf8230020-FRA
last-modified
Wed, 22 Nov 2023 20:51:14 GMT
server
nginx
surrogate-reporting
width=800,height=444,bytes=22570,owidth=800,oheight=450,obytes=21815
x-timer
S1702663425.236332,VS0,VE0
etag
"365def712cbc8c5c45c6459f0c1d51a3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 3
409839f5814da4af9798b9c2c99597a8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/409839f5814da4af9798b9c2c99597a8.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8defab2a2ccf0575e3805a5e780a9dba81d6ff898f9af8531264dffd944e1214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/409839f5814da4af9798b9c2c99597a8.jpg
age
1590042
edge-cache-tag
584867077343911572408429671196254320815,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
584867077343911572408429671196254320815,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
85
req-referer
https://www.index.hr/vijesti/clanak/video-megaoluja-u-rusiji-izvanredno-stanje-na-krimu-ovo-je-armagedon/2516026.aspx?index_ref=naslovnica_vijesti_ostalo_d
content-length
14216
x-request-id
506c2530089af52fcdb0df9af08cf1dd
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000054-IAD, cache-iad-kjyo7100049-IAD, cache-lga21951-LGA, cache-iad-kjyo7100040-IAD, cache-fra-eddf8230020-FRA
last-modified
Mon, 27 Nov 2023 08:23:01 GMT
server
nginx
surrogate-reporting
width=750,height=416,bytes=30832,owidth=750,oheight=420,obytes=40853
x-timer
S1702663425.251294,VS0,VE0
etag
"05a9bdae4d7d9b41ef41c6aee7ebcb63"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 3
74aa6a0700d807baa40e5b7136c24110.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/74aa6a0700d807baa40e5b7136c24110.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
06ffe7a1a5d90fdce562c52de2954b5ca11983fff1db4c6bc573bda09bdacbf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/74aa6a0700d807baa40e5b7136c24110.jpg
age
1326995
edge-cache-tag
417540723306279814694522687855936531435,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
417540723306279814694522687855936531435,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
170
req-referer
https://cdn.taboola.com/
content-length
24746
x-request-id
8b9a29b4ca4445a5439db3d3cae830e2
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200025-IAD, cache-iad-kcgs7200082-IAD, cache-lga21982-LGA, cache-iad-kcgs7200103-IAD, cache-fra-eddf8230020-FRA
last-modified
Thu, 30 Nov 2023 09:27:11 GMT
server
nginx
surrogate-reporting
width=1129,height=628,bytes=64347,owidth=1200,oheight=628,obytes=399994
x-timer
S1702663425.251441,VS0,VE0
etag
"363462cae933be8edaf64515f00baff3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 9, 2
loader.js
cdn.taboola.com/libtrc/meredith-network/ 		1 MB
85 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
161a116757ff8e6472bea2591e22eb25ef4f3718efd99b26167de1824b300584

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9m4gCxFK1kljirtO.bout6ooYLbFumWm
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
E3ASNRDCZ3106EYJ
age
7158
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
86893
x-amz-id-2
BhpIdrzymQYUO57a7b+Mc5aYogpUlkKp/rDvevkG7YVW6yImd8hhCwCIFi7bqvKwrL7ts9Flkkk=
x-served-by
cache-fra-etou8220107-FRA
last-modified
Fri, 15 Dec 2023 16:04:22 GMT
server
AmazonS3
x-timer
S1702663425.193767,VS0,VE0
etag
"b138f4465e0994828f577920ca4abb93"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
91
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
3
json
hp.taboola.com/graytv-wvirnbc29/trc/3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/graytv-wvirnbc29/trc/3/json?tim=19%3A03%3A45.197&lti=deflated&data=%7B%22id%22%3A983%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663425_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA%22%2C%22ui%22%3A%220167aad8-2067-412a-938b-f7d63337398b-tuctc761a80%22%2C%22uifp%22%3A%220167aad8-2067-412a-938b-f7d63337398b-tuctc761a80%22%2C%22lbt%22%3A1702656228884%2C%22vi%22%3A1702663424238%2C%22cv%22%3A%2220231214-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.29news.com%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7981%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20More%20News%202%22%2C%22orig_uip%22%3A%22HP%20More%20News%202%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22ex%22%3A%5B%22%2F2023%2F12%2F15%2Fapplesauce-pouches-may-have-been-intentionally-contaminated-fda-official-says%2F%22%2C%22%2F2023%2F12%2F15%2Fcovenants-reese-dalton-maddie-gardiner-ready-run-unc%2F%22%2C%22%2F2023%2F12%2F15%2Fbiden-envoy-meet-with-abbas-us-floats-possible-palestinian-security-role-postwar-gaza%2F%22%2C%22%2F2023%2F12%2F15%2Fhundreds-used-microcat-during-initial-weeks-program-may-expand%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fpolice-investigating-reported-robbery-albemarle-store-12p%2F%22%2C%22%2Fvideo%2F2023%2F12%2F14%2Fvirginians-concerned-about-holiday-mail-delays-rep-spanberger-says%2F%22%2C%22%2Fvideo%2F2023%2F12%2F14%2Fcharlottesville-area-elks-lodge-giving-60k-nonprofits%2F%22%2C%22%2Fvideo%2F2023%2F12%2F14%2Fmore-charges-coming-suffolk-man-charlottesville-abduction-case%2F%22%2C%22%2F2023%2F12%2F15%2Fteen-girl-hospitalized-after-being-hit-by-school-bus-roanoke%2F%22%2C%22%2F2023%2F12%2F15%2Fvsp-investigating-after-body-found-along-highway%2F%22%2C%22%2F2023%2F12%2F15%2Fpolice-investigating-reported-robbery-albemarle-store%2F%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20More%20News%202%3Dorganic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_3%22%2C%22trcDomain%22%3A%22hp.taboola.com%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1040189a3de7a4b00f8babef951ba20f6e5197aadf578393528ba679eaa99dfd

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
53
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.7197916666666666
x-fastly-to-nlb-rtt
7626
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1702663425.193837,VS0,VE53
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2126%2Cx_1%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2126%2Cx_1%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb423582b9ae8da1b09c5bfcee5d7491563ad0a00ef0c75e99e9d0bbc3662fc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2126%2Cx_1%2Cy_0/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f5065e2c-2992-4b65-bb3a-faeddb6741d6__wcqES65c.jpg
age
4780913
edge-cache-tag
409691005524497662989470082405191960683,536504714413833311431724736666244151882,29ecf9b93bbf306179626feeda1fab70
cache-tag
409691005524497662989470082405191960683,536504714413833311431724736666244151882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
539
req-referer
https://www.tvmovie.de/
content-length
157552
x-request-id
22ce0398d7e7fd6a2eff2083a8833137
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kiad7000083-IAD, cache-iad-kjyo7100051-IAD, cache-fra-eddf8230020-FRA
last-modified
Mon, 11 Sep 2023 15:47:51 GMT
server
nginx
surrogate-reporting
width=2126,height=1196,owidth=2128,oheight=1200,obytes=256593
x-timer
S1702663425.254725,VS0,VE0
etag
"472951798c2d16996e6a4b1d0ecdfeab"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 2
2f87776b3580b772c988979fccc36347.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
abf68c057b4e82c8d2291dba2f4980eee5378280fe9358c49f88adf452b5f867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2f87776b3580b772c988979fccc36347.png
age
5030715
edge-cache-tag
539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
539264722275397693898618951167535693130,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
249
req-referer
https://auto-motor-seite.de/
content-length
62382
x-request-id
3682b69c412c522819dbb327cd439298
x-backend-name
CH_nlb802
x-served-by
cache-iad-kcgs7200166-IAD, cache-iad-kcgs7200166-IAD, cache-chi-kigq8000034-CHI, cache-iad-kjyo7100048-IAD, cache-fra-eddf8230020-FRA
last-modified
Sun, 10 Sep 2023 19:03:59 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=118461,owidth=1200,oheight=800,obytes=1756948
x-timer
S1702663425.254677,VS0,VE0
etag
"33d64e6f46762b33b7b0d79ea8388430"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 41, 1, 35, 13
948828d2cbf981ca63d90293a3632a8c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/948828d2cbf981ca63d90293a3632a8c.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
04ed1891ede8f9120734f6c13e8f6fb01027de342373e13dbbf573886a1078e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/948828d2cbf981ca63d90293a3632a8c.png
age
1567902
edge-cache-tag
535583396589244946199483342191156569065,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
535583396589244946199483342191156569065,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
317
req-referer
https://www.werstreamt.es/
content-length
60132
x-request-id
d680ec2da682ca2f9242e045265f4826
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100021-IAD, cache-iad-kjyo7100032-IAD, cache-lga21934-LGA, cache-iad-kcgs7200076-IAD, cache-fra-eddf8230020-FRA
last-modified
Mon, 27 Nov 2023 12:50:28 GMT
server
nginx
surrogate-reporting
width=1920,height=1066,bytes=286752,owidth=1920,oheight=1080,obytes=3529117
x-timer
S1702663425.255124,VS0,VE0
etag
"c4d119115c2755c7d0bf8e0fb5047a63"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 1, 2
12ff71eef5f06498678e3627575ca00b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12ff71eef5f06498678e3627575ca00b.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a838f49e9b9edf2f8236818d9a69beacb3f6c776870fbb9bddaacd2063c8ef37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/12ff71eef5f06498678e3627575ca00b.jpg
age
835634
edge-cache-tag
326364151522114477972497735096292784950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
326364151522114477972497735096292784950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
161
expiration
expiry-date="Mon, 11 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.thehindu.com/
content-length
24664
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100074-IAD, cache-iad-kjyo7100074-IAD, cache-sna10744-LGB, cache-iad-kiad7000085-IAD, cache-fra-eddf8230020-FRA
last-modified
Fri, 11 Aug 2023 14:47:31 GMT
server
nginx
x-timer
S1702663425.255094,VS0,VE0
etag
"2576c6dcce80a988696837749936445c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 25, 1, 2, 2
ed89af6f1af279bb79a3abdf19499892.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed89af6f1af279bb79a3abdf19499892.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e1e004f4c70dfffe823ed526dc0519b625022cfc3d4325cde69ee367bc9e4420

