urlscan.io logo urlscan.io
SecurityTrails logo

www.29news.com Open in urlscan Pro
2a02:26f0:480:f::213:7ecc  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.29news.com/
Submission: On December 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 10 countries across 70 domains to perform 456 HTTP transactions. The main IP is 2a02:26f0:480:f::213:7ecc, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.29news.com.
TLS certificate: Issued by R3 on December 11th 2023. Valid for: 3 months.
This is the only time www.29news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2a02:26f0:480... 20940 (AKAMAI-ASN1)
49 2a02:26f0:480... 20940 (AKAMAI-ASN1)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::282 54113 (FASTLY)
3 108.138.1.25 16509 (AMAZON-02)
2 65.9.95.96 16509 (AMAZON-02)
1 65.9.66.15 16509 (AMAZON-02)
2 2600:9000:212... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 18.66.97.63 16509 (AMAZON-02)
2 2600:1901:0:4... 15169 (GOOGLE)
5 23.32.184.192 16625 (AKAMAI-AS)
14 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
33 151.101.1.44 54113 (FASTLY)
31 151.101.65.44 54113 (FASTLY)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
10 2a00:1450:400... 15169 (GOOGLE)
1 65.9.95.83 16509 (AMAZON-02)
1 3.212.66.31 14618 (AMAZON-AES)
1 52.217.196.136 16509 (AMAZON-02)
1 3.208.135.151 14618 (AMAZON-AES)
1 2a04:4e42::714 54113 (FASTLY)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
7 151.101.129.44 54113 (FASTLY)
6 199.232.211.52 54113 (FASTLY)
3 2a02:2638:3::c 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
5 13.32.119.77 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 19 37.252.171.53 29990 (ASN-APPNEX)
3 185.64.189.112 62713 (AS-PUBMATIC)
8 30 104.18.36.155 13335 (CLOUDFLAR...)
2 2600:9000:212... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 104.18.38.76 13335 (CLOUDFLAR...)
5 151.101.65.108 54113 (FASTLY)
20 2600:9000:223... 16509 (AMAZON-02)
1 198.47.127.19 3257 (GTT-BACKB...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:6... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
7 3.33.220.150 16509 (AMAZON-02)
3 6 209.54.182.161 16509 (AMAZON-02)
16 16 172.217.23.98 15169 (GOOGLE)
9 9 52.23.84.206 14618 (AMAZON-AES)
1 1 46.228.164.13 56396 (AMOBEE)
1 2 2.19.217.66 16625 (AKAMAI-AS)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
2 2607:ae80:4::25 26558 (FREEWHEEL)
1 98.98.134.242 21859 (ZEN-ECN)
6 6 65.9.66.84 16509 (AMAZON-02)
3 3 193.0.160.130 54312 (ROCKETFUEL)
3 35.244.174.68 15169 (GOOGLE)
3 3.69.190.202 16509 (AMAZON-02)
1 72.251.241.206 32475 (SINGLEHOP...)
1 1 54.152.252.123 14618 (AMAZON-AES)
2 2 52.58.114.78 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 34.252.177.198 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 164.132.25.180 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
14 141.226.228.48 200478 (TABOOLA-AS)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
4 35.187.184.108 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
4 35.190.0.66 15169 (GOOGLE)
2 35.244.170.237 15169 (GOOGLE)
17 2.19.107.55 16625 (AKAMAI-AS)
2 141.147.81.223 31898 (ORACLE-BM...)
4 2a05:d018:d29... 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
12 23.212.89.123 16625 (AKAMAI-AS)
5 34.203.54.235 14618 (AMAZON-AES)
4 2.19.217.60 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 69.173.144.165 26667 (RUBICONPR...)
1 35.244.193.51 15169 (GOOGLE)
2 141.95.33.120 16276 (OVH)
1 63.32.253.3 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH)
5 185.64.189.226 62713 (AS-PUBMATIC)
1 141.226.224.32 200478 (TABOOLA-AS)
1 18.245.60.53 16509 (AMAZON-02)
456 86
9    2a02:26f0:480:f::213:7ecc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.29news.com
49    2a02:26f0:480:c::210:f18b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
gray-wvir-prod.cdn.arcpublishing.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    65.9.95.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-96.prg50.r.cloudfront.net
www.burst.com
1    65.9.66.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-15.fra56.r.cloudfront.net
ugc.zeam.com
2    2600:9000:2127:4000:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
2    2606:4700:20::ac43:497c (United States)

ASN13335 (CLOUDFLARENET, US)
www.queryly.com
6    18.66.97.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-63.fra56.r.cloudfront.net
public.tockify.com
2    2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
reconditerespect.com
5    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
14    2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)
api-esp.piano.io
5    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
33    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
nr-events.taboola.com
trc.taboola.com
hp.taboola.com
wf.taboola.com
imprammp.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
31    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
c2.taboola.com
images.taboola.com
2    2a02:26f0:480:9a4::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.go-mpulse.net
0217991e.akstat.io
2    2a02:26f0:480:f::213:7ec9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
webpubcontent.raycommedia.com
10    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    65.9.95.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-83.prg50.r.cloudfront.net
config.aps.amazon-adsystem.com
1    3.212.66.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-66-31.compute-1.amazonaws.com
tockify.com
1    52.217.196.136 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    3.208.135.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-135-151.compute-1.amazonaws.com
ping.chartbeat.net
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    2600:9000:223f:2200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
7    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
nr-events.taboola.com
vidstat.taboola.com
pips.taboola.com
6    199.232.211.52 (United States)

ASN54113 (FASTLY, US)
apv-launcher.minute.ly
apv-static.tldw.me
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700:20::681a:bda (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.minute.ly
4    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
3    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
19    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
30    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
2    2600:9000:2127:1c00:1:4e32:7440:21 (United States)

ASN16509 (AMAZON-02, US)
d3v5317qx0o9g1.cloudfront.net
2    2606:4700:10::6816:49ae (United States)

ASN13335 (CLOUDFLARENET, US)
counter.snackly.co
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
3    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
8    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
5    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
20    2600:9000:223f:ba00:12:3f97:c680:21 (United States)

ASN16509 (AMAZON-02, US)
d2csfia1ogd5wa.cloudfront.net
1    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
9    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2600:1901:0:636d::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
operationchicken.com
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:26f0:480:184::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.go-mpulse.net
7    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
6    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
16    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
cm.g.doubleclick.net
9    52.23.84.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-84-206.compute-1.amazonaws.com
i.liadm.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    2.19.217.66 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-66.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    2607:ae80:4::25 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
6    65.9.66.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-84.fra56.r.cloudfront.net
live.rezync.com
3    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    3.69.190.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    54.152.252.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-252-123.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.58.114.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-114-78.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    2a05:d018:cc3:fe04:3014:5030:a5b6:caa6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    34.252.177.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-177-198.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    164.132.25.180 (France)

ASN16276 (OVH, FR)
PTR: ip180.ip-164-132-25.eu
ssbsync.smartadserver.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-match.taboola.com
7    2606:4700:10::ac43:b0e (United States)