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ed89af6f1af279bb79a3abdf19499892.jpg
age
3303435
edge-cache-tag
530703350846937101190438214570534100145,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
530703350846937101190438214570534100145,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time
310
expiration
expiry-date="Mon, 27 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
35176
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100032-IAD, cache-iad-kjyo7100032-IAD, cache-lga21939-LGA, cache-iad-kcgs7200166-IAD, cache-fra-eddf8230020-FRA
last-modified
Fri, 27 Oct 2023 14:05:17 GMT
server
nginx
surrogate-reporting
width=1023,height=568,bytes=124816,owidth=1023,oheight=609,obytes=1038490
x-timer
S1702663425.265504,VS0,VE0
etag
"fd4687aa8f50bbadb05b44dd39d20e1a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 0, 0, 2
434fc2aec9c0fc1e01dbd020427d0bd2.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
960e93d018c45bcf3ec1f8c6094433afdaa268edfd4a1aaf90f4da83a86224d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_2048%2Cx_0%2Cy_388/http%3A//cdn.taboola.com/libtrc/static/thumbnails/434fc2aec9c0fc1e01dbd020427d0bd2.jpg
age
5535629
edge-cache-tag
557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
cache-tag
557826513005111748038710872403493155354,398760349672635103742853848798208124224,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
283
expiration
expiry-date="Wed, 04 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.radioguetersloh.de/
content-length
53186
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100123-IAD, cache-iad-kiad7000130-IAD, cache-iad-kjyo7100125-IAD, cache-fra-eddf8230020-FRA
last-modified
Sun, 03 Sep 2023 14:48:55 GMT
server
nginx
surrogate-reporting
width=2048,height=1152,owidth=2048,oheight=3072,obytes=423405
x-timer
S1702663425.265688,VS0,VE0
etag
"eb9ab7a7acee76059b3d4e6f6dd7935c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 570
loader.js
cdn.taboola.com/libtrc/meredith-network/ 		1 MB
86 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60fc4ac5722b3fc717e3e8f607adaa79c5b1b9be41af697590aa08b2a2ca3a18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
1NCmmi5DpcRqOX0sh9GHXIyg7jreOWf_
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
5SHW0T8Q3YSBZYDQ
age
6842
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
31
x-amz-replication-status
FAILED
content-length
87551
x-amz-id-2
p1oa1naX5JkWhFc6RL6iTVwU8RoJYKyNOJClKxvFWo2s2zWAdVdUd3ky6NYqZJV52nKCmXd0xgo=
x-served-by
cache-fra-etou8220107-FRA
last-modified
Fri, 15 Dec 2023 16:09:42 UTC
server
nginx
x-timer
S1702663425.264694,VS0,VE2
etag
"dc8a35929900abbd441bbd8185ab67390fa0e587"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
1
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
532.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		66 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/532.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8bd226cdf91c81d69a90eec8ded92138adf203d05cbab1f09f68d85bc6baf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 1
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
E50DXZWCFM8SD1G3
age
2078660
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
8552
x-amz-id-2
lmDeFatEHNenkNDbP4VLAqQa/L7DxzNCyLr7GJKLD/BlZp9ivZYvWMh27O5FajnIU8Vl3RW0NHE=
x-served-by
cache-iad-kiad7000037-IAD, cache-fra-eddf8230098-FRA
last-modified
Sun, 15 Oct 2023 07:17:17 GMT
server
cloudflare
x-timer
S1702663425.355470,VS0,VE1
etag
"c4a13ea4e02c933cce4586fa1e25c0b6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83609ae8584039d4-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
_.gif
counter.tldw.me/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83609ae8787139d4-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Fri, 15 Dec 2023 18:03:45 GMT
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=8ccd8652d5af056f528fd249c99997d9&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663425_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&d=%7B%22type%22%3A%22videoReel-compatible%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=19%3A03%3A45.343&id=9194&llvl=2&cv=20231214-9-RELEASE&
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
21
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7339
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663425.342544,VS0,VE21
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css
fonts.googleapis.com/ 		2 KB
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a80283a2a54ea158b37690f2c26663c329737910163b122fed2c5766c9b95962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 17:56:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Dec 2023 18:03:45 GMT
784.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/784.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa0fe7bfa14cc45a5b9b0c5eee68844d87dd5c8bf88eab7f416065a54e2dde9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 1
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
KM8SHMEQWQ1VN78B
age
2078650
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1848
x-amz-id-2
zaGaLHV+M4w5ZDb52nTAn49s+fEkf6Vv8o7Fhbpb80G878MHBsBLQeUXKe8Fo0QZXihkPHYDzLc=
x-served-by
cache-iad-kcgs7200110-IAD, cache-fra-eddf8230098-FRA
last-modified
Sun, 15 Oct 2023 07:17:14 GMT
server
cloudflare
x-timer
S1702663425.387718,VS0,VE1
etag
"ae6b74a655637d6517be20402b28429d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83609ae8686139d4-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
298.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/298.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44948fce039263b30389aba4b5d19d5723382b84cc9a7a56887324c650d61a48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 1
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
E503FA53NK04JEG6
age
2078660
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
2695
x-amz-id-2
aZPTAKUuFH8m3V+ljerieyONnhEcKlFx1rdMop7NFwlW2BbdkaaxZczoyU4Ohvqq9SK+tlD0uEU=
x-served-by
cache-iad-kjyo7100026-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 15 Oct 2023 07:17:08 GMT
server
cloudflare
x-timer
S1702663425.377442,VS0,VE4
etag
"d4b536dd2bb2bd6c4ca716af3c7490a1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83609ae8686739d4-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=8ccd8652d5af056f528fd249c99997d9&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663425_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&d=%7B%22type%22%3A%22videoReel-available%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=19%3A03%3A45.350&id=5303&llvl=2&cv=20231214-9-RELEASE&
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
27
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7210
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663425.347341,VS0,VE27
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
v-7ea5389f-96fd-41c9-3295486-a604-f38083128c5f-s33.534-39.273tvl.mp4
apv-static.tldw.me/videos/ 		35 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-7ea5389f-96fd-41c9-3295486-a604-f38083128c5f-s33.534-39.273tvl.mp4
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
dYQgCL0cRifx4omkhoa_QHB1XohzP_.D
via
1.1 varnish, 1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
MJMV54VA38JAGVEM
age
2077717
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 0-644762/644763
Content-Length
644763
x-amz-id-2
3Rk8mT3qWi6Yzex30vezTkOpHmx61k5A3bKAFrwylwOw06edVCl9Cor0ErYRf7Rg8MdxYX6YRPk=
x-served-by
cache-iad-kcgs7200129-IAD, cache-fra-eddf8230048-FRA
last-modified
Thu, 09 Nov 2023 21:51:02 GMT
server
AmazonS3
x-timer
S1702663426.557813,VS0,VE2
etag
"95572b03cac8382eb811e055a8ac33ab"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
30064, 0
9d280cc8-045a-4d5e-8151-0915b70011c0
https://www.29news.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.29news.com/9d280cc8-045a-4d5e-8151-0915b70011c0
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
6b3ca6cfa736e74ef0387a247448961e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_567%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_567%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b3ca6cfa736e74ef0387a247448961e.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fafd3cf4b67f4f7340c4423a76bbda5ad1fa26a9c84efe4ad59e97e4278267da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_567%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6b3ca6cfa736e74ef0387a247448961e.png
age
3836571
edge-cache-tag
408883170157711696553231435588959151478,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
408883170157711696553231435588959151478,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
266
expiration
expiry-date="Sat, 23 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://bridesblush.com/
content-length
34084
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000145-IAD, cache-iad-kiad7000145-IAD, cache-fty13725-FTY, cache-iad-kcgs7200164-IAD, cache-fra-eddf8230020-FRA
last-modified
Wed, 23 Aug 2023 13:48:59 GMT
server
nginx
x-timer
S1702663425.355188,VS0,VE5
etag
"48a790f4945d236028851bd987fd9dc1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 25, 0, 8, 1
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 16:39:23 GMT
x-content-type-options
nosniff
age
5062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20824
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 16:39:23 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=624&height=350&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1702663425404&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1584&pt=243642557&tz=60&viewable=true&ddast=V8K8UCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYGDtAEmuJqaVYzlxi2ym0Vq02I3WCuPCs5Y4d6vZZmXbLJe7ISDJ1cS0ciwnbpHNNFqLFrvRWmFceNYS524126xsm-VyNwUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8h4y_7YZw3iH5EC2iKMAAAAAMiKRhcemaQTVCyq_P__91sBuAIAEMDoZpqAk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpAxrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyPdC0VG2VZ0IKfSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDCwmO0WDpNxLRnMdmvRYrJwKzfDiVvmG9k2m81usxxO3KLXx_TxzRYL42CLBANI9iJ5WqQT0czhcg43E9tutjCsHC7HYGJZGXcT32i38iwWE4tYojlZpBPZZd8xrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyLyxmu4XDZFxLBrPdWrSYLNzKzXDilvlGts1ms9sshxO36PUxfXyzxcI42Dd2g8lsthlNRvvGbjCZzTajyWjfYTI9U5-z0bU8pj0-bdI2FHtsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7IZzxWwylwyWc8Vms0oAAAAAAAAAAJZgmukmAAAAAE4GMZwMh7t1OpjJcjGZjJYLwMJLUhcwCAAAAAAAwK7ICj6sEJH_lGKNPQZxlofzdHvrbk_L3eKxLKcMAKDgkNlmnxHEWq2WNQAAAAFsAAAAAdx0401AKBT3____Pw4AAICMHHoAAABr-4CWjlwp9MKR-BXEYDic7B-ACrFWq9XtxlqtVsAC2sxGown8____JwgAAAAAAKAiCA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3291224&dpubid=182887&abtst=adxsub-out_vA!adxsub-out_vB!DLR_vA!video-reel_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.29news.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4343c5d3d3bbc10207b39d4a9d3aa90870945b30cf4ba8ef593b32b3d4d827a

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1417
x-cache
MISS
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663425.402628,VS0,VE242
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://ioms.bfmio.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8K8UCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYGDtAEmuJqaVYzlxi2ym0Vq02I3WCuPCs5Y4d6vZZmXbLJe7ISDJ1cS0ciwnbpHNNFqLFrvRWmFceNYS524126xsm-VyNwUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8h4y_7YZw3iH5EC2iKMAAAAAMiKRhcemaQTVCyq_P__91sBuAIAEMDoZpqAk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpAxrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyPdC0VG2VZ0IKfSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDCwmO0WDpNxLRnMdmvRYrJwKzfDiVvmG9k2m81usxxO3KLXx_TxzRYL42CLBANI9iJ5WqQT0czhcg43E9tutjCsHC7HYGJZGXcT32i38iwWE4tYojlZpBPZZd8xrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyLyxmu4XDZFxLBrPdWrSYLNzKzXDilvlGts1ms9sshxO36PUxfXyzxcI42Dd2g8lsthlNRvvGbjCZzTajyWjfYTI9U5-z0bU8pj0-bdI2FHtsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7IZzxWwylwyWc8Vms0oAAAAAAAAAAJZgmukmAAAAAE4GMZwMh7t1OpjJcjGZjJYLwMJLUhcwCAAAAAAAwK7ICj6sEJH_lGKNPQZxlofzdHvrbk_L3eKxLKcMAKDgkNlmnxHEWq2WNQAAAAFsAAAAAdx0401AKBT3____Pw4AAICMHHoAAABr-4CWjlwp9MKR-BXEYDic7B-ACrFWq9XtxlqtVsAC2sxGown8____JwgAAAAAAKAiCA!&cmcv=&pix=31589837&cb=1702663425402&uv=3366&tms=1702663425402&abt=adxsub-out_vA!adxsub-out_vB!DLR_vA!video-reel_vA&ft=0&unm=INSTREAM&debug=pn:!sqg:!torgn:1702663421758.5!ts:1702663425402&mntl=1
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
content-length
0
server
nginx
st
imprammp.taboola.com/ 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8K8UCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYGDtAEmuJqaVYzlxi2ym0Vq02I3WCuPCs5Y4d6vZZmXbLJe7ISDJ1cS0ciwnbpHNNFqLFrvRWmFceNYS524126xsm-VyNwUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8h4y_7YZw3iH5EC2iKMAAAAAMiKRhcemaQTVCyq_P__91sBuAIAEMDoZpqAk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpAxrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyPdC0VG2VZ0IKfSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDCwmO0WDpNxLRnMdmvRYrJwKzfDiVvmG9k2m81usxxO3KLXx_TxzRYL42CLBANI9iJ5WqQT0czhcg43E9tutjCsHC7HYGJZGXcT32i38iwWE4tYojlZpBPZZd8xrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyLyxmu4XDZFxLBrPdWrSYLNzKzXDilvlGts1ms9sshxO36PUxfXyzxcI42Dd2g8lsthlNRvvGbjCZzTajyWjfYTI9U5-z0bU8pj0-bdI2FHtsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7IZzxWwylwyWc8Vms0oAAAAAAAAAAJZgmukmAAAAAE4GMZwMh7t1OpjJcjGZjJYLwMJLUhcwCAAAAAAAwK7ICj6sEJH_lGKNPQZxlofzdHvrbk_L3eKxLKcMAKDgkNlmnxHEWq2WNQAAAAFsAAAAAdx0401AKBT3____Pw4AAICMHHoAAABr-4CWjlwp9MKR-BXEYDic7B-ACrFWq9XtxlqtVsAC2sxGown8____JwgAAAAAAKAiCA!&cmcv=&pix=undefined&cb=1702663425402&uv=3366&tms=1702663425402&abt=adxsub-out_vA!adxsub-out_vB!DLR_vA!video-reel_vA&ft=0&unm=INSTREAM&aure=false&agl=1&cirid=95b4e19b-df44-4174-a8a3-b97563e63997&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish
server
nginx
x-timer
S1702663425.402593,VS0,VE33
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-fra-eddf8230020-FRA
st
imprammp.taboola.com/ Frame D758 		577 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&cmcv=&pix=undefined&cb=1702663425407&uv=3366&tms=1702663425407&abt=adxsub-out_vA!adxsub-out_vB!DLR_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3078f4f4-b55b-426a-be5c-04d8617c378f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6765d598bfdef6b5ab0b3be92c39ca5e2bd005fac7af53c517b2399e27f045ef