ASN13335 (CLOUDFLARENET, US)
snippet.tldw.me
counter.tldw.me
4    35.187.184.108 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 108.184.187.35.bc.googleusercontent.com
rtb.ads.travelaudience.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    35.244.170.237 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 237.170.244.35.bc.googleusercontent.com
static.travelaudience.com
17    2.19.107.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-107-55.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
4    2a05:d018:d29:3605:b770:182f:d3e9:1c89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
12    23.212.89.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-123.deploy.static.akamaitechnologies.com
travel198849194933.s.moatpixel.com
5    34.203.54.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-54-235.compute-1.amazonaws.com
ioms.bfmio.com
4    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
2    141.95.33.120 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    63.32.253.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-253-3.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
5    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    18.245.60.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-53.fra60.r.cloudfront.net
sb.scorecardresearch.com
Apex Domain
Subdomains		 Transfer
86 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
c2.taboola.com — Cisco Umbrella Rank: 9052
nr-events.taboola.com — Cisco Umbrella Rank: 11107
trc.taboola.com — Cisco Umbrella Rank: 648
vidstat.taboola.com — Cisco Umbrella Rank: 3027
hp.taboola.com — Cisco Umbrella Rank: 22951
trc-events.taboola.com — Cisco Umbrella Rank: 2040
am-trc-events.taboola.com — Cisco Umbrella Rank: 15316
images.taboola.com — Cisco Umbrella Rank: 1870
wf.taboola.com — Cisco Umbrella Rank: 3217
am-vid-events.taboola.com — Cisco Umbrella Rank: 14680
imprammp.taboola.com — Cisco Umbrella Rank: 15008
am-match.taboola.com — Cisco Umbrella Rank: 15404
vidstatb.taboola.com — Cisco Umbrella Rank: 5135
pips.taboola.com — Cisco Umbrella Rank: 1659
cds.taboola.com — Cisco Umbrella Rank: 1860
2 MB
49 arcpublishing.com
gray-wvir-prod.cdn.arcpublishing.com — Cisco Umbrella Rank: 751848
2 MB
30 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
20 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
493 KB
24 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
acdn.adnxs.com — Cisco Umbrella Rank: 610
secure.adnxs.com — Cisco Umbrella Rank: 478
98 KB
22 cloudfront.net
d3v5317qx0o9g1.cloudfront.net
d2csfia1ogd5wa.cloudfront.net
366 KB
19 moatads.com
z.moatads.com — Cisco Umbrella Rank: 653
mb.moatads.com — Cisco Umbrella Rank: 766
px.moatads.com — Cisco Umbrella Rank: 594
231 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
79 KB
15 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
82 KB
14 piano.io
api-esp.piano.io — Cisco Umbrella Rank: 13615
114 KB
14 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 544
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
image6.pubmatic.com — Cisco Umbrella Rank: 793
t.pubmatic.com — Cisco Umbrella Rank: 3146
181 KB
12 moatpixel.com
travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 41895
3 KB
12 tldw.me
snippet.tldw.me — Cisco Umbrella Rank: 23235
counter.tldw.me — Cisco Umbrella Rank: 17079
apv-static.tldw.me — Cisco Umbrella Rank: 18036
2 MB
10 travelaudience.com
rtb.ads.travelaudience.com — Cisco Umbrella Rank: 141511
ads.travelaudience.com — Cisco Umbrella Rank: 5555
static.travelaudience.com — Cisco Umbrella Rank: 49747
311 KB
9 liadm.com
i.liadm.com — Cisco Umbrella Rank: 517
5 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
62 KB
9 29news.com
www.29news.com
889 KB
8 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1640
6 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
1 KB
7 tockify.com
public.tockify.com — Cisco Umbrella Rank: 65086
tockify.com — Cisco Umbrella Rank: 61351 Failed
323 KB
6 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
28 KB
6 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1785
4 KB
5 bfmio.com
ioms.bfmio.com — Cisco Umbrella Rank: 12536
2 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
2 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
374 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
128 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
436 B
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
api.rlcdn.com Failed
182 B
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 825
3 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
660 B
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1767
mab.chartbeat.com — Cisco Umbrella Rank: 2658
26 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
198 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 425
946 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
129 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 564
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
1 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
1 KB
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1554
1 KB
2 operationchicken.com
operationchicken.com — Cisco Umbrella Rank: 21308
896 B
2 snackly.co
counter.snackly.co — Cisco Umbrella Rank: 5407
284 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 minute.ly
apv-launcher.minute.ly — Cisco Umbrella Rank: 4993
snippet.minute.ly — Cisco Umbrella Rank: 7138
39 KB
2 raycommedia.com
webpubcontent.raycommedia.com — Cisco Umbrella Rank: 110245
70 KB
2 go-mpulse.net
s.go-mpulse.net — Cisco Umbrella Rank: 1309
c.go-mpulse.net — Cisco Umbrella Rank: 595
51 KB
2 reconditerespect.com
reconditerespect.com — Cisco Umbrella Rank: 27541
29 KB
2 queryly.com
www.queryly.com — Cisco Umbrella Rank: 11671
8 KB
2 burst.com
www.burst.com — Cisco Umbrella Rank: 32652
13 KB
1 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
300 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940
274 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2417
317 B
1 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 1596
250 B
1 gstatic.com
fonts.gstatic.com
21 KB
1 akstat.io
0217991e.akstat.io — Cisco Umbrella Rank: 68782
202 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
45 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11359
1 dotomi.com
casale-match.dotomi.com — Cisco Umbrella Rank: 2999
181 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
433 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1380
181 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1388
283 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 681
187 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
626 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
416 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
30 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 602
484 B
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1455
201 B
1 amazonaws.com
s3.amazonaws.com
552 B
1 zeam.com
ugc.zeam.com — Cisco Umbrella Rank: 33871
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1345
618 B
456 70
Domain Requested by
49 gray-wvir-prod.cdn.arcpublishing.com www.29news.com
gray-wvir-prod.cdn.arcpublishing.com
30 images.taboola.com
20 d2csfia1ogd5wa.cloudfront.net d3v5317qx0o9g1.cloudfront.net
18 ib.adnxs.com 2 redirects ads.pubmatic.com
acdn.adnxs.com
16 cm.g.doubleclick.net 16 redirects
15 px.moatads.com rtb.ads.travelaudience.com
14 api-esp.piano.io www.29news.com
code.jquery.com
api-esp.piano.io
13 cdn.taboola.com www.29news.com
cdn.taboola.com
12 travel198849194933.s.moatpixel.com rtb.ads.travelaudience.com
12 dsum-sec.casalemedia.com 4 redirects ssum-sec.casalemedia.com
12 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
10 securepubads.g.doubleclick.net www.29news.com
securepubads.g.doubleclick.net
dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
9 i.liadm.com 9 redirects
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
9 trc.taboola.com cdn.taboola.com
9 www.29news.com www.29news.com
8 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
7 match.adsrvr.org ssum-sec.casalemedia.com
imprammp.taboola.com
am-match.taboola.com
ads.pubmatic.com
6 live.rezync.com 6 redirects
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
api-esp.piano.io
6 public.tockify.com www.29news.com
tockify.com
5 t.pubmatic.com ads.pubmatic.com
5 ioms.bfmio.com vidstat.taboola.com
5 am-vid-events.taboola.com vidstat.taboola.com
5 apv-static.tldw.me
5 snippet.tldw.me apv-launcher.minute.ly
snippet.tldw.me
5 trc-events.taboola.com cdn.taboola.com
5 acdn.adnxs.com ads.pubmatic.com
5 htlb.casalemedia.com ads.pubmatic.com
5 aax.amazon-adsystem.com c.amazon-adsystem.com
5 www.googletagmanager.com www.29news.com
www.googletagmanager.com
public.tockify.com
5 ads.pubmatic.com www.29news.com
ads.pubmatic.com
4 eus.rubiconproject.com am-match.taboola.com
eus.rubiconproject.com
4 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
4 ads.travelaudience.com rtb.ads.travelaudience.com
4 rtb.ads.travelaudience.com dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
rtb.ads.travelaudience.com
4 cdn.indexww.com ssum-sec.casalemedia.com
4 js-sec.indexww.com ads.pubmatic.com
3 am-match.taboola.com vidstat.taboola.com
3 region1.google-analytics.com www.googletagmanager.com
3 x.bidswitch.net ssum-sec.casalemedia.com
am-match.taboola.com
3 idsync.rlcdn.com ssum-sec.casalemedia.com
3 p.rfihub.com 3 redirects
3 dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 hbopenbid.pubmatic.com ads.pubmatic.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 gum.criteo.com cdn.taboola.com
ads.pubmatic.com
3 c.amazon-adsystem.com www.29news.com
c.amazon-adsystem.com
3 cdnjs.cloudflare.com www.29news.com
cdnjs.cloudflare.com
2 id5-sync.com ads.pubmatic.com
2 token.rubiconproject.com eus.rubiconproject.com
2 imprammp.taboola.com vidstat.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 mb.moatads.com z.moatads.com
2 z.moatads.com rtb.ads.travelaudience.com
2 static.travelaudience.com rtb.ads.travelaudience.com
2 counter.tldw.me snippet.tldw.me
2 www.googletagservices.com dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
2 hp.taboola.com cdn.taboola.com
2 fonts.googleapis.com client
2 creativecdn.com 2 redirects
2 pm.w55c.net 2 redirects
2 ads.stickyadstv.com ssum-sec.casalemedia.com
2 x.dlx.addthis.com 1 redirects ssum-sec.casalemedia.com
2 operationchicken.com reconditerespect.com
2 counter.snackly.co snippet.minute.ly
2 d3v5317qx0o9g1.cloudfront.net public.tockify.com
2 nr-events.taboola.com c2.taboola.com
www.29news.com
2 webpubcontent.raycommedia.com www.29news.com
2 reconditerespect.com www.29news.com
2 www.queryly.com www.29news.com
2 static.chartbeat.com www.29news.com
2 www.burst.com www.29news.com
www.burst.com
1 sb.scorecardresearch.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 lb.eu-1-id5-sync.com ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 lexicon.33across.com ads.pubmatic.com
1 secure.adnxs.com vidstat.taboola.com
1 imasdk.googleapis.com vidstat.taboola.com
1 vidstatb.taboola.com
1 ups.analytics.yahoo.com imprammp.taboola.com
1 fonts.gstatic.com fonts.googleapis.com
1 am-trc-events.taboola.com
1 0217991e.akstat.io s.go-mpulse.net
1 ssbsync.smartadserver.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 sync.srv.stackadapt.com 1 redirects
1 cm.adgrx.com ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com ssum-sec.casalemedia.com
1 um.simpli.fi 1 redirects
1 d.turn.com 1 redirects
1 c.go-mpulse.net s.go-mpulse.net
1 www.google.com tpc.googlesyndication.com
1 image6.pubmatic.com ads.pubmatic.com
1 www.google.de www.29news.com
1 region1.analytics.google.com www.googletagmanager.com
1 snippet.minute.ly apv-launcher.minute.ly
1 apv-launcher.minute.ly cdn.taboola.com
1 code.jquery.com api-esp.piano.io
1 static.adsafeprotected.com www.29news.com
1 mab.chartbeat.com static.chartbeat.com
1 ping.chartbeat.net www.29news.com
1 s3.amazonaws.com www.29news.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 tockify.com public.tockify.com
www.29news.com
1 s.go-mpulse.net www.29news.com
1 c2.taboola.com www.29news.com
1 ugc.zeam.com www.29news.com
1 polyfill.io www.29news.com
0 api.rlcdn.com Failed ads.pubmatic.com
456 118
Subject Issuer Validity Valid
gray4.web.arc-cdn.net
R3		 2023-12-11 -
2024-03-10		 3 months crt.sh
*.cdn.arcpublishing.com
Entrust Certification Authority - L1K		 2022-12-12 -
2024-01-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-02 -
2024-01-01		 a month crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
burst.com
Amazon RSA 2048 M02		 2023-02-16 -
2024-03-16		 a year crt.sh
ugc.zeam.com
Amazon RSA 2048 M01		 2023-09-14 -
2024-10-12		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.tockify.com
Amazon RSA 2048 M01		 2023-05-12 -
2024-06-09		 a year crt.sh
reconditerespect.com
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
akstat.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-05 -
2024-04-04		 a year crt.sh
raycom.web.arc-cdn.net
R3		 2023-12-13 -
2024-03-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
tockify.com
Amazon RSA 2048 M02		 2023-02-01 -
2024-02-29		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-10		 9 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.minute.ly
R3		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.snackly.co
Sectigo RSA Organization Validation Secure Server CA		 2022-11-22 -
2023-12-23		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
operationchicken.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2023-10-09 -
2024-11-07		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M03		 2023-11-28 -
2024-12-26		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tldw.me
GTS CA 1P5		 2023-12-12 -
2024-03-11		 3 months crt.sh
rtb.ads.travelaudience.com
R3		 2023-10-30 -
2024-01-28		 3 months crt.sh
*.tldw.me
R3		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
ads.travelaudience.com
R3		 2023-11-06 -
2024-02-04		 3 months crt.sh
static.travelaudience.com
R3		 2023-12-05 -
2024-03-04		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh