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 15 Dec 2023 18:03:45 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230020-FRA
x-timer
S1702663425.404304,VS0,VE10
sync
am-match.taboola.com/ Frame DFA9 		422 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
9f1ff13991eb52a4b5705703d36013d267abd0254675a9a274b63fdfd82d7ee7

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 15 Dec 2023 18:03:45 GMT
machineid
3406
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_6/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_6/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702116162
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HCHVZ7SXP7T37BH0
age
547200
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702116162
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
L2jWu7MX3xfC4Mc2+nQqZB9Wfg2/x/II4i9PpcUogNqF+GU2YEG3GuC36JTZcdwEVKPn5nlKT+M=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Sat, 09 Dec 2023 10:02:44 GMT
server
AmazonS3-br
x-timer
S1702663425.411505,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
59625
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_6_6/infra/ 		603 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_6/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5fdad21c88225ca3183feec6ab65d4c4c986a35e6d6ab46ec57fc6e6c8364897

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702116152
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HCHYNWXW5WF2GPVQ
age
547201
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702116153
x-amz-meta-mode
33188
content-length
123361
x-amz-id-2
3SnVOYgc1hXPVQChaeR3PLgGgOvt2IODyZh6+FAfXvbZsOakyl2ZNUFHbJ2fVgS+c0fuXyjbrcw=
x-served-by
cache-fra-etou8220107-FRA
last-modified
Sat, 09 Dec 2023 10:02:34 GMT
server
AmazonS3-br
x-timer
S1702663425.409230,VS0,VE0
etag
"78362b805537d200921cfcb71c8b2d71"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
3043
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&cmcv=&pix=31589837&cb=1702663425407&uv=3366&tms=1702663425407&abt=adxsub-out_vA!adxsub-out_vB!DLR_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1702663421758.5!ts:1702663425407&mntl=1
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame D758 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&cmcv=&pix=undefined&cb=1702663425407&uv=3366&tms=1702663425407&abt=adxsub-out_vA!adxsub-out_vB!DLR_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3078f4f4-b55b-426a-be5c-04d8617c378f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D758
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&cmcv=&pix=undefined&cb=1702663425407&uv=3366&tms=1702663425407&abt=adxsub-out_vA!adxsub-out_vB!DLR_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3078f4f4-b55b-426a-be5c-04d8617c378f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17660

Redirect headers

date
Fri, 15 Dec 2023 18:03:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
content-length
0
usync.html
eus.rubiconproject.com/ Frame C73B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&cmcv=&pix=undefined&cb=1702663425407&uv=3366&tms=1702663425407&abt=adxsub-out_vA!adxsub-out_vB!DLR_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=3078f4f4-b55b-426a-be5c-04d8617c378f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Dec 2023 18:03:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/ 		428 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_6/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
76c009cddf9e13e03f1c6ab8f56e2a0472c57ae0123bf4ad8ff383f61e45c382

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702376628
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
8SXY84F0YGYMZ0G8
age
286749
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702376641
x-amz-meta-mode
33188
content-length
82265
x-amz-id-2
A9HamS7JPpYSOE0Q8mU05u0wZK8mwwmTmaZ3GYCgKxOfWX7iCF2+L+07Xbu1YpucGAlvNFCu3LY=
x-served-by
cache-fra-etou8220107-FRA
last-modified
Tue, 12 Dec 2023 10:24:02 GMT
server
AmazonS3-br
x-timer
S1702663425.473636,VS0,VE0
etag
"3c4e11167fa4904c28b5e4f28dcc6a15"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
75257
sync
am-match.taboola.com/ Frame 4822 		577 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_6/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6765d598bfdef6b5ab0b3be92c39ca5e2bd005fac7af53c517b2399e27f045ef

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 15 Dec 2023 18:03:45 GMT
machineid
3408
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
3454517
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1702663425.496775,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
1119587
generic
match.adsrvr.org/track/cmf/ Frame DFA9 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame DFA9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17660

Redirect headers

date
Fri, 15 Dec 2023 18:03:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
content-length
0
sync
x.bidswitch.net/ Frame DFA9 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 4822 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 4822
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17660

Redirect headers

date
Fri, 15 Dec 2023 18:03:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
content-length
0
usync.html
eus.rubiconproject.com/ Frame 7CD9 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V860MCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYID-AMkMdsOZaWZaS1yriVs0mS3cEpdr4xaMRsbZYrfx7IYzIyCZwW44M81Ma4lrNXGLJrOFW-JybdyC0cg4W-w2nt1wZgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQ7KHmVraSWq1iRSEFmEEAAAAQFY0uvDIJJ2gYlHl__-_3wrAFQCAAEY30wSrLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gIxxZRrtNraZzTmxjQYzw8I4ms1cs-Fg5Vp4lpPtgaalaqs8E1LoIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwQDi9lu4TAZ15LBbLcWLSYLt3IznLhlvpFts9nsNsvhxC16fUwf32yxMA62SDCAZC-Sp0U6Ec0cLudwM7HtZgvDyuFyDCaWlXE38Y12K89iMbGIJZqTRTqRXfYd48o02m1sM5tzYhsNZoaFcTSbuWbDwcq18Cwn-8Jitls4TMa1ZDDbrUWLycKt3AwnbplvZNtsNrvNcjhxi14f08c3WyyMg31jN5jMZpvRZLRv7AaT2Wwzmoz2HSbTM_U5G13LY9rj0yZtQ7HH5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R89xG44V8wmc8lgOVdsNqsEAAAAAAAAAGAJppluAgAAAOBkEMPJcLhbp4NZbEa72Wq5ACy8JHUBgwAAAAAAAOyKrODDChH5TynW2GMQZ3k4T7e37va03C0ey3LKAAAKDplt9hlBrNVqWQMAABDABgAAEMBNN94EhEJx_____-MAAADIyKEHAABAvw8IiQ-lXviRi19BDIbDyf4BqBBrtVrdbqzVagUsoM1sNJrA____f4IAAAAAAAAqgg!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 15 Dec 2023 18:03:45 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
getmu
ioms.bfmio.com/ 		49 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702663425531&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-54-235.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.29news.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
getmu
ioms.bfmio.com/ 		49 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702663425532&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-54-235.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.29news.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C73B 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59c9a98fdce832840396257575b4ee4230d78cdd2a3ec2a631cd56f2ce3b6bab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 18:03:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Dec 2023 09:40:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56151
Connection
keep-alive
Content-Length
13169
Expires
Sat, 16 Dec 2023 09:39:36 GMT
usync.js
eus.rubiconproject.com/ Frame 7CD9 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59c9a98fdce832840396257575b4ee4230d78cdd2a3ec2a631cd56f2ce3b6bab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 18:03:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Dec 2023 09:40:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56151
Connection
keep-alive
Content-Length
13169
Expires
Sat, 16 Dec 2023 09:39:36 GMT
khaos.json
token.rubiconproject.com/ Frame C73B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
js
www.googletagmanager.com/gtag/ Frame 3207 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Requested by
Host: public.tockify.com
URL: https://public.tockify.com//app/736.ef286327c36ee15e6da4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
454fb05f42243a4a03db728c6359956a04646d3d18d9a8fe5fc5aa2a221e493c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86513
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 18:03:45 GMT
khaos.json
token.rubiconproject.com/ Frame 7CD9 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
579d6dd278f76ae39d067788043e4297
Expires
0
js
www.googletagmanager.com/gtag/ Frame 3207 		174 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22922522-3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c24b8afe8be52197c0b7b98074f2596a52ece552411f2ae682642a2d03cb85e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
64854
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 18:03:45 GMT
collect
region1.google-analytics.com/g/ Frame 3207 		0
69 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-794QV8SQ9L&gtm=45je3bt0v873184827&_p=1702663424567&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&cid=967425150.1702663426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=%2Fwvir.calendar&dr=https%3A%2F%2Fwww.29news.com%2F&sid=1702663425&sct=1&seg=0&dt=WVIR%20Community%20Calendar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.transport_type=beacon&tfd=1547
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tockify.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ Frame 3207 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-794QV8SQ9L&gtm=45je3bt0v873184827&_p=1702663424567&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&cid=967425150.1702663426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=%2Fwvir.calendar%2Fupcoming&dr=https%3A%2F%2Fwww.29news.com%2F&sid=1702663425&sct=1&seg=1&dt=WVIR%20Community%20Calendar&en=page_view&_ee=1&ep.transport_type=beacon&tfd=1550
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tockify.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cmTagINSTREAM.js
vidstat.taboola.com/vpaid/units/33_6_6/infra/ 		472 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_6/infra/cmTagINSTREAM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b16806b2709aef3ada0d67d1cff0815463d0ca249005e5dfe26d86baf896db70

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702116144
date
Fri, 15 Dec 2023 18:03:45 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
A6N0AS2ZNC7S1Z8M
age
547186
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702116144
x-amz-meta-mode
33188
content-length
103965
x-amz-id-2
9tpsMtqgfi4hY9Pc4jf16reQ4Qgq2ss9MfDZPxXGMb5MfhzuyIDFGGkARj+dySqW1Q6lcHwv7fA=
x-served-by
cache-fra-etou8220107-FRA
last-modified
Sat, 09 Dec 2023 10:02:25 GMT
server
AmazonS3-br
x-timer
S1702663426.670362,VS0,VE0
etag
"2fa3276b5eaeecbb45f1adcc0408c852"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
125
analytics.js
www.google-analytics.com/ Frame 3207 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22922522-3&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 17:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
931
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Dec 2023 19:48:14 GMT
v-7ea5389f-96fd-41c9-3295486-a604-f38083128c5f-s33.534-39.273tvl.mp4
apv-static.tldw.me/videos/ 		22 KB
22 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-7ea5389f-96fd-41c9-3295486-a604-f38083128c5f-s33.534-39.273tvl.mp4
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58510177690dcff8a1dac14f3e157717de30611910c7ffc57a44e77746421837