This page contains 33 frames:

Primary Page: https://www.29news.com/
Frame ID: 52335F5D6F45BCC93C1D15F8B99825AD
Requests: 268 HTTP requests in this frame

Frame: https://tockify.com/wvir.calendar
Frame ID: CCCEC7B00E1B2B23340D34447F5F2CD6
Requests: 1 HTTP requests in this frame

Frame: https://tockify.com/wvir.calendar
Frame ID: 7878C5AD3574CDD5DDFDF4709F9D18E9
Requests: 36 HTTP requests in this frame

Frame: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 739C4F852BD0139923981E13E94B0CA4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 430D6F5651F0DB28794A8AFFBC9849F4
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 53564D935D311A4307229143A2C7944A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F9A8A55C400D35B2FD704C31B3439134
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: 4D756E9F12CA266D78D3A8AB564A5F11
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8E42D11316DD034D6438793CF6780E85
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 38E4A9B7C1003534418B7ABCE4C0BABD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2A57FD630CFA752AEBDB6B9DFE6A5598
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Frame ID: B5F92E34B6D40C2DCFA12AE430F372D0
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FFE2EE468DEB28CA841039F187CB6B56
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CF9A6685823151746CA038CF03CD40BA
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4AA3BBCAD65C8C17D6020A78E36B2404
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6015739D5B1C559D46FCC179EF4E3A0C
Requests: 3 HTTP requests in this frame

Frame: https://api-esp.piano.io/publisher/unattended/1190?wv=50&v=vz.1.108.13-79dc946e
Frame ID: 2625F578A574C96F85ED7700D783F461
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 9BBFD8B2F292700AFE367C90AAAB8F9A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 48ACE70DDEE3E78F8F82A0B0F546057E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 15FD4B704F6CBD45B24CFDC957768788
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C926FD8D62BA1C4629DF5814EFCBE28C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 325F35B33D2B65F53E34C4B0414A1B13
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68CCA80A3A9BA9A7535075458B1C1B89
Requests: 2 HTTP requests in this frame

Frame: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA8F141C0407F6906E88121819881E56
Requests: 8 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Frame ID: 4E62F1BB0974D98CE78CB1FB769013DD
Requests: 21 HTTP requests in this frame

Frame: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7EB937EAB7EE29DED55C1CC46DA22214
Requests: 8 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Frame ID: BC05491C9F6B269D401403B4A13E3164
Requests: 20 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&cmcv=&pix=undefined&cb=1702695753097&uv=3368&tms=1702695753097&abt=adxsub-out_vA!adxsub-out_vB!mprdct01val_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=5970c404-0685-4c17-bc1c-c299097d1b42&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: C4B5DFAD80D72A4567999DF9D58716B1
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E04EB7D8CA690B2D9227E421024B0D2D
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 0C8D43F226C8E3281F0FA2F409C28BBA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: FF0BB922C54635DE0FA041638142E167
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 40798D4C9EE83D2A0F3CD95652B19755
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 41B5FFC088C69EB9BCC1FBCFEA9FFAD7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WVIR | News, Weather, and Sports | Charlottesville, VA

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

456
Requests

93 %
HTTPS

41 %
IPv6

70
Domains

118
Subdomains

86
IPs

10
Countries

10223 kB
Transfer

20659 kB
Size

64
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 190
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 191
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 195
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 196
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 197
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 198
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 204
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 205
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA6bZdz8427QnaRxJXmrl1A&google_cver=1
Request Chain 206
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX0TR8-IB3cTurnxLTMuqQAA%263212&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX0TR8-IB3cTurnxLTMuqQAA%263212&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=994ff8250cfe493b9f9ab0f81ca3984e HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7277780670113784995 HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8cad3cbe-fcb8-4cf5-864e-688023537674 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8cad3cbe-fcb8-4cf5-864e-688023537674&rd=Y
Request Chain 207
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E0EEF2CC2B8B48299D75C6DFFDF5E619
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO4QUjreUTAmT-by91zfuQc&google_cver=1
Request Chain 212
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 213
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d6a9ba46b9f7449788890b733eaf8c2b HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d6a9ba46-b9f7-4497-8889-0b733eaf8c2b HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d49ebdf9-e4a2-4b04-a2fb-e23a30abbc53%3A1702695752.552832&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd49ebdf9-e4a2-4b04-a2fb-e23a30abbc53%253A1702695752.552832%26_%3D1702695752.556358&cb=1702695752.5563915 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322330163116219&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd49ebdf9-e4a2-4b04-a2fb-e23a30abbc53%253A1702695752.552832%26_%3D1702695752.556358 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=d49ebdf9-e4a2-4b04-a2fb-e23a30abbc53%3A1702695752.552832&_=1702695752.556358
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIPm3A4_34Bkjuf4bS6x_Us&google_cver=1
Request Chain 215
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCskzOWulzbfXCdFhURw38&google_cver=1
Request Chain 218
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HIcQraVeWo5fdE6ivFfKolFfBSs
Request Chain 219
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=EDxbl0H21RekWI5
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEANf92LicBvugimhunbCwhM&google_cver=1
Request Chain 222
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL7ugHpDWGfY-vGOz9sd7bI&google_cver=1
Request Chain 223
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8cad3cbefcb84cf5864e688023537674 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8cad3cbe-fcb8-4cf5-864e-688023537674 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ee8159bb-2ffc-4052-b613-eb86ee531ef1%3A1702695752.551941&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee8159bb-2ffc-4052-b613-eb86ee531ef1%253A1702695752.551941%26_%3D1702695752.555066&cb=1702695752.555132 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322330163116219&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee8159bb-2ffc-4052-b613-eb86ee531ef1%253A1702695752.551941%26_%3D1702695752.555066 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ee8159bb-2ffc-4052-b613-eb86ee531ef1%3A1702695752.551941&_=1702695752.555066
Request Chain 224
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 226
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX0TR3RFexcWRhqkK9aNbwAA%263163 HTTP 302
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX0TR3RFexcWRhqkK9aNbwAA%263163&tc=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=AO66_VLj1Csx41qQOKxvZZxktUJUTuEc9b2njU4c9UM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX0TR3RFexcWRhqkK9aNbwAA%263163&tc=1
Request Chain 228
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1702782152
Request Chain 230
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ8J1jjbQtpvb-6DkVt027o&google_cver=1
Request Chain 231
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c543bcb1c493449ba8aef43c70103569 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d6a9ba46-b9f7-4497-8889-0b733eaf8c2b HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=63e3242a-ef28-4c7c-99f5-b0561a7898c2%3A1702695752.5522416&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D63e3242a-ef28-4c7c-99f5-b0561a7898c2%253A1702695752.5522416%26_%3D1702695752.5547507&cb=1702695752.5547926 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588528074527539&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D63e3242a-ef28-4c7c-99f5-b0561a7898c2%253A1702695752.5522416%26_%3D1702695752.5547507 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=63e3242a-ef28-4c7c-99f5-b0561a7898c2%3A1702695752.5522416&_=1702695752.5547507
Request Chain 233
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJLEnbkUfuX2vLuNBquYOk8&google_cver=1

456 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.29news.com/ 		712 KB
130 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
34efd323a297e252675d549c5196e4236681cecc8b183c1e39dc684efa5bb111
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-true-ttl
-1
cache-control
private, max-age=60
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sat, 16 Dec 2023 03:02:30 GMT
etag
W/"b0db0-WFlZ41oEET6oCmlJu41B5HIADTM"
expires
Sat, 16 Dec 2023 03:03:30 GMT
last-modified
Sat, 16 Dec 2023 03:02:30 GMT
prerender-cache-tag
prerender-gray-wvir-prod-b308edcd
server
openresty
server-timing
cdn-cache; desc=REVALIDATE edge; dur=189 origin; dur=1017 ak_p; desc="1702695749631_34831756_697019141_120306_6766_6_32_255";dur=1
strict-transport-security
max-age=86400
vary
Accept-Encoding
x-akamai-transformed
9 130017 0 pmb=mRUM,2
x-amz-cf-id
NsG3Ux3uw38sKFqrE_bxBviRDNViKWvTiJX2mn1qFkFteBP8zAdagA==
x-amz-cf-pop
FRA56-P4
x-arc-pb-request-id
4e2f5d9a-616c-421d-b625-1a6a31dd9b2d 7d6fa347-0913-44dc-97fb-41d6de28871e
x-arc-request-id
0.8c7d1302.1702695749.298bab05
react.js
www.29news.com/pf/dist/engine/ 		842 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/pf/dist/engine/react.js?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4bd9ac56934d76ebef4caeb9c0eb9880378b0fd9e46f098d34e1399c18cc0bc5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 16 Dec 2023 03:02:30 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
IAD50-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.8c7d1302.1702695750.298baea5
server-timing
cdn-cache; desc=HIT, edge; dur=23, ak_p; desc="1702695750889_34831756_697020069_2343_1386_6_0_146";dur=1
content-length
186018
last-modified
Thu, 14 Dec 2023 16:19:49 GMT
server
openresty
etag
W/"52e9bde9eac1bb3706b9fac467fd559b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
jjLqt94KqB5v-JSn3qQ9CLhkxxGqGWc6eBIg8E4nQPABgYu_GLiXIQ==
expires
Sun, 15 Dec 2024 03:02:30 GMT
default.js
www.29news.com/pf/dist/components/combinations/ 		1 MB
275 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a1ce2ebc5559dd55f9d1b9aeb0df3d567623fb2ab8c25358d5c47eaaebfc7642
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 16 Dec 2023 03:02:30 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
ATL58-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.8c7d1302.1702695750.298baea6
server-timing
cdn-cache; desc=HIT, edge; dur=18, ak_p; desc="1702695750889_34831756_697020070_1851_1183_6_0_146";dur=1
content-length
280658
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"71e7a74e3051163ba9d92db913a2d8d0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
1BqlKphEcMQ1W7o0e543CQa8SwvGkYAsEuJ7fmSLE4fRW2iwMRA0Xw==
expires
Sun, 15 Dec 2024 03:02:30 GMT
main.css
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 		82 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
8257e3f3a5939a2a8e1ea470645bc40d9e2f626c59ec06307d0ed5f3f00b8ab0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
x-edgeconnect-origin-mex-latency
80
date
Sat, 16 Dec 2023 03:02:30 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
EWR53-P1
x-edgeconnect-midmile-rtt
17
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4bf01002.1702695750.10073736
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695750934_34664523_268908342_49_4544_6_19_255";dur=1
content-length
14170
last-modified
Thu, 14 Dec 2023 16:19:49 GMT
server
openresty
etag
W/"9e40a2a1a5a5fd1291cbb18863b4a93d"
x-edgeconnect-cache-status
3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
5barcSm0RD9YkBDvRU31SBBrp3Gbx8FEVQZ5pdJlOGP1roqxBV5hKw==
expires
Sun, 15 Dec 2024 03:02:30 GMT
main.css
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/ 		99 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
706743694960fca164dfe7fb4ed7d2dc76f97936ef1dbbc17e738b5ba5a14327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 16 Dec 2023 03:02:30 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
MIA3-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4bf01002.1702695750.10073737
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695750954_34664523_268908343_87_4528_6_0_255";dur=1
content-length
16022
last-modified
Thu, 14 Dec 2023 16:19:50 GMT
server
openresty
etag
W/"b8875683a6ccda26236205cbfde597c8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
_A4hbvwfIAdiOFx3Q-5W94hISq8ebm3QZx4tkD2VuSSxM1GLZ8ynzw==
expires
Sun, 15 Dec 2024 03:02:30 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 		100 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1295089
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
18861
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-49ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSOExDCZ3thVmRdSKoeoAW3vvNBd9wacxi%2BWIMq1CYTeGwAN0HIoId40NxWYMxmiFHsJV2FYozG7MnIUGPkJ3NXbhmpvPzwM3YhEjKYELcgVqf1Pfv39WPBCOBP8rtNN73UZz7WdDGJfdwkPKBhywi4q"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8363b01b2a223804-FRA
expires
Thu, 05 Dec 2024 03:02:30 GMT
polyfill.min.js
polyfill.io/v3/ 		104 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CObject.fromEntries%2CArray.prototype.entries
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 03:02:30 GMT
age
0
detected-user-agent
Chrome/120.0.6099
server-timing
MISS-CLUSTER, fastly;desc="Edge time";dur=4
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/120.0.0
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
gtm.js
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 		584 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 16 Dec 2023 03:02:30 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
ATL58-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4bf01002.1702695750.10073738
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695750954_34664523_268908344_47_4514_6_0_219";dur=1
content-length
305
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"d95f5027a66e33b82dc537faa5603017"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
MQnxnllSO7-AjsKdDIvaCWpZ_l4OMgxyLdc_MUJzS7PTjwIGCrMnGg==
expires
Sun, 15 Dec 2024 03:02:30 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 02:56:20 GMT
content-encoding
gzip
via
1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
last-modified
Tue, 12 Dec 2023 22:20:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
371
etag
W/"d6937d02acbbf691a008906e9d0617e0"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
iARrfjF9kj6Cm-GHwFnVfPqWHSUpwEPihGDRA_d82a4RdjcVfxSuQg==
framework.js
www.burst.com/webapps/embed/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.burst.com/webapps/embed/framework.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3525aa71e87b50d7a7d289c60539fa25ae854f6e20063ccfe3c4e8fb011af05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
QmTFx6UD2NYS_YSojtwK6cTAvw9NaRbn
content-encoding
gzip
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
date
Sat, 16 Dec 2023 03:02:31 GMT
last-modified
Tue, 12 Dec 2023 14:49:56 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
16
etag
W/"e5f6790f2b5e0c546bf463b0ddc9d9a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=10800
x-amz-cf-id
tcRXg2albTKQIwbow3uAZ9RJEe3wWlU_xeLRxywBEGvUB7khPy7FuA==
u2media-plugin.js
ugc.zeam.com/plugin/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ugc.zeam.com/plugin/u2media-plugin.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-15.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb401a02cbbd4e277a3b73f94423e52594bbba14871f61b7e40aaa06701e1e2a