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=622592-

Response headers

x-amz-version-id
dYQgCL0cRifx4omkhoa_QHB1XohzP_.D
via
1.1 varnish, 1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
MJMV54VA38JAGVEM
age
2077717
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 622592-644762/644763
Content-Length
22171
x-amz-id-2
3Rk8mT3qWi6Yzex30vezTkOpHmx61k5A3bKAFrwylwOw06edVCl9Cor0ErYRf7Rg8MdxYX6YRPk=
x-served-by
cache-iad-kcgs7200129-IAD, cache-fra-eddf8230048-FRA
last-modified
Thu, 09 Nov 2023 21:51:02 GMT
server
AmazonS3
x-timer
S1702663426.705793,VS0,VE5
etag
"95572b03cac8382eb811e055a8ac33ab"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
30064, 0
getmu
ioms.bfmio.com/ 		49 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702663425745&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-54-235.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.29news.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.29news.com/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.29news.com/
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17a8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
120
x-arc-pb-request-id
dc7c0b58-a14c-4bb2-9acf-177c39124a14, 6bbe65aa-a37f-4522-b0c7-9eb6d683c650
content-encoding
gzip
date
Fri, 15 Dec 2023 18:03:45 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
FRA56-P4
strict-transport-security
max-age=86400
x-arc-request-id
0.a8163017.1702663425.aebe563
server-timing
cdn-cache; desc=HIT, edge; dur=59, ak_p; desc="1702663425775_389027496_183231843_5862_3941_9_0_146";dur=1
prerender-cache-tag
prerender-gray-wvir-prod-b308edcd
last-modified
Fri, 15 Dec 2023 18:03:42 GMT
server
openresty
etag
W/"b5a3f-uanJJ2UOB3cU5jfuVtS2eZdikx4"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private, max-age=60
x-amz-cf-id
x4oaws-y27rxuSTVnA5nW5fMssZ_Y4or1IlUxZOkLFzK68x-qlKekw==
x-akamai-transformed
9 - 0 pmb=mRUM,2
expires
Fri, 15 Dec 2023 18:04:45 GMT
sync
am-match.taboola.com/ Frame D709 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8K8UCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYGDtAEmuJqaVYzlxi2ym0Vq02I3WCuPCs5Y4d6vZZmXbLJe7ISDJ1cS0ciwnbpHNNFqLFrvRWmFceNYS524126xsm-VyNwUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8h4y_7YZw3iH5EC2iKMAAAAAMiKRhcemaQTVCyq_P__91sBuAIAEMDoZpqAk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpAxrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyPdC0VG2VZ0IKfSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDCwmO0WDpNxLRnMdmvRYrJwKzfDiVvmG9k2m81usxxO3KLXx_TxzRYL42CLBANI9iJ5WqQT0czhcg43E9tutjCsHC7HYGJZGXcT32i38iwWE4tYojlZpBPZZd8xrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyLyxmu4XDZFxLBrPdWrSYLNzKzXDilvlGts1ms9sshxO36PUxfXyzxcI42Dd2g8lsthlNRvvGbjCZzTajyWjfYTI9U5-z0bU8pj0-bdI2FHtsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7IZzxWwylwyWc8Vms0oAAAAAAAAAAJZgmukmAAAAAE4GMZwMh7t1OpjJcjGZjJYLwMJLUhcwCAAAAAAAwK7ICj6sEJH_lGKNPQZxlofzdHvrbk_L3eKxLKcMAKDgkNlmnxHEWq2WNQAAAAFsAAAAAdx0401AKBT3____Pw4AAICMHHoAAABr-4CWjlwp9MKR-BXEYDic7B-ACrFWq9XtxlqtVsAC2sxGown8____JwgAAAAAAKAiCA!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_6/infra/cmTagINSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
9f1ff13991eb52a4b5705703d36013d267abd0254675a9a274b63fdfd82d7ee7

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 15 Dec 2023 18:03:45 GMT
machineid
3407
server
nginx
collect
www.google-analytics.com/ Frame 3207 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=993688372&t=pageview&_s=1&dl=https%3A%2F%2Ftockify.com%2Fwvir.calendar%2Fupcoming&dr=https%3A%2F%2Fwww.29news.com%2F&ul=en-us&de=UTF-8&dt=WVIR%20Community%20Calendar&sd=24-bit&sr=1600x1200&vp=300x406&je=0&_u=YAgAAQABAAAAAAAAIE~&cid=967425150.1702663426&tid=UA-22922522-3&_gid=2043668609.1702663426&gtm=457e3bt0z8873184827&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&jsscut=1&z=2093821136
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 13:43:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
15603
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame D709 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8K8UCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYGDtAEmuJqaVYzlxi2ym0Vq02I3WCuPCs5Y4d6vZZmXbLJe7ISDJ1cS0ciwnbpHNNFqLFrvRWmFceNYS524126xsm-VyNwUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8h4y_7YZw3iH5EC2iKMAAAAAMiKRhcemaQTVCyq_P__91sBuAIAEMDoZpqAk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpAxrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyPdC0VG2VZ0IKfSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDCwmO0WDpNxLRnMdmvRYrJwKzfDiVvmG9k2m81usxxO3KLXx_TxzRYL42CLBANI9iJ5WqQT0czhcg43E9tutjCsHC7HYGJZGXcT32i38iwWE4tYojlZpBPZZd8xrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyLyxmu4XDZFxLBrPdWrSYLNzKzXDilvlGts1ms9sshxO36PUxfXyzxcI42Dd2g8lsthlNRvvGbjCZzTajyWjfYTI9U5-z0bU8pj0-bdI2FHtsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7IZzxWwylwyWc8Vms0oAAAAAAAAAAJZgmukmAAAAAE4GMZwMh7t1OpjJcjGZjJYLwMJLUhcwCAAAAAAAwK7ICj6sEJH_lGKNPQZxlofzdHvrbk_L3eKxLKcMAKDgkNlmnxHEWq2WNQAAAAFsAAAAAdx0401AKBT3____Pw4AAICMHHoAAABr-4CWjlwp9MKR-BXEYDic7B-ACrFWq9XtxlqtVsAC2sxGown8____JwgAAAAAAKAiCA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D709
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8K8UCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYGDtAEmuJqaVYzlxi2ym0Vq02I3WCuPCs5Y4d6vZZmXbLJe7ISDJ1cS0ciwnbpHNNFqLFrvRWmFceNYS524126xsm-VyNwUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8h4y_7YZw3iH5EC2iKMAAAAAMiKRhcemaQTVCyq_P__91sBuAIAEMDoZpqAk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpAxrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyPdC0VG2VZ0IKfSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDCwmO0WDpNxLRnMdmvRYrJwKzfDiVvmG9k2m81usxxO3KLXx_TxzRYL42CLBANI9iJ5WqQT0czhcg43E9tutjCsHC7HYGJZGXcT32i38iwWE4tYojlZpBPZZd8xrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyLyxmu4XDZFxLBrPdWrSYLNzKzXDilvlGts1ms9sshxO36PUxfXyzxcI42Dd2g8lsthlNRvvGbjCZzTajyWjfYTI9U5-z0bU8pj0-bdI2FHtsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7IZzxWwylwyWc8Vms0oAAAAAAAAAAJZgmukmAAAAAE4GMZwMh7t1OpjJcjGZjJYLwMJLUhcwCAAAAAAAwK7ICj6sEJH_lGKNPQZxlofzdHvrbk_L3eKxLKcMAKDgkNlmnxHEWq2WNQAAAAFsAAAAAdx0401AKBT3____Pw4AAICMHHoAAABr-4CWjlwp9MKR-BXEYDic7B-ACrFWq9XtxlqtVsAC2sxGown8____JwgAAAAAAKAiCA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21407

Redirect headers

date
Fri, 15 Dec 2023 18:03:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-KVRKRPNE2oSuwltyRTF_vM5eYa8tUtiiL8G1ng--~A
content-length
0
sync
x.bidswitch.net/ Frame D709 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8K8UCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYGDtAEmuJqaVYzlxi2ym0Vq02I3WCuPCs5Y4d6vZZmXbLJe7ISDJ1cS0ciwnbpHNNFqLFrvRWmFceNYS524126xsm-VyNwUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8h4y_7YZw3iH5EC2iKMAAAAAMiKRhcemaQTVCyq_P__91sBuAIAEMDoZpqAk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpAxrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyPdC0VG2VZ0IKfSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDCwmO0WDpNxLRnMdmvRYrJwKzfDiVvmG9k2m81usxxO3KLXx_TxzRYL42CLBANI9iJ5WqQT0czhcg43E9tutjCsHC7HYGJZGXcT32i38iwWE4tYojlZpBPZZd8xrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyLyxmu4XDZFxLBrPdWrSYLNzKzXDilvlGts1ms9sshxO36PUxfXyzxcI42Dd2g8lsthlNRvvGbjCZzTajyWjfYTI9U5-z0bU8pj0-bdI2FHtsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7IZzxWwylwyWc8Vms0oAAAAAAAAAAJZgmukmAAAAAE4GMZwMh7t1OpjJcjGZjJYLwMJLUhcwCAAAAAAAwK7ICj6sEJH_lGKNPQZxlofzdHvrbk_L3eKxLKcMAKDgkNlmnxHEWq2WNQAAAAFsAAAAAdx0401AKBT3____Pw4AAICMHHoAAABr-4CWjlwp9MKR-BXEYDic7B-ACrFWq9XtxlqtVsAC2sxGown8____JwgAAAAAAKAiCA!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.190.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-190-4.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame B27A 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
an-x-request-uuid
2decf781-2019-4ee9-8e9e-fa48cdb36a60
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 007C 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
an-x-request-uuid
61b3370e-9381-4942-9ad1-1dbf58b3bf9a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 5E69 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
an-x-request-uuid
e60f0e4d-213e-4736-91f9-cd1540fcf50c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 84E8 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
an-x-request-uuid
e61f4322-e156-4b77-8343-65ea118caf6d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v-7ea5389f-96fd-41c9-3295486-a604-f38083128c5f-s33.534-39.273tvl.mp4
apv-static.tldw.me/videos/ 		598 KB
598 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-7ea5389f-96fd-41c9-3295486-a604-f38083128c5f-s33.534-39.273tvl.mp4
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4161e8ddfe2ba801c5127cdff13ec14f7362d0df8e7f52a63200ddc93cbce6e2

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=32768-

Response headers

x-amz-version-id
dYQgCL0cRifx4omkhoa_QHB1XohzP_.D
via
1.1 varnish, 1.1 varnish
date
Fri, 15 Dec 2023 18:03:45 GMT
x-amz-request-id
MJMV54VA38JAGVEM
age
2077717
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 32768-644762/644763
Content-Length
611995
x-amz-id-2
3Rk8mT3qWi6Yzex30vezTkOpHmx61k5A3bKAFrwylwOw06edVCl9Cor0ErYRf7Rg8MdxYX6YRPk=
x-served-by
cache-iad-kcgs7200129-IAD, cache-fra-eddf8230048-FRA
last-modified
Thu, 09 Nov 2023 21:51:02 GMT
server
AmazonS3
x-timer
S1702663426.885623,VS0,VE1
etag
"95572b03cac8382eb811e055a8ac33ab"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
30064, 0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c4443c888946545efa75524ba4fefbdfc13a373742b66a79e9b29ef764d2d52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12337
x-xss-protection
0
/
684dd325.akstat.io/ 		0
202 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://684dd325.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/47DAA-RMGFC-4U4YY-9C4XF-UTQN5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:46 GMT
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Fri, 15 Dec 2023 18:03:46 GMT
bulk
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/bulk?tvi2=11800&tvi48=9598&tvi50=10882&route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
15
date
Fri, 15 Dec 2023 18:03:46 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7472
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663426.083457,VS0,VE15
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visible
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/visible?tvi2=11800&tvi48=9598&tvi50=10882&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
16
date
Fri, 15 Dec 2023 18:03:46 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7378
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663426.093945,VS0,VE16
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 18:03:46 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 15 Dec 2023 18:03:46 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
13331
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1702663426.128423,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
76
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6431
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5BB4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
17188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 13:17:18 GMT
expires
Sat, 14 Dec 2024 13:17:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C61B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
66d3c92d2e6149a4ee19d70f51e1321ea2723e79cd7374b8fcf1729091a75b6a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S8YUaGj88W2sK87X6K7FyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-S8YUaGj88W2sK87X6K7FyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 18:03:46 GMT
expires
Fri, 15 Dec 2023 18:03:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
results.txt
wkrndbk7mu3ggzl4suba-prpn4y-c003ec93b-clientnsv4-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=prpn4yv0f
  • https://wkrndbk7mu3ggzl4suba-prpn4y-c003ec93b-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wkrndbk7mu3ggzl4suba-prpn4y-c003ec93b-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
95.101.54.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-145.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 18:03:46 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://wkrndbk7mu3ggzl4suba-prpn4y-c003ec93b-clientnsv4-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Fri, 15 Dec 2023 18:03:46 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
results.txt
fiaazgbakcqaokqce3yajaaab5sxzfic-prpn4y-b6988c063-clienttons-s.akamaihd.net/eum/
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=prpn4yv0f
  • https://fiaazgbakcqaokqce3yajaaab5sxzfic-prpn4y-b6988c063-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fiaazgbakcqaokqce3yajaaab5sxzfic-prpn4y-b6988c063-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 18:03:46 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://fiaazgbakcqaokqce3yajaaab5sxzfic-prpn4y-b6988c063-clienttons-s.akamaihd.net/eum/results.txt
Access-Control-Allow-Origin
*
Date
Fri, 15 Dec 2023 18:03:46 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5BB4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
13565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 14:17:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C61B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3124055698009864&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
712.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/712.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44b9bedbeec84c99876e563796ef513218c0730a2b608e8b7bfa5464e6883ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 1
date
Fri, 15 Dec 2023 18:03:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
A0GMKT435GGDEBCA
age
2078669
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
2767
x-amz-id-2
LQqPhP/T7Ec0vf1bnXA7NKn6Hn/DAgbLLbTCdEXiCOHQgDz1Wx2B8oA5dnJc3Bh4Ojtr4ftVfvc=
x-served-by
cache-iad-kcgs7200126-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 15 Oct 2023 07:17:13 GMT
server
cloudflare
x-timer
S1702663426.363608,VS0,VE1
etag
"baf77930b4847099dec05b0ab981ef1b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
83609aeea9a939d4-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
apv-static.tldw.me/videos/ 		63 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
RsSmOp2z_7RKUTnA_0ofFS2auIEjryEF
via
1.1 varnish, 1.1 varnish
date
Fri, 15 Dec 2023 18:03:46 GMT
x-amz-request-id
2QJPR6K7QP7DP5TP
age
38832
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 0-972100/972101
Content-Length
972101
x-amz-id-2
LPvgKcneMCgeEM0IXOim9Vma//7Z9Bx+55iE5zGns2qort+lWOmckiJpG0b5qtM9GoPdaEIm85Y=
x-served-by
cache-iad-kiad7000067-IAD, cache-fra-eddf8230048-FRA
last-modified
Thu, 07 Dec 2023 17:17:51 GMT
server
AmazonS3
x-timer
S1702663426.348390,VS0,VE2
etag
"545a6d2beb453c7af5ca3aa3ad0e9a88"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1510, 0
generate_204
tpc.googlesyndication.com/ Frame 5BB4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?19sWfQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
_.gif
counter.tldw.me/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 15 Dec 2023 18:03:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
83609aeee9fc39d4-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Fri, 15 Dec 2023 18:03:46 GMT
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=8ccd8652d5af056f528fd249c99997d9&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663425_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&d=%7B%22type%22%3A%22videoReel-readyToPlay-v2%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=19%3A03%3A46.387&id=4390&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
29
date
Fri, 15 Dec 2023 18:03:46 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7408
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663426.390184,VS0,VE29
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=8ccd8652d5af056f528fd249c99997d9&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663425_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&d=%7B%22type%22%3A%22videoReel-readyToPlay%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=19%3A03%3A46.388&id=5538&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
12
date
Fri, 15 Dec 2023 18:03:46 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7318
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663426.390622,VS0,VE12
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=8ccd8652d5af056f528fd249c99997d9&sd=v2_c8e447c6ff9b640f0a846f5680e5a392_0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80_1702663424_1702663425_CIi3jgYQkr1ZGO6RmPXGMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&pi=/&pt=home&vi=1702663424238&d=%7B%22type%22%3A%22videoReel-rendered%22%2C%22data%22%3A%22%7B%5C%22t%5C%22%3A%5C%224.64%5C%22%7D%22%7D&tim=19%3A03%3A46.401&id=2381&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Fri, 15 Dec 2023 18:03:46 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7381
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663426.397052,VS0,VE14
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
apv-static.tldw.me/videos/ 		21 KB
21 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90d13728cbca7742b466476a33b15c0ae2c27299b921b64ca9acd9e8320f2016