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 03:34:20 GMT
content-encoding
gzip
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-amz-request-id
FDKY50AKE0APFB71
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
age
84491
x-cache
Hit from cloudfront
x-amz-id-2
1n1IONrzSg5D4PxaRhLF379l3rslUzUaLecJbA0fRkjfBNGI+3UX5wsGarISnTTUeInc+Mwj2n0=
last-modified
Wed, 29 Nov 2023 16:26:15 GMT
server
AmazonS3
etag
W/"f38a816a64b11cf4de9e4cc30b382e46"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag, x-amz-server-side-encryption, x-amz-request-id, x-amz-id-2
vary
Accept-Encoding
x-amz-cf-id
w19YJjDn8ih-8osLqNr7t66kW-sYTYshL3xF19jRQwYTazKUp2awdg==
comscore.js
www.29news.com/pf/resources/js/analytics/ 		168 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/pf/resources/js/analytics/comscore.js?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 16 Dec 2023 03:02:30 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
IAD50-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.8c7d1302.1702695750.298baea4
server-timing
cdn-cache; desc=HIT, edge; dur=17, ak_p; desc="1702695750889_34831756_697020068_1724_1400_6_0_219";dur=1
content-length
49862
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"702fb2c84c6e8b364a6130cb860c7987"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
-lmjm25N3Cp3agXRASdAImD2uY-qHiTMy2rBOdlKFFjxup9WAA-hSQ==
expires
Sun, 15 Dec 2024 03:02:30 GMT
chartbeat.js
static.chartbeat.com/js/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
88004917adbd7b6b060b06f46d6b7cffb33406df9e017f5d52a506de5dc7ab1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 17:56:00 GMT
content-encoding
gzip
via
1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 01:27:01 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
32791
etag
W/"657a59e5-9672"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
LJ78FJMHtN9w_ZmtRjZNw1GYoBdaVrAclb1FhtIb2ohMi64ABaVfAA==
expires
Sat, 16 Dec 2023 17:56:00 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:4000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
73c48a750a107c5809e5b332e74b0f1b32ddd1c24b98f1d9e8febf73322fbb84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 19:53:50 GMT
content-encoding
gzip
via
1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
last-modified
Thu, 14 Dec 2023 01:53:37 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
25721
etag
W/"657a6021-5f55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
qsYgzNycGq6FX6VOA9EOcVE-0WQUMS-lqouLf6q7A1sHWDsIE7OYzw==
expires
Sat, 16 Dec 2023 19:53:50 GMT
queryly.v4.min.js
www.queryly.com/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.queryly.com/js/queryly.v4.min.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
970dad4102b0f0a1c8b3e84ecc0ed974492db999d232a5e8544861ccdfbdb7db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 15:54:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
111
etag
W/"08b344c95da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PDpzLdu4wXmY2tUfyl5arcC6GeyRW1K7DOlwEj1oVOM11Vi3ZPILkWxUdoW8Re9DTznsq3WXRSTCS%2B51p%2BrZqqvKFEIZKBa4HzuZHJfIUP1ZnKBlWwr9WKj2sFryJepFQBd7dV3kNAJMskf3eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8363b01bed111e58-FRA
KHBPMFXBHBHSTC3L6AUL6A5EJE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/KHBPMFXBHBHSTC3L6AUL6A5EJE.jpg?auth=ec111e08914fc5aede103883da11e7ecc2eb705de25e29d3ad480d4e72d828b9&width=800&height=600&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7593d17bca70a7d70dd9981789a56d5297efde96f356f6cce2429b397c899fd2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
x-edgeconnect-origin-mex-latency
170, 170
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
x-check-cacheable
YES
x-edgeconnect-midmile-rtt
65, 68
x-arc-request-id
0.4bf01002.1702695750.10073739
server-timing
cdn-cache; desc=HIT, edge; dur=106, origin; dur=0, ak_p; desc="1702695750954_34664523_268908345_10603_15774_6_0_182";dur=1
content-length
10133
last-modified
Fri, 15 Dec 2023 21:28:33 GMT
server
Akamai Image Manager
x-serial
967
etag
"21c7d5e871a4c70e1e08446351ec9734"
x-edgeconnect-cache-status
3
content-type
image/avif
cache-control
private, no-transform, max-age=31516025
expires
Sat, 14 Dec 2024 21:29:36 GMT
5VZDKGYM2ZA53JYO77RQQ2LIKE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/5VZDKGYM2ZA53JYO77RQQ2LIKE.jpg?auth=88045c1e720efbf05926bc2cd4595b779c58735cc3596ddea8e26e01598667ac&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0a54de782d1556267f87bb81e079f0fb3565df90b407f756952f346d1f9198ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 22:39:03 GMT
server
Akamai Image Manager
x-serial
406
x-check-cacheable
YES
etag
"22af2b6ecdb7a5d33561e4498e73229e"
x-arc-request-id
0.4bf01002.1702695750.1007373a
content-type
image/avif
cache-control
private, no-transform, max-age=31520205
server-timing
cdn-cache; desc=HIT, edge; dur=311, origin; dur=0, ak_p; desc="1702695750956_34664523_268908346_30977_15261_7_0_182";dur=1
content-length
48309
expires
Sat, 14 Dec 2024 22:39:16 GMT
YHMFCTJTUZE6VL3U22LPS2LDRY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/YHMFCTJTUZE6VL3U22LPS2LDRY.jpg?auth=142100bec84c555ede40829724ca075da5d2bc0aca37e0a3e19c6f699ff0a44e&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
6ead0a41d475bf406165e279a52870f7800a053d1b3738c3ab301b1f928ae2e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 20:39:28 GMT
server
Akamai Image Manager
x-serial
769
x-check-cacheable
YES
etag
"7e6c980dc01f57287aa22c7fb3acd1f4"
x-arc-request-id
0.4bf01002.1702695751.10073745
content-type
image/avif
cache-control
private, no-transform, max-age=31512999
server-timing
cdn-cache; desc=HIT, edge; dur=94, origin; dur=0, ak_p; desc="1702695751005_34664523_268908357_9434_8519_6_0_182";dur=1
content-length
30270
expires
Sat, 14 Dec 2024 20:39:10 GMT
72AYN6HW3BDN7PHJ5RATOXQPLU.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/72AYN6HW3BDN7PHJ5RATOXQPLU.jpg?auth=202bc7ac47f8bfcba6d5b7fa0693e91cbfc0350be858d17b1e7abfd2451805fa&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
13fc33bfd71d1428a6594249042832c3847377cf3a370581971c1f948d054c33
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 15:55:12 GMT
server
Akamai Image Manager
etag
"cab6c0938f07df3a900430a32e0d9aab"
x-arc-request-id
0.4bf01002.1702695751.10073746
content-type
image/avif
cache-control
private, no-transform, max-age=31495902
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751005_34664523_268908358_79_8418_10_0_182";dur=1
content-length
81184
expires
Sat, 14 Dec 2024 15:54:13 GMT
5K64O5MM2FCPFFOU66WB2DKCAI.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/5K64O5MM2FCPFFOU66WB2DKCAI.jpg?auth=b10607cac924605a3a8a1295130189e02bd92d65e64366bc9ebcf06f47cd9a6c&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1377bf6a9b52fac83a53ac810c19760056e167c9e4937a601b79f5d200c1847a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 20:49:51 GMT
server
Akamai Image Manager
x-serial
599
x-check-cacheable
YES
etag
"81396ab6cd2b60c017bd04b6354df910"
x-arc-request-id
0.4bf01002.1702695751.10073747
content-type
image/avif
cache-control
private, no-transform, max-age=31513703
server-timing
cdn-cache; desc=HIT, edge; dur=68, origin; dur=0, ak_p; desc="1702695751005_34664523_268908359_6808_8403_6_0_182";dur=1
content-length
42737
expires
Sat, 14 Dec 2024 20:50:54 GMT
MMBR37P4SRGOFGZ6RMR27ZTPT4.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MMBR37P4SRGOFGZ6RMR27ZTPT4.jpg?auth=4c423c345e8e4ea9e1d392ba2d705456578eab0fe2d29de038f77a83232ada5f&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
84157b3c3cf25c981bab623c8b4b182148f3ea55bc87a33722bb6ab5c6cb49e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 19:51:33 GMT
server
Akamai Image Manager
etag
"637974c400497600fade82870c34216d"
x-arc-request-id
0.4bf01002.1702695751.10073748
content-type
image/avif
cache-control
private, no-transform, max-age=31510162
server-timing
cdn-cache; desc=HIT, edge; dur=51, origin; dur=0, ak_p; desc="1702695751005_34664523_268908360_5059_12006_6_0_146";dur=1
content-length
29439
expires
Sat, 14 Dec 2024 19:51:53 GMT
MECEH7WYLRFLJK7LJR46CTS6GY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MECEH7WYLRFLJK7LJR46CTS6GY.jpg?auth=1a1cd3640f3baabf0c778f517c6967b09f1a2f8cb979c34df5bbd87014a150d4&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
eb2710427c2031d48de9c32501d3fc6fc701322523c3a801657f6a7d3f6ece36
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 20:56:20 GMT
server
Akamai Image Manager
x-serial
1767
x-check-cacheable
YES
etag
"ec745707195bf2f61e764dfd304b78ac"
x-arc-request-id
0.4bf01002.1702695751.10073749
content-type
image/avif
cache-control
private, no-transform, max-age=31513897
server-timing
cdn-cache; desc=HIT, edge; dur=203, origin; dur=0, ak_p; desc="1702695751005_34664523_268908361_20301_12261_9_0_146";dur=1
content-length
7975
expires
Sat, 14 Dec 2024 20:54:08 GMT
WPKMK7V5JFFK5KLCIYKFBPWCXI.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/WPKMK7V5JFFK5KLCIYKFBPWCXI.jpg?auth=e742b738b56b11999ed32ff5d3f8ad13807945647ea4ad49815bbb75f7c6c7e0&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8379f23b888e0346ef6623d8913a391c73c7d326745539b6f0bc267fabef8420
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 18:58:48 GMT
server
Akamai Image Manager
x-serial
252
x-check-cacheable
YES
etag
"9953a5415a87ac876f7f23513123ac65"
x-arc-request-id
0.4bf01002.1702695751.1007374a
content-type
image/avif
cache-control
private, no-transform, max-age=31506969
server-timing
cdn-cache; desc=HIT, edge; dur=78, origin; dur=0, ak_p; desc="1702695751005_34664523_268908362_7791_20405_6_0_146";dur=1
content-length
33789
expires
Sat, 14 Dec 2024 18:58:40 GMT
6IR4ORYDRNHHXPGFCTOPRCHT2Q.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/6IR4ORYDRNHHXPGFCTOPRCHT2Q.jpg?auth=d38c53284bc2f0a4452b6b52bf0b5d1eae606200fb09ec87df59753c1c726462&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e338fdc82f4e04414debc95cd1301db99aa1a0ce9d49dc505396a06344f2da66
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 20:14:28 GMT
server
Akamai Image Manager
x-serial
1364
x-check-cacheable
YES
etag
"267de135f47a39110e11aaca8127116d"
x-arc-request-id
0.4bf01002.1702695751.1007374b
content-type
image/avif
cache-control
private, no-transform, max-age=31511452
server-timing
cdn-cache; desc=HIT, edge; dur=78, origin; dur=0, ak_p; desc="1702695751012_34664523_268908363_7836_5764_6_0_146";dur=1
content-length
42366
expires
Sat, 14 Dec 2024 20:13:23 GMT
LAWNENZYMFFK3PWPUW4WF3BZEY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/LAWNENZYMFFK3PWPUW4WF3BZEY.jpg?auth=5d3f855ad575c1a61c0e3a0b100cd1adf4b79921f531ea896a530041a1655746&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7887a70ac97003619e3480788c7bc28698c950c49441f3d530b17c3eeb657cc2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 16:28:22 GMT
server
Akamai Image Manager
x-serial
1518
x-check-cacheable
YES
etag
"a4bb9dd881aa962df75136c270ba3745"
x-arc-request-id
0.4bf01002.1702695751.1007374c
content-type
image/avif
cache-control
private, no-transform, max-age=31497874
server-timing
cdn-cache; desc=HIT, edge; dur=98, origin; dur=0, ak_p; desc="1702695751011_34664523_268908364_9778_6191_7_0_146";dur=1
content-length
39264
expires
Sat, 14 Dec 2024 16:27:05 GMT
https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_1445cb25af3248209281e6114d332ad9_name_file_1280x720_2000_v3_1_.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_1445cb25af3248209281e6114d332ad9_name_file_1280x720_2000_v3_1_.jpg?auth=497126b9751c5ebaa2d257f7f0d5ed67690d00927224a4e05d0fa9c4829b850b&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e6d9cfc441d6a59c4f39e6bd1f10784799e90ee4e962ff1d2acb39541480ea88
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 17:10:41 GMT
server
Akamai Image Manager
etag
"da8faa8abe84aca2b6dabd2ee9a3bb83"
x-arc-request-id
0.4bf01002.1702695751.1007374d
content-type
image/avif
cache-control
private, no-transform, max-age=31500443
server-timing
cdn-cache; desc=HIT, edge; dur=31, origin; dur=0, ak_p; desc="1702695751011_34664523_268908365_3098_7244_7_0_146";dur=1
content-length
33060
expires
Sat, 14 Dec 2024 17:09:54 GMT
https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_9cf90f136af84d59a72fbb360eeb1eae_name_file_1280x720_2000_v3_1_.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_9cf90f136af84d59a72fbb360eeb1eae_name_file_1280x720_2000_v3_1_.jpg?auth=89290c4eda2501d1c3f4d022f348f95e0201f79eba437ea7c0217783b7ee83da&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0a54de782d1556267f87bb81e079f0fb3565df90b407f756952f346d1f9198ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 22:38:41 GMT
server
Akamai Image Manager
etag
"22af2b6ecdb7a5d33561e4498e73229e"
x-arc-request-id
0.4bf01002.1702695751.1007374e
content-type
image/avif
cache-control
private, no-transform, max-age=31520236
server-timing
cdn-cache; desc=HIT, edge; dur=359, origin; dur=0, ak_p; desc="1702695751011_34664523_268908366_35856_7169_6_0_146";dur=1
content-length
48309
expires
Sat, 14 Dec 2024 22:39:47 GMT
https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_2223314123c44be8bac8efe726037ec8_name_file_1280x720_2000_v3_1_.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_2223314123c44be8bac8efe726037ec8_name_file_1280x720_2000_v3_1_.jpg?auth=a36b36b69a90b2cd9903ff725d4be8825c3a2456d6666b637ad499a97b7e54d3&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
97c6e39d8c46da7b453e7868e62a6ea4636be8a402098565012c2d915a7c7bc3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 22:23:25 GMT
server
Akamai Image Manager
x-serial
770
x-check-cacheable
YES
etag
"940abd54aadc1331224fc6f40b627841"
x-arc-request-id
0.4bf01002.1702695751.1007374f
content-type
image/avif
cache-control
private, no-transform, max-age=31519316