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=950272-

Response headers

x-amz-version-id
RsSmOp2z_7RKUTnA_0ofFS2auIEjryEF
via
1.1 varnish, 1.1 varnish
date
Fri, 15 Dec 2023 18:03:46 GMT
x-amz-request-id
2QJPR6K7QP7DP5TP
age
38833
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 950272-972100/972101
Content-Length
21829
x-amz-id-2
LPvgKcneMCgeEM0IXOim9Vma//7Z9Bx+55iE5zGns2qort+lWOmckiJpG0b5qtM9GoPdaEIm85Y=
x-served-by
cache-iad-kiad7000067-IAD, cache-fra-eddf8230048-FRA
last-modified
Thu, 07 Dec 2023 17:17:51 GMT
server
AmazonS3
x-timer
S1702663426.452554,VS0,VE3
etag
"545a6d2beb453c7af5ca3aa3ad0e9a88"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1510, 0
v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
apv-static.tldw.me/videos/ 		911 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=32768-

Response headers

x-amz-version-id
RsSmOp2z_7RKUTnA_0ofFS2auIEjryEF
via
1.1 varnish, 1.1 varnish
date
Fri, 15 Dec 2023 18:03:46 GMT
x-amz-request-id
2QJPR6K7QP7DP5TP
age
38833
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 32768-972100/972101
Content-Length
939333
x-amz-id-2
LPvgKcneMCgeEM0IXOim9Vma//7Z9Bx+55iE5zGns2qort+lWOmckiJpG0b5qtM9GoPdaEIm85Y=
x-served-by
cache-iad-kiad7000067-IAD, cache-fra-eddf8230048-FRA
last-modified
Thu, 07 Dec 2023 17:17:51 GMT
server
AmazonS3
x-timer
S1702663427.569331,VS0,VE1
etag
"545a6d2beb453c7af5ca3aa3ad0e9a88"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1510, 0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.29news.com%2F&domain=www.29news.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.29news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 15 Dec 2023 18:03:46 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
223359
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034LEzsAAG&gdpr=0&src=pbjs&ver=7.39.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Dec 2023 18:03:46 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.29news.com%2F&domain=www.29news.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
238358
expires
0
prebid
id5-sync.com/api/config/ 		135 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
33459a46d0456447c25713d7950d6a1e376b4cb1ec1b6323b27e56d71922ae1e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Fri, 15 Dec 2023 18:03:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		43 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.9.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-9-4.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:46 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
x-server
10.45.17.235
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3c3a1649cfe7548b693ae4c12340c69f94f4137874632cb13ccbabdb5863340b

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 15 Dec 2023 18:03:46 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 14 Jan 2024 18:03:46 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
82479b21329ff01c7a23c63063cbe4bd005beeb5669c3fb2afa0da8b82101398
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Fri, 15 Dec 2023 18:03:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
429.json
id5-sync.com/g/v2/ 		251 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/429.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
d6a05eee7557c4dc1368847b5424339334bd33b560f878969a07421e249cca4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Fri, 15 Dec 2023 18:03:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:46 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
v-9e6cb151-2b09-4ca1-3423933-9f05-2c456fd069f1-s25.025-31.832tvl.mp4
apv-static.tldw.me/videos/ 		48 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-9e6cb151-2b09-4ca1-3423933-9f05-2c456fd069f1-s25.025-31.832tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
W874Sfr2om6eaPGdeQ6IfQKcVvSGgfE9
via
1.1 varnish, 1.1 varnish
date
Fri, 15 Dec 2023 18:03:46 GMT
x-amz-request-id
9DYWVBA7TDBMGPS1
age
237768
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 0-455363/455364
Content-Length
455364
x-amz-id-2
Rvo5EIrp+qZWDeZ25XsbzOZVUP9izJntncZkyl40+DZ6uSEPgML7+NWUUxsgXKwdiaZFRP8/6z4=
x-served-by
cache-iad-kcgs7200125-IAD, cache-fra-eddf8230048-FRA
last-modified
Tue, 12 Dec 2023 22:31:01 GMT
server
AmazonS3
x-timer
S1702663427.850714,VS0,VE1
etag
"69d12a78bd5d027bfc7030d947a2d2f9"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1136, 0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3124055698009864&bg=!-fql-rXNAAY3kmNgF5I7ADQBe5WfOKLRcyA524qQNjYhHwVsRnH9GGZjJMCjOQ6gyj31LNvFWYwRtc3kHhwgyGkPFguWAgAAAFNSAAAAAmgBBwoAIoBcC-4oGCS7Cl2uMo16s8swGhVN4a0obFdW4AenHWMnGtqZAwSDhN7tL4oTYq5xAa9ry50VS_l73n2d2MzkW_OhaxAW9la-wOumPrQcTuqjpw_e4QxlVTzJ-KZCoVRV2FJe8ZZS5JkmIs_n3dYX8g0ZkmrybYTCJ7xpbkHzrWbXHLrk33UxZaBNsTUDwJS-EmsuyYtSL5jZElgTt77F9uy6VbnP_mPT32iC2M_9hgzdVZul1c-cMXc_wL0BVnscksJ5f1kSP4WJT7ixm3kSlwCB5HZOXAHktekC8g9nnumLasiSScPnvFR1_2eZRnNZmKPp-75tKP3iiDbDCqTsmdUUlXxr2a8okV5VdK-2haHTAXIYPfJp60o6CHu-WaxXw7e5izc880CGwuyddgRxT3IwhCPGKA2XSJjnz7ZChkocIfM6lAx956df4gai0zNaQNY0H4cHBv7vwPD3TLy8_a5fQh5oQOaE6UaUoQbD2830SC9Z9vGTK-QVWrlfOO4NqWon5LNVjVVQ_eCc8hEP85SSddgYAni1UGzoX6a9kSMoX9AOo0my1njEy-ujM8ucLhLtnxXOWRQuff8eYu47s2GFbjM2_fnbFSPdO2zNPc9ZYGYunwhRkzTzlxgsv_W62sZWalwhkca1zWKHtx2lA64XrMFlVqakljTX7fSHvxiTAv06rc9_3vbLSeRG57gawIz4rhwNMJRqCdAP34T_2uj8eLRX4V49U8AWK6GB4whVoXUExXPy77FboKnM5yCKjoU8w5jtsQ0RBGEw6n1y7s4xsnJzuKolpD5kfkOJfB_28Vt1a4DeRbMtKJNCWDKgRdUfS-K44tgDzUBOO1uIdb18ajPTLz75mviMLH794U_QLhsGlTLGVpptfK4Ny9Sl9cAAfxwSuQAdDEEV-RGP9Z9nC2ac9OshEUbnoba8_qoL2rfPS6Z3KW71DW9KB5AUNKYnYAog8ZCrj4eYpDaOxxM9uU_Uw5umLiKyXW6ro79OZNvN5PoDl_LSccrevH9Qj4RqZYtZTsGVVP6eiW6enT18zBWi3DTD0ZaioKAqaXGL4zehGn4nVN_a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
v-9e6cb151-2b09-4ca1-3423933-9f05-2c456fd069f1-s25.025-31.832tvl.mp4
apv-static.tldw.me/videos/ 		29 KB
29 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-9e6cb151-2b09-4ca1-3423933-9f05-2c456fd069f1-s25.025-31.832tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73d99d8980d75f9f81a522bb22dd29bd17401617f97216e58e9575f85a156278

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=425984-

Response headers

x-amz-version-id
W874Sfr2om6eaPGdeQ6IfQKcVvSGgfE9
via
1.1 varnish, 1.1 varnish
date
Fri, 15 Dec 2023 18:03:46 GMT
x-amz-request-id
9DYWVBA7TDBMGPS1
age
237768
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 425984-455363/455364
Content-Length
29380
x-amz-id-2
Rvo5EIrp+qZWDeZ25XsbzOZVUP9izJntncZkyl40+DZ6uSEPgML7+NWUUxsgXKwdiaZFRP8/6z4=
x-served-by
cache-iad-kcgs7200125-IAD, cache-fra-eddf8230048-FRA
last-modified
Tue, 12 Dec 2023 22:31:01 GMT
server
AmazonS3
x-timer
S1702663427.961280,VS0,VE1
etag
"69d12a78bd5d027bfc7030d947a2d2f9"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1136, 0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Fri, 15 Dec 2023 18:03:47 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
3263
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-eddf8230020-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1702663427.037434,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
40
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
18751
/
pips.taboola.com/ 		4 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220107-FRA
date
Fri, 15 Dec 2023 18:03:47 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.29news.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Dec 2023 18:03:47 GMT
cache-control
no-store
server
nginx
v-9e6cb151-2b09-4ca1-3423933-9f05-2c456fd069f1-s25.025-31.832tvl.mp4
apv-static.tldw.me/videos/ 		413 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-9e6cb151-2b09-4ca1-3423933-9f05-2c456fd069f1-s25.025-31.832tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=32768-