server-timing
cdn-cache; desc=HIT, edge; dur=484, origin; dur=0, ak_p; desc="1702695751011_34664523_268908367_48400_9450_7_0_146";dur=1
content-length
32087
expires
Sat, 14 Dec 2024 22:24:27 GMT
https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_e5c3105f68cc4860ba35f78252add815_name_file_1280x720_2000_v3_1_.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/https%3A%2F%2Fdo0bihdskp9dy.cloudfront.net%2F12-15-2023%2Ft_e5c3105f68cc4860ba35f78252add815_name_file_1280x720_2000_v3_1_.jpg?auth=ec50b924b2befd4a73422bf900a7dfca099db975639a7745fb721c55196dce0d&width=800&height=533&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
e3d0803a6eba7048114dccc119a564f44b3a1d5b4978ff3d7b6cdfb35098983d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 22:13:01 GMT
server
Akamai Image Manager
x-serial
1724
x-check-cacheable
YES
etag
"b4518e1473e3673175b843b57dfed90a"
x-arc-request-id
0.4bf01002.1702695751.10073750
content-type
image/avif
cache-control
private, no-transform, max-age=31518555
server-timing
cdn-cache; desc=HIT, edge; dur=526, origin; dur=0, ak_p; desc="1702695751015_34664523_268908368_52842_18477_6_0_146";dur=1
content-length
19624
expires
Sat, 14 Dec 2024 22:11:46 GMT
embed.js
public.tockify.com/browser/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com/browser/embed.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-63.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
992bed67acbd5174ae1d6609291b0309c7e5391fe302f4d7b6468c5a2787847f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
br
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
last-modified
Mon, 20 Nov 2023 13:06:24 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
26
etag
W/"655b59d0-6439"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=180
x-amz-cf-id
E9HJt5yP1Z725QltUEbB5PHBuz6U-QBqHKInfD9rtsyvIhghhtaECw==
expires
Sat, 16 Dec 2023 03:05:05 GMT
LOVU2JNBKZBUZEJHZ4RVJPVPKE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/LOVU2JNBKZBUZEJHZ4RVJPVPKE.jpg?auth=34203ce6c291adefaddc0d5c723097b18a39c6fc2c998802c40064482aefe72a&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cab7bcbdfef94745cc2c5851337771fad3b46f6f0b000a1661a9a258a927a35a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 22:31:39 GMT
server
Akamai Image Manager
etag
"e9e9575f6ad0232eef714d328e151bc5"
x-arc-request-id
0.4bf01002.1702695751.10073751
content-type
image/avif
cache-control
private, no-transform, max-age=31519700
server-timing
cdn-cache; desc=HIT, edge; dur=514, origin; dur=0, ak_p; desc="1702695751011_34664523_268908369_51325_7431_6_0_146";dur=1
content-length
39458
expires
Sat, 14 Dec 2024 22:30:51 GMT
RBX22BYBGNEMRIPYTKX2JQTEFI.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/RBX22BYBGNEMRIPYTKX2JQTEFI.jpg?auth=5a99c92435f9e5259fd3a88a7f3fe02a1774b4de95ce69d6fca6637b819a17c9&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
225b77feaa899de27aa763f13d892125303a3188e951f24cf60b0d0a7a6a084d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 17:16:17 GMT
server
Akamai Image Manager
x-serial
239
x-check-cacheable
YES
etag
"6453fc810bdc8f19eb1d62b2ea9bbc41"
x-arc-request-id
0.4bf01002.1702695751.10073752
content-type
image/avif
cache-control
private, no-transform, max-age=31500851
server-timing
cdn-cache; desc=HIT, edge; dur=141, origin; dur=0, ak_p; desc="1702695751011_34664523_268908370_14053_16136_11_0_146";dur=1
content-length
37896
expires
Sat, 14 Dec 2024 17:16:42 GMT
2DTS67JZ5SQUTD3BNE27A3ZV6Y.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/2DTS67JZ5SQUTD3BNE27A3ZV6Y.jpg?auth=438c39b43df2dfcfce64dc1aa8579f73eefc05ca2d18dc656fb7efad127b5a04&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
08dc3f38277219e7dd10b05f6fc2c074cef04ce11a9b50cbe447bbca7e50b9bc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 16:43:21 GMT
server
Akamai Image Manager
etag
"5c372de7a9d169d08ca74d02141a6139"
x-arc-request-id
0.4bf01002.1702695751.10073753
content-type
image/avif
cache-control
private, no-transform, max-age=31498769
server-timing
cdn-cache; desc=HIT, edge; dur=78, origin; dur=0, ak_p; desc="1702695751019_34664523_268908371_7731_7039_6_0_146";dur=1
content-length
36932
expires
Sat, 14 Dec 2024 16:42:00 GMT
7NPKQS3QKVAWXFKYUCRNIPD2AE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/7NPKQS3QKVAWXFKYUCRNIPD2AE.jpg?auth=da9d213b5fa6449cc5b6ebc5f554ea452f6c4e88b114b8bc53b4b40b38916ba6&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
67b19d5a8e3620dd80340deaf30329741993c27ec8255f356e43f28cb9e53d32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 14:43:45 GMT
server
Akamai Image Manager
x-serial
1221
x-check-cacheable
YES
etag
"fe16405ca42aea617d0d9d56857c8764"
x-arc-request-id
0.4bf01002.1702695751.10073754
content-type
image/avif
cache-control
private, no-transform, max-age=31491574
server-timing
cdn-cache; desc=HIT, edge; dur=52, origin; dur=0, ak_p; desc="1702695751019_34664523_268908372_5214_7003_6_0_146";dur=1
content-length
34738
expires
Sat, 14 Dec 2024 14:42:05 GMT
GRXSXPCCEVGIRJZQR6YJC6NAVE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/GRXSXPCCEVGIRJZQR6YJC6NAVE.jpg?auth=3db344fd40b964eb73e931fa6c54aa3b6f643ed86e46e5be5abdd9362047e068&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
de4c7284a8b5070e088af3644022231b96cc7dd4da8f59f49bb56dc03a8158c6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 10:02:21 GMT
server
Akamai Image Manager
x-serial
632
x-check-cacheable
YES
etag
"1f7d748d365b0cbea0ba7e14159d70d8"
x-arc-request-id
0.4bf01002.1702695751.10073755
content-type
image/avif
cache-control
private, no-transform, max-age=31474785
server-timing
cdn-cache; desc=HIT, edge; dur=71, origin; dur=0, ak_p; desc="1702695751019_34664523_268908373_7087_6985_6_0_146";dur=1
content-length
15702
expires
Sat, 14 Dec 2024 10:02:16 GMT
XPATKRZWPVGG7FQVSBOM563TVA.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/XPATKRZWPVGG7FQVSBOM563TVA.jpg?auth=6d1e467b49ca0009e8a56228f3a9aaf45bfb292ebe0b2806b123f400998696df&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
adbdec081c0418ecbc29a92f8a1e5fd8847e2245f7c51bb774f218148547d64c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 08:36:43 GMT
server
Akamai Image Manager
x-serial
1431
x-check-cacheable
YES
etag
"e718f914cecaa2d0b7991236da201467"
x-arc-request-id
0.4bf01002.1702695751.10073756
content-type
image/avif
cache-control
private, no-transform, max-age=31469495
server-timing
cdn-cache; desc=HIT, edge; dur=249, origin; dur=0, ak_p; desc="1702695751019_34664523_268908374_24863_8663_7_0_146";dur=1
content-length
12009
expires
Sat, 14 Dec 2024 08:34:06 GMT
XJH4PO3QOFGMDNE6PI6W3TIHUQ.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/XJH4PO3QOFGMDNE6PI6W3TIHUQ.png?auth=43f6f1fdbe26063240a01e8f8531d39870ea185fd526f33048c8f45f1a23e3cc&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