Response headers

x-amz-version-id
W874Sfr2om6eaPGdeQ6IfQKcVvSGgfE9
via
1.1 varnish, 1.1 varnish
date
Fri, 15 Dec 2023 18:03:47 GMT
x-amz-request-id
9DYWVBA7TDBMGPS1
age
237768
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 32768-455363/455364
Content-Length
422596
x-amz-id-2
Rvo5EIrp+qZWDeZ25XsbzOZVUP9izJntncZkyl40+DZ6uSEPgML7+NWUUxsgXKwdiaZFRP8/6z4=
x-served-by
cache-iad-kcgs7200125-IAD, cache-fra-eddf8230048-FRA
last-modified
Tue, 12 Dec 2023 22:31:01 GMT
server
AmazonS3
x-timer
S1702663427.073521,VS0,VE11
etag
"69d12a78bd5d027bfc7030d947a2d2f9"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1136, 0
p
sb.scorecardresearch.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10477191&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1702663428792&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20120.0.6099.109&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1702663423789&ns_ts=1702663423788&ns_ap_cfg=1110101-111-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1702663423789&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.29news.com%2F&c8=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.79.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-79-112.txl50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 18:03:48 GMT
via
1.1 168ddbb82d6c89c84a1a7963d1d3db88.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
TXL50-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
0iP8cqx1Rxyr6QVJUSeg2ITuoWvVRDqP-9PpZG9LaCbg1eU0twWiaw==
adexperience
vidanalytics.taboola.com/putes/ 		2 B
59 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/adexperience
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-cache-hits
0
date
Fri, 15 Dec 2023 18:03:50 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00101
server
nginx
x-timer
S1702663430.127905,VS0,VE63
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-fra-eddf8230020-FRA
adexperience
vidanalytics.taboola.com/putes/ 		2 B
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vidanalytics.taboola.com/putes/adexperience
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-cache-hits
0
date
Fri, 15 Dec 2023 18:03:50 GMT
via
1.1 varnish
x-backend-name
5i41NEgLZrTBnTzubPzIMu--F_NLB_VIDEO_UI_00101
server
nginx
x-timer
S1702663430.127938,VS0,VE63
x-cache
MISS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2
x-served-by
cache-fra-eddf8230020-FRA
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_6/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.29news.com
date
Fri, 15 Dec 2023 18:03:50 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
collect
region1.google-analytics.com/g/ Frame 3207 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-794QV8SQ9L&gtm=45je3bt0v873184827&_p=1702663424567&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&cid=967425150.1702663426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1702663425&sct=1&seg=1&dl=https%3A%2F%2Ftockify.com%2Fwvir.calendar%2Fupcoming&dr=https%3A%2F%2Fwww.29news.com%2F&dt=WVIR%20Community%20Calendar&en=scroll&ep.transport_type=beacon&epn.percent_scrolled=90&tfd=6552
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tockify.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_6/infra/cmTagINSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.29news.com
date
Fri, 15 Dec 2023 18:03:50 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
VideoBidRequestHandlerServlet
wf.taboola.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=841&height=473&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1702663430963&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1584&pt=-704630124&tz=60&viewable=true&ddast=V8K8UCLAasArS9JciscRNYBWh7S5BZ4y4AAABgYGDtAEmuJqaVYzlxi2ym0Vq02I3WCuPCs5Y4d6vZZmXbLJe7ISDJ1cS0ciwnbpHNNFqLFrvRWmFceNYS524126xsm-VyNwUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8h4y_7YZw3iH5EC2iKMAAAAAMiKRhcemaQTVCyq_P__91sBuAIAEMDoZpqAk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpAxrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyPdC0VG2VZ0IKfSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDCwmO0WDpNxLRnMdmvRYrJwKzfDiVvmG9k2m81usxxO3KLXx_TxzRYL42CLBANI9iJ5WqQT0czhcg43E9tutjCsHC7HYGJZGXcT32i38iwWE4tYojlZpBPZZd8xrkyj3cY2szknttFgZlgYR7OZazYcrFwLz3KyLyxmu4XDZFxLBrPdWrSYLNzKzXDilvlGts1ms9sshxO36PUxfXyzxcI42Dd2g8lsthlNRvvGbjCZzTajyWjfYTI9U5-z0bU8pj0-bdI2FHtsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_9FD7IZzxWwylwyWc8Vms0oAAAAAAAAAAJZgmukmAAAAAE4GMZwMh7t1OpjJcjGZjJYLwMJLUhcwCAAAAAAAwK7ICj6sEJH_lGKNPQZxlofzdHvrbk_L3eKxLKcMAKDgkNlmnxHEWq2WNQAAAAFsAAAAAdx0401AKBT3____Pw4AAICMHHoAAABr-4CWjlwp9MKR-BXEYDic7B-ACrFWq9XtxlqtVsAC2sxGown8____JwgAAAAAAKAiCA!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3291224&dpubid=182887&abtst=DLR_vA!adxsub-out_vA!adxsub-out_vB!video-reel_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.29news.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
262496b2a4511f8f57145431e5c629677ee3bb6967c957722bed1cdc7b6f4d14

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 15 Dec 2023 18:03:51 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1481
x-cache
MISS
x-served-by
cache-fra-eddf8230020-FRA
pragma
no-cache
server
nginx
x-timer
S1702663431.964116,VS0,VE79
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://ioms.bfmio.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
getmu
ioms.bfmio.com/ 		49 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702663431056&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-54-235.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 18:03:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.29news.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tockify.com
URL
https://tockify.com/wvir.calendar
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| documentPictureInPicture object| gdmGoogleTagManager function| admiral object| googletag function| __uspapi object| _aps boolean| apstagLOADED object| apstag object| PianoESPConfig object| ns_ object| gdmComscore object| RCdataLayer object| _sf_async_config object| _taboola object| _newsroom object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| Fusion object| react object| React function| setImmediate function| clearImmediate object| ReactDOM object| PropTypes object| StyledComponents object| queryly function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression object| PianoESP object| _tkf boolean| _tkfReady object| sheet function| 4dm1r11545242527 object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| burstEmbedFrameworkCheck function| burstEmbedGenerator function| arcAdsPrerenderer function| isMobile boolean| arcBiddingReady object| apscustom object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| PWT object| OWT string| partnerName string| key object| google_tag_manager object| google_tag_data object| TRC function| _typeof object| _tblConsole undefined| msg object| _cbm function| $ undefined| jQuery function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| ggeac object| google_js_reporting_queue string| GoogleAnalyticsObject function| ga number| newsroomStartsLoadingTime object| tbNewsroom boolean| _min_launcher_active object| _minUnifiedSessionToken10 object| _min_tv object| _tvp boolean| _editor_tv_loaded object| _min object| scriptSrcSplitted function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData undefined| google_measure_js_timing object| preloadImages boolean| _minAlreadyLoaded function| gaPianoESP object| StateMachine function| iFrameResize number| google_unique_id string| nam object| placementData function| _get function| _superPropBase function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles object| minutelyTaboolaAPI object| cmTag object| webpackChunktop_video function| createSliderPlayer function| startMinTopVideo object| _cm_wfCounters string| lastWfUrl function| Zepto object| Backbone function| startCMTagMain string| category function| OvaMediaPlayer number| BOOMR_onload object| GoogleGcLKhOms object| google_image_requests

51 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARDeFg
.piano.io/ Name: __cf_bm
Value: 8Fxe7HMjJl4JEF9E2wTEGLO6rOnBUXB9D5WMFxz7y68-1702663423-1-AUno57D+qpVzDgYqenkaO5XUlZfoqIvxwtq0Ll2k2wGSN9cEr/CyN7xUQYHdSkmExt2hAlj9YufVJzmlBdU7NgU=
.29news.com/ Name: _cb
Value: CfsacTDasXrj6xk3K
.29news.com/ Name: _chartbeat2
Value: .1702663424024.1702663424024.1.CiwWKDQKVNHDIddH5cMeFbDTDc5d.1
.29news.com/ Name: _cb_svref
Value: external
www.29news.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.29news.com/ Name: _pubcid
Value: b6665b55-dd19-4b34-99c8-b99cf3a8c6e4
.29news.com/ Name: usprivacy
Value: 1---
apv-launcher.minute.ly/ Name: AWSALBCORS
Value: 3qI39EFe0iXrODNAbuZSeopboIOu/Rr4Z8Tk1GTTWTsQ3tJgt2b53/iK4pA3uL+HcRAzTLKFWxMI/CX8BoHp0wPKS/UyD0RCDy0QCFI6Pb+JiYBaPmhF3Hpfp3Zq
.29news.com/ Name: minUnifiedSessionToken10
Value: %7B%22sessionId%22%3A%22db0c4fe5e4-c525058eab-95466e7103-11c9160852-184e9559ea%22%2C%22uid%22%3A%2284fe0fafb2-ded330025a-92e231bd81-9a5e87632f-daf27167ad%22%2C%22__sidts__%22%3A1702663424371%2C%22__uidts__%22%3A1702663424371%7D
www.29news.com/ Name: minVersion
Value: {"experiment":853304102,"minFlavor":"Gray Groupmi-scraper-1.17.0.32.js100"}
.29news.com/ Name: _ga_LQ23MJC9WT
Value: GS1.1.1702663424.1.0.1702663424.60.0.0
.29news.com/ Name: _ga
Value: GA1.2.1089476568.1702663424
.29news.com/ Name: _gid
Value: GA1.2.97303530.1702663424
.29news.com/ Name: _gat_RMD
Value: 1
www.29news.com/ Name: pnespsdk_ssn
Value: %7B%22%24s%22%3A1702663424501%2C%22visitNumber%22%3A1%7D
www.29news.com/ Name: pnespsdk_visitor
Value: zu8c2g8ztbxazg1n
.29news.com/ Name: _gat
Value: 1
.29news.com/ Name: _awl
Value: 2.1702663424.5-1a24bf0c15d00f03beb99527246af907-6763652d6575726f70652d7765737431-0
.casalemedia.com/ Name: CMPS
Value: 5289
.adnxs.com/ Name: uuid2
Value: 4118587467095025469
.casalemedia.com/ Name: CMID
Value: ZXyVAEWQ6nF6Mh-if0IYigAA
.casalemedia.com/ Name: CMPRO
Value: 5289
.turn.com/ Name: uid
Value: 7262416958248687114
.simpli.fi/ Name: suid
Value: C03EB7438D2A47ACA3051CBDF00A20B1
.adform.net/ Name: C
Value: 1
.csync.loopme.me/ Name: viewer_token
Value: 748f571b-364c-4f38-a538-922f63397e8e
www.29news.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D0167aad8-2067-412a-938b-f7d63337398b-tuctc761a80
.yahoo.com/ Name: A3
Value: d=AQABBACVfGUCEAOgU6dQAyao4AC38YvGJKMFEgEBAQHmfWWGZQAAAAAA_eMAAA&S=AQAAAqwFY9_3RXU27sgb30hwxgc
.doubleclick.net/ Name: IDE
Value: AHWqTUmwSAqkf7O1QqkqAh8piCCDruqFBIs_IgLqYxqSBHOT1m8edJls3qGUPlREkME
.adform.net/ Name: uid
Value: 7742050139372852978
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.brand-display.com/ Name: _knxq_
Value: 250231e7-385a-ddb9-861cdef4.1702663424.0.1702663424.1702663424
.company-target.com/ Name: tuuid
Value: 2818f138-77da-462d-8d1b-de19da1933b6
.company-target.com/ Name: tuuid_lu
Value: 1702663425|ix:0
.doubleclick.net/ Name: APC
Value: AfxxVi6rtS759lWbbvmkW8dCU3i4R9qBVo-Gn_I-ehraF9gUvddrKA
.doubleclick.net/ Name: FLC
Value: CKfX8gMQqZrhtQEYp4PSkAIgscq8YSi4m_0DMIGq8qsGcADauAQRMg86DQoLKDCYF739wTqYGQE
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3ebd497b-446a-54b8-6bfc-75dc4b464adf.bka1pkpvUGdrzkJ9MXRdbcgvZyTem%2FChtTcSSg4bMYA
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-3ebd497b-446a-54b8-6bfc-75dc4b464adf.bka1pkpvUGdrzkJ9MXRdbcgvZyTem%2FChtTcSSg4bMYA
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3APr1Je0RqVLhr_HXcS0ZK37Ki0YU.ahMuK735Q7PzFNJGiEHZYBv7KjmtfsTTxGvG8cntCGk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3APr1Je0RqVLhr_HXcS0ZK37Ki0YU.ahMuK735Q7PzFNJGiEHZYBv7KjmtfsTTxGvG8cntCGk
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHi9QihBt-OL905bUjJPrVjnc1uPcGID0JafffXDONKQEHwYBCCBqvKrBjABOgQ8w7t9QgSW5she.0ur6ukfCZuWZgzHDa%2BacSuOCeRz5ogPdxjNre39BHWg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHi9QihBt-OL905bUjJPrVjnc1uPcGID0JafffXDONKQEHwYBCCBqvKrBjABOgQ8w7t9QgSW5she.0ur6ukfCZuWZgzHDa%2BacSuOCeRz5ogPdxjNre39BHWg
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A8eG0B-EWEnii9gwi2fSzgY
.liadm.com/ Name: lidid
Value: 2dbd0acd-3356-4256-b857-27e36308e918
.29news.com/ Name: __gads
Value: ID=2544a22c1af32332:T=1702663424:RT=1702663424:S=ALNI_MZz9khT1hx2treOkDpT9wNMmagzmg
.29news.com/ Name: __gpi
Value: UID=00000d1c810ef1b9:T=1702663424:RT=1702663424:S=ALNI_MYM70VXroIz9BJTycKdInb4FeccsQ
www.29news.com/ Name: _lr_retry_request
Value: true
www.29news.com/ Name: _lr_env_src_ats
Value: false
www.29news.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-15T18%3A03%3A46%22%7D

2 Console Messages

Source Level URL
Text
javascript error URL: https://www.29news.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.29news.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4a1f0ea7d3ea6a515ac65312034675b7.safeframe.googlesyndication.com
684dd325.akstat.io
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.pubmatic.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api-esp.piano.io
api.rlcdn.com
apv-launcher.minute.ly
apv-static.tldw.me
c.amazon-adsystem.com
c.go-mpulse.net
c1.adform.net
c2.taboola.com
cdn.indexww.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
config.aps.amazon-adsystem.com
counter.snackly.co
counter.tldw.me
csync.loopme.me
d2csfia1ogd5wa.cloudfront.net
d3v5317qx0o9g1.cloudfront.net
dis.criteo.com
dmp.brand-display.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fiaazgbakcqaokqce3yajaaab5sxzfic-prpn4y-b6988c063-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
gray-wvir-prod.cdn.arcpublishing.com
gum.criteo.com
hbopenbid.pubmatic.com
hp.taboola.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
ioms.bfmio.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lego-geschenkideen.de
lexicon.33across.com
mab.chartbeat.com
match.adsrvr.org
nbc29.com
nr-events.taboola.com
operationchicken.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
polyfill.io
pr-bh.ybp.yahoo.com
public.tockify.com
reconditerespect.com
region1.analytics.google.com
region1.google-analytics.com
rtb.adentifi.com
s.amazon-adsystem.com
s.company-target.com
s.go-mpulse.net
s3.amazonaws.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
snippet.minute.ly
snippet.tldw.me
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
sync.srv.stackadapt.com
sync.taboola.com
t.pubmatic.com
tockify.com
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
ugc.zeam.com
um.simpli.fi
ups.analytics.yahoo.com
vidanalytics.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
webpubcontent.raycommedia.com
wf.taboola.com
wkrndbk7mu3ggzl4suba-prpn4y-c003ec93b-clientnsv4-s.akamaihd.net
www.29news.com
www.burst.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.queryly.com
x.bidswitch.net
api.rlcdn.com
tockify.com
104.18.36.155
104.18.38.76
13.227.219.79
141.226.224.32
141.226.228.48
141.95.33.120
142.250.185.130
142.250.185.134
15.197.179.249
151.101.1.44
151.101.65.108
151.101.65.44
16.182.74.120
162.19.138.83
178.250.1.9
18.239.18.14
18.64.103.72
18.64.79.112
18.64.97.119
18.66.2.127
185.64.189.112
185.64.189.226
198.47.127.19
199.232.211.52
199.232.215.52
2.19.217.60
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
23.35.236.201
2600:1901:0:4277::1
2600:1901:0:636d::1
2600:9000:20ab:ee00:8:48e:53c0:93a1
2600:9000:21c7:5e00:12:3f97:c680:21
2600:9000:2204:e00:1:4e32:7440:21
2600:9000:225f:4000:18:1fcd:353:c61
2606:4700:10::6816:48ae
2606:4700:10::6816:4aef
2606:4700:20::681a:bd1
2606:4700:20::681a:d56
2606:4700:20::ac43:48f0
2606:4700::6811:180e
2606:4700::6811:c276
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a02:2638:3::c
2a02:26f0:3100:795::11a6
2a02:26f0:3500:12::1730:17a8
2a02:26f0:480:18d::11a6
2a02:26f0:480:c::210:f18e
2a02:26f0:480:f::213:7ec6
2a02:26f0:480:f::213:7ec8
2a02:26f0:480:f::213:7ee3
2a04:4e42:200::649
2a04:4e42:400::714
2a04:4e42:800::282
2a05:d018:d29:3602:e076:33cd:685:7924
3.228.157.65
3.75.62.37
34.160.19.107
34.203.54.235
34.233.61.246
34.95.81.168
34.96.71.22
35.156.190.4
35.169.223.36
35.204.158.49
35.214.191.231
35.244.193.51
35.71.131.137
37.157.5.84
37.252.171.149
52.212.52.84
52.46.130.91
52.54.52.235
52.86.155.246
54.77.9.4
69.173.144.139
72.251.245.181
95.101.54.145
95.101.54.99
98.98.134.241
99.84.149.113
01a35b750e5c341f6d56f6030c7e77cdf282c64854a486f186735262a376bb83
01b83ab9dd12f79d5f3ec8b655c274567e016aacc9f3341ba33947bc269ce41a
0336d12efac90b631e202f3a3c37ec4b468eb77863782160e60549ba98d0105f
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
040c78d841eae99549ecfe2bc5348dc251601cc0cbd152e993808472cacf750a
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
04ed1891ede8f9120734f6c13e8f6fb01027de342373e13dbbf573886a1078e3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06ffe7a1a5d90fdce562c52de2954b5ca11983fff1db4c6bc573bda09bdacbf4
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0abf4b657c7a21c13aaed04ea5c6d03ecdcb5c3acf04da23eaf2c67af65b7668
0be9ea3282b9037d764f4c4b12ee0da74f6613310f3ff39bd9236b0c7f8e0d36
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d39bbdcae43253b7e0d7a69841e70d8781ac7aaca5cd9a20fc9edbf5c643e76
0dc3395f1ebb5b9a3540c4f66c1137e123f0559efe4ffe7394a036951e8f2150
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
1040189a3de7a4b00f8babef951ba20f6e5197aadf578393528ba679eaa99dfd
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
116878fe0d8e666a2cad251a1359c56896e5e664d1cc001733fb5d66d9b3db0b
13fc33bfd71d1428a6594249042832c3847377cf3a370581971c1f948d054c33
152ba9565d821a08fd52cda47362cdfba9d479a0bd8f0bed733c33ae3e31d464
161a116757ff8e6472bea2591e22eb25ef4f3718efd99b26167de1824b300584
179ead95645da3c6c9383919bc6c1474a3832dfc733cc3e05e2f99503fd5d8e1
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1955ca11feebf419a1cd26025fdfaaab7a67ed493016d853be8697ad3434d301
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1eb12c64933bfb56ae7bb304b7fb3bc74a834099b9120c6cec15cbae47e5bea2
208bc6507ffbc9fa47d897119c1486b1442e8b9c82c77f7a0f0ee0fec27b3dcb
21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
224a5b8eaaf3653d627299347111991d79dc40bd42ec6b61c55921da4a3e40ea
262496b2a4511f8f57145431e5c629677ee3bb6967c957722bed1cdc7b6f4d14
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
29cf8c7bc1c0e3373f0b2d9634a35a1f9658c72a1e4d7ce6b6c178c2bf2e7a4a
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
2b4b79f93d04ee843317ae786148195e7ad8792e9dac286ed0dc3b47f1017e38
2c7e530b39de2238b0551f68526c1067b23363897d88be4c218d4d124f3fa6c7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f304e1b6e0cf794ac6d60dab66cde75213410d5b3c26f0598996ac09dbf1eb1
33459a46d0456447c25713d7950d6a1e376b4cb1ec1b6323b27e56d71922ae1e
34bbac29263450fa7419fbb99bb4d481ee7b70e3993195e93b24a6688390fa17
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
384f960ee1afb7f74397b7eb922a45e488c22332c62a9b25c159c1158111692c
3892fda412b98b9c0f445107d4d429f7bd5401ff5d8f598e34deff6655a18381
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3aa0fe7bfa14cc45a5b9b0c5eee68844d87dd5c8bf88eab7f416065a54e2dde9
3c3a1649cfe7548b693ae4c12340c69f94f4137874632cb13ccbabdb5863340b
3cbc3abef3fe9a054162de67758565065ca58a9e7c2ccacc03f12c833f6a1efd
3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f1e2aff8baeea2cb4962805e9a8f098013c38cae12af54691cfed60a31b9da3
3fa3d3aac092c8453ede9ae0397911dfbc0add561679d1faa196320ed4863fac
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40572e2870859e9bc07c0f3926541e4f071dba735921d38ba47633497446c216
40be85e49b3f93704d987ffb4512e2017afd68b1e694250399cfec9122849f28
4161e8ddfe2ba801c5127cdff13ec14f7362d0df8e7f52a63200ddc93cbce6e2
42963e20b8df6dff7886465257fe87c44a0e83d6b91cb2ef458f4129d71d0e41
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44948fce039263b30389aba4b5d19d5723382b84cc9a7a56887324c650d61a48
454fb05f42243a4a03db728c6359956a04646d3d18d9a8fe5fc5aa2a221e493c
466c851210a39469c433d7ecc5cbee8dae10dd8f6ec689090cf205688993225d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46be8ce52fecfdee4715f55f764c2de0bc4ca0903c75c9e08f0bd86e1f37e419
4710dce6e41f2e1551ed4127aa8c5f0caf1f42805c5671d34b2b0a2abf13f9f7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b3c9773a97bd00a751c09a47e3606a5eddd6f6fd64cb203b61c6c95ca46143
492f4ef40ecd4502bb3330e3040b62091fc61758533b1cdd3b23b6b2517e61d1
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4bd0b039a1ab966889e5df5946799add86c82b348316216b22e2dd62856944f1
4bd9ac56934d76ebef4caeb9c0eb9880378b0fd9e46f098d34e1399c18cc0bc5
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e8bd226cdf91c81d69a90eec8ded92138adf203d05cbab1f09f68d85bc6baf4
4ef54920cf0c52bc49c149f8378cc6bf1667ea9e653b5725cd1983c21dc8ca40
4f71465fe82a54e04c86fb95fd62a67f92a74c88537a304a7aeeb3659bf59e9a
4fdbceb89e5935d469bbd06461e0d4a8ea77fbb676a3c70370afd6a3abb66b86
50d9594f0c84c61608f60a47071b4051c9052407eb928afb38f5b82686b98885
50f6f292a9ff0c4ed168811db3eee056d0212b759a2348cdbbd654bde25c1610
515c271a58a621c8d2e693ccd933058d68a083c2db93a0f685f697679fa9dc8b
53b988c3d873cd2c0c14d099834524858337e92c5a0a69884f102468a3d469a9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58510177690dcff8a1dac14f3e157717de30611910c7ffc57a44e77746421837
593feb16e7310f6ec96f40794a8f32efeed162b216d20ab61a4cc6178da5f261
59c9a98fdce832840396257575b4ee4230d78cdd2a3ec2a631cd56f2ce3b6bab
59ed228f99fa7ee4309a8d8e0536d02530a446af9b453bf0b6b68d2f7cf29c61
5aec68c8b080515c3ca98f7465a63204af99556ae6f2b8f33f73c08da2cdb12b
5b4ec482560a62c554dcec6fc68b07492994cf7550dba087186ee088482825f2
5b4f9cffdd7f6ac1d0d615f65024064a9f261e21e448e110f279aea148e6da39
5c24b8afe8be52197c0b7b98074f2596a52ece552411f2ae682642a2d03cb85e
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f2e09179a891c2a6806d7e2653d6694d613eff4b6a94c5a164ebb669bdef350
5f378c883bff2c713cacbb88c0b4e93ae79d692aeb80ccbf1c3245777d6f7b0b
5fdad21c88225ca3183feec6ab65d4c4c986a35e6d6ab46ec57fc6e6c8364897
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6063e91e9d9d53e4251784c15ba4b1791ef0fa94b86f853f6cc44c8fd489ea5a
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60fc4ac5722b3fc717e3e8f607adaa79c5b1b9be41af697590aa08b2a2ca3a18
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
66d3c92d2e6149a4ee19d70f51e1321ea2723e79cd7374b8fcf1729091a75b6a
66d7b2344b1aef077bbf6359f32faa055b4cba8d9f2d873a6b9cc04330f01749
66e795d90833daa5a12dd1faaf5f317219b9545c7d7495b28f90407deb76dd7d
66f807b4adc100789cbaea28bdd4b71ca60a1999d35d6d675a56f588c97b7e12
6765d598bfdef6b5ab0b3be92c39ca5e2bd005fac7af53c517b2399e27f045ef
678235b764d973903bce3aa9a5bd46322ca09dc0a8b59f108ea2a0dc0cdc66fb
67bfebbf0035268de63ccc8a1c24dd1b13cd8e9c8ede858fcf8836144ca3b378
69c9c7972745e942e10c40a8342e85ca9e3dcf5af2689d3f7a37d536cd635b17
6a302b34ce783fda0c1a493fe5161d2222b71d2409accaa88d454b866ba807ff
6a543cf4a8affcda10deb77c4c95495bdc6dacf8b81d020e16a1bd70d8c7040f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6d14db5aa3a9a0f4c0196782e2f038cf75c37c41b3dee5770c9c73b5f79b5b63
6d2c15bfc012c4dbd35af44f48c804bfa481e9b4526ffd0ed04244c656043caf
6efef6c9dd71ad085f360c54d04ecfca3467ebb53ce0897d257aa4f1435c7419
706743694960fca164dfe7fb4ed7d2dc76f97936ef1dbbc17e738b5ba5a14327
72c4e33d7aab2ea74efc6b6abbaee16c8293dc3eeab2ace1af9855c8a1460cdc
73c48a750a107c5809e5b332e74b0f1b32ddd1c24b98f1d9e8febf73322fbb84
73d99d8980d75f9f81a522bb22dd29bd17401617f97216e58e9575f85a156278
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
76c009cddf9e13e03f1c6ab8f56e2a0472c57ae0123bf4ad8ff383f61e45c382
7833516acca930521def5b1e9586064f95aad52f9da5133effff8fe7cc623268
7834031b17b574a64726d724fbabcf779b355d1d45997710700d435d94f995cb
790e90d45636000ad24f407cb54e878f2a793a795fbf95497396074aa0d39ddb
79fe15ad2d6100c55591e6a238ee20b224ca6eb75d7cf55785d63ef141da0cd8
7a4c8fc173c2a42476bc5987f3f045a45c2ec067ce14c68dddd85c604611c67d
7c43599361b32526bbdd006963950ea20b51d70db4b465b81c4c4660d913ac87
7cecb1cecfe9f17a2a89be3b10a0b20dc8423a279c06486e34d720761ade15bd
7cfff10d1716acbf183fef47552add779d67b323e3d8ad6f5c788b0d3fcd0cb1
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82479b21329ff01c7a23c63063cbe4bd005beeb5669c3fb2afa0da8b82101398
8257e3f3a5939a2a8e1ea470645bc40d9e2f626c59ec06307d0ed5f3f00b8ab0
829757b09694cd2f23ec049863d1e83b44cb5996dedce234a4ed23d0316bbbe9
82a47b279570ec5ea213da84215bdfb20b8bccb886288e859a9bf5fd1081ceff
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
88004917adbd7b6b060b06f46d6b7cffb33406df9e017f5d52a506de5dc7ab1d
893e409bd818cf35943dedefed32b2b2f2d279a8939a363032ab0f96fa6aa457
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8c4443c888946545efa75524ba4fefbdfc13a373742b66a79e9b29ef764d2d52
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd30a683c4179f1cba9bf85ef3231bac1ed1ffde80ba7321fa154cb34967ef4
8defab2a2ccf0575e3805a5e780a9dba81d6ff898f9af8531264dffd944e1214
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
90d13728cbca7742b466476a33b15c0ae2c27299b921b64ca9acd9e8320f2016
92e3563c6a93f2d3b97e374afb2903a048100b2407b61c39830eed2bc22c6155
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
960e93d018c45bcf3ec1f8c6094433afdaa268edfd4a1aaf90f4da83a86224d0
970dad4102b0f0a1c8b3e84ecc0ed974492db999d232a5e8544861ccdfbdb7db
981f918f3a2a769e6b57605882059a9102ad0b0de2e1467d56c8ddda9095626e
985e21298ee9f5e3c80214000d34a1827d8032d57422934f2feef400fa591f74
992bed67acbd5174ae1d6609291b0309c7e5391fe302f4d7b6468c5a2787847f
9a64421605751d54fb234f9074079b0e65a9c976c8dbdffdbaa633a4d7dfd28a
9b34aab60bc8c097636dd38398590e81d458bdda50b06bf250eb6f3bb2ddfb37
9dc0571019f0847eeb755ad6ffc8bcebe2d09af91fd1348e0f69d246facadf14
9f1ff13991eb52a4b5705703d36013d267abd0254675a9a274b63fdfd82d7ee7
9fd57fcaa8ad308df1294bec4cac27c6d3de96d4ddd8c9ccc0e64bbf53405c1b
a1ce2ebc5559dd55f9d1b9aeb0df3d567623fb2ab8c25358d5c47eaaebfc7642
a3525aa71e87b50d7a7d289c60539fa25ae854f6e20063ccfe3c4e8fb011af05
a4437be8ebb563d6e6c98d0a29afbb41bcc5f1db2e21a34e093360660b118d71
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a524b2d1b64d155fb062699f4d4cfb54bdaadec800fc103133619ecb8af170ea
a707a5968189b1c2df7e2128d3827528eb7f06c41775002929a01f14bf119d6b
a790c4426c39f8a3c6d8fbc63bb0921a1679f6e994bc96b14ac212d5f8de1e5a
a80283a2a54ea158b37690f2c26663c329737910163b122fed2c5766c9b95962
a838f49e9b9edf2f8236818d9a69beacb3f6c776870fbb9bddaacd2063c8ef37
a8cae91460a7edc608e6f397fad2e02bdfc361a3984caabd5c49bb3f82b2b104
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
abf68c057b4e82c8d2291dba2f4980eee5378280fe9358c49f88adf452b5f867
ac2385054d54aaaaa1ab1a74929b654508aee4c06726ace247a020b318e2a904
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16806b2709aef3ada0d67d1cff0815463d0ca249005e5dfe26d86baf896db70
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
b33e910ec4484710548384d4fdf7bed5bc864ba8af1b818086c530c371a58d17
b33fc2b6a9c1d4e9036c3585b8a798869d3d00f5dda24a01ef2a87b36b300202
b4343c5d3d3bbc10207b39d4a9d3aa90870945b30cf4ba8ef593b32b3d4d827a
b48b9768a3bd757212ea03b630e12e7aca7c0944b2aa5880aeffc620d04759e2
b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208
b5be35c4730e85c556511d6d2576c8e73c92906ba75804dece48c79857ff5c01
bb401a02cbbd4e277a3b73f94423e52594bbba14871f61b7e40aaa06701e1e2a
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bbaf73b17df4502b13e2338b607ffe9e05eeaff41c340977be65aa9d4682420b
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bfbe54b8cccdae69aca8b2da4cdcbc0f61a4e142ccdcbe72d65fb767cd46eb4f
c02f264a42cf5db3e5cbe304c001d03a311661f5af442afc52d0f2366266371a
c038356f5dd062dc662f8b140c3fe86b5f1726ccc4c83edfc2022c02f6adc356
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c3d9fa4b41ab500d0edb279e71568c7a3a141c34d879da27d3a60baed756e475
c44b9bedbeec84c99876e563796ef513218c0730a2b608e8b7bfa5464e6883ae
c509be37bdfb00f2faa69c9a8e6e9c0cbfd021d24f23e109bb3ebfe1bb929e60
c71022602078c7ac5061344e03b71babd10409cd196086e4d1c46a3cb8239a31
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
cd623a181d7067e8732e06a3e47430ca66602d9d604ebd821e3390be94852fce
ceec13d8c655e8054fdb414719c64ba880b50a4f9059026a4f1eaecd2ee05c86
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaee838778ac2f5aedac42cd121fd1c43772d5015989729debd5c99818e6638
cfb50029231e38925bde6abe76df57ae8945b1d88d2ff7ecb7849a88c5d204cc
cfdcf81fd2c0705162775909ef37c8ca2ebd21b940e8c1704bda8bb31b41aa7a
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d247a0ee3081c2f2ccba6be6b27788bf7dc1aea91e6751095ca0f0305bf17809
d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9
d6a05eee7557c4dc1368847b5424339334bd33b560f878969a07421e249cca4e
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8cc8db1b08ef9d78d71de08e93f92e78bc86cbaff68c6617b7f772b2bacdcc6
daf6a07714c428068cd3728fa53c9e819c3fde4b35cce89bc2d8d88b452a90df
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1068fb3ed95f16e7004ceb33a3224db16373fb29330424b2a521247954048ba
e1e004f4c70dfffe823ed526dc0519b625022cfc3d4325cde69ee367bc9e4420
e2b3deab75e783acd0162aff687ce9f72fe00f4241bdfc774c5b35228bea5cae
e3561c9de219c6c970eee73fe84ad5bf1cabc27795b956a798c9b3c7856e88a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f2089638ba79d8c06048430413378bb30c336be5f2b2573291e2a7c8415b84
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e69b75877807cbc3c8a90b55b7607df6ea93978cb1ab8f0ada09e00307c16794
e6d9cfc441d6a59c4f39e6bd1f10784799e90ee4e962ff1d2acb39541480ea88
e86b7137f4f98144d7a5cb12b426c48f69497a9902f9314b8f6332c41eedd7e3
e9a5d21c53b8e58c6c70936d28b41c8020e777dd93aad5be7fbf36267042094d
eab813fde6b5a25d8e9bae7e6f6035e5774c6f930856eae0812a401bd6d1c20b
eb423582b9ae8da1b09c5bfcee5d7491563ad0a00ef0c75e99e9d0bbc3662fc6
ec7679d6d29b15719ee656bd5e67fe006ae97e5c0704f8d6ddd245ed361436a5
ec7bbd80a20739e0e95342a018f055bb6d7104aa9f21a123485520070664e150
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3996eb66cb853fa453b95aaa992fcbed2ff3f176fe8bea6c19429edaa177525
f3da7d623af4d2eb10a0ae36455204cf1b8964a5c7371ddc2356aff1884764b9
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f75dfcbdba9be39242d06661b1f16c62de1a6173e64dba2474f8b3ed42181a4a
f9eb6c867550109c6cce3fd0c4b4cde28024919576f6149ebf86ca27d7f74fbb
fafd3cf4b67f4f7340c4423a76bbda5ad1fa26a9c84efe4ad59e97e4278267da
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbff9b65ef8723e80ceca2e6e427a2ab2504dc2ded26428e63b031271efb1567