274364e6ccc017a98a341aa67bb0f7908fbe3fbe976237383a4d7ade10125aea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 08:36:45 GMT
server
Akamai Image Manager
x-serial
2005
x-check-cacheable
YES
etag
"471d4cc3723eef721d508fd66479e3b8"
x-arc-request-id
0.4bf01002.1702695751.10073757
content-type
image/avif
cache-control
private, no-transform, max-age=31469633
server-timing
cdn-cache; desc=HIT, edge; dur=77, origin; dur=0, ak_p; desc="1702695751019_34664523_268908375_7741_8654_6_0_146";dur=1
content-length
56099
expires
Sat, 14 Dec 2024 08:36:24 GMT
ZEMUWNQWXVA2TCRIEPC46VLRGM.jpeg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ZEMUWNQWXVA2TCRIEPC46VLRGM.jpeg?auth=4bf4f511c0ddb4b16dbd313bcaa3248b27bfc034701b530fe87215281f91e76c&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
37ee47a1f3a46dde6ec81adb5935bcf2fc99176172f67ab0069e6fb8ee2d5bf5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Fri, 15 Dec 2023 08:35:38 GMT
server
Akamai Image Manager
x-serial
548
x-check-cacheable
YES
etag
"9ef36fbdb71a3aef66000323d669463f"
x-arc-request-id
0.4bf01002.1702695751.10073758
content-type
image/avif
cache-control
private, no-transform, max-age=31469631
server-timing
cdn-cache; desc=HIT, edge; dur=76, origin; dur=0, ak_p; desc="1702695751019_34664523_268908376_7615_12114_6_0_146";dur=1
content-length
61992
expires
Sat, 14 Dec 2024 08:36:22 GMT
5KKGJUV5NCSVU5X2JBLNSL6Q6E.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/5KKGJUV5NCSVU5X2JBLNSL6Q6E.jpg?auth=2a680452c98d2557189e81661e0c995cd4ae8b22ffd47c6c68ee55e519b16281&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cd623a181d7067e8732e06a3e47430ca66602d9d604ebd821e3390be94852fce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 22:20:38 GMT
server
Akamai Image Manager
x-serial
1137
x-check-cacheable
YES
etag
"218c00de9dd5f194b5cf40e6e6d49061"
x-arc-request-id
0.4bf01002.1702695751.10073759
content-type
image/avif
cache-control
private, no-transform, max-age=31432618
server-timing
cdn-cache; desc=HIT, edge; dur=20, origin; dur=0, ak_p; desc="1702695751019_34664523_268908377_2037_8657_7_0_146";dur=1
content-length
23873
expires
Fri, 13 Dec 2024 22:19:29 GMT
UMZXTD5465HCRGETDO2HAJWTCM.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/UMZXTD5465HCRGETDO2HAJWTCM.png?auth=62a0b9595e9d2fe85376f466912265fb5bbca94be7c17b1195cfbd285a0a70df&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3fa3d3aac092c8453ede9ae0397911dfbc0add561679d1faa196320ed4863fac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 20:23:55 GMT
server
Akamai Image Manager
etag
"7b31125cb21e8ebf6990ffa21728248f"
x-arc-request-id
0.4bf01002.1702695751.1007375a
content-type
image/avif
cache-control
private, no-transform, max-age=31425658
server-timing
cdn-cache; desc=HIT, edge; dur=196, origin; dur=0, ak_p; desc="1702695751019_34664523_268908378_19541_8761_9_0_146";dur=1
content-length
19827
expires
Fri, 13 Dec 2024 20:23:29 GMT
I2OAQYULQJDUPBRAQ2O6XAJD5Y.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/I2OAQYULQJDUPBRAQ2O6XAJD5Y.jpg?auth=f4a397d7c435fa431f40d5af28d698cf352c505df01f75252edf6f1b3899a13e&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9b34aab60bc8c097636dd38398590e81d458bdda50b06bf250eb6f3bb2ddfb37
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 21:12:38 GMT
server
Akamai Image Manager
x-serial
381
x-check-cacheable
YES
etag
"7bbc54b749a1b6367df003b5476871e9"
x-arc-request-id
0.4bf01002.1702695751.1007375b
content-type
image/avif
cache-control
private, no-transform, max-age=31428562
server-timing
cdn-cache; desc=HIT, edge; dur=18, origin; dur=0, ak_p; desc="1702695751019_34664523_268908379_1810_8744_7_0_146";dur=1
content-length
20641
expires
Fri, 13 Dec 2024 21:11:53 GMT
ULIWOHBKKFAITO3MHX4GVMZCTE.bmp
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ULIWOHBKKFAITO3MHX4GVMZCTE.bmp?auth=a68148e206393922bb56920860e9e31adc55a167932eeca03b8419af5f86962c&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5b4f9cffdd7f6ac1d0d615f65024064a9f261e21e448e110f279aea148e6da39
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 23:42:16 GMT
server
Akamai Image Manager
x-serial
1346
x-check-cacheable
YES
etag
"69182ab92a84a201fdbfbd8f63011e67"
x-arc-request-id
0.4bf01002.1702695751.1007375c
content-type
image/avif
cache-control
private, no-transform, max-age=31437579
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751019_34664523_268908380_84_8260_7_0_146";dur=1
content-length
10193
expires
Fri, 13 Dec 2024 23:42:10 GMT
SNKGWGON6VF3FGAKE4DXIEI6HI.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/SNKGWGON6VF3FGAKE4DXIEI6HI.jpg?auth=9693bb4d549e8f4408eff1e4509d063018738a269ff2e41a014264a3ad30acb4&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ec7bbd80a20739e0e95342a018f055bb6d7104aa9f21a123485520070664e150
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 19:55:08 GMT
server
Akamai Image Manager
etag
"5b0a2dbaccb1dfcdebc91061f32c520a"
x-arc-request-id
0.4bf01002.1702695751.1007375d
content-type
image/avif
cache-control
private, no-transform, max-age=31423927
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751019_34664523_268908381_84_8246_7_0_146";dur=1
content-length
21569
expires
Fri, 13 Dec 2024 19:54:38 GMT
NCZZWGJDF5HKDL422RITGIXIJM.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/NCZZWGJDF5HKDL422RITGIXIJM.jpg?auth=434de340c6b697a8f27c6aefaed2fb52671649f19e76a86b4f2453704b47dd0d&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
593feb16e7310f6ec96f40794a8f32efeed162b216d20ab61a4cc6178da5f261
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Tue, 12 Dec 2023 10:18:20 GMT
server
Akamai Image Manager
x-serial
727
x-check-cacheable
YES
etag
"944866ce3e341cf85ac61b532ff1348b"
x-arc-request-id
0.4bf01002.1702695751.1007375e
content-type
image/avif
cache-control
private, no-transform, max-age=31216442
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751020_34664523_268908382_85_8227_7_0_146";dur=1
content-length
10939
expires
Wed, 11 Dec 2024 10:16:33 GMT
B3QIDSQJFNAGPKUX3MLECVJUAE.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/B3QIDSQJFNAGPKUX3MLECVJUAE.png?auth=0dc914ac9e61ead55a371e3cd472726d57ba3b89b7fddfd7b483423ee5838ad2&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4bd0b039a1ab966889e5df5946799add86c82b348316216b22e2dd62856944f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 18:37:48 GMT
server
Akamai Image Manager
x-serial
1777
x-check-cacheable
YES
etag
"1b6599b6647c214a53ca7cd3edac376e"
x-arc-request-id
0.4bf01002.1702695751.1007375f
content-type
image/avif
cache-control
private, no-transform, max-age=31419266
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751020_34664523_268908383_88_8195_7_0_146";dur=1
content-length
15502
expires
Fri, 13 Dec 2024 18:36:57 GMT
7RT2UHALSJBV5NFIDKIIGC7U3A.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/7RT2UHALSJBV5NFIDKIIGC7U3A.jpg?auth=2dabcf6840bdd61e85492db8801a1a0182f180536d2e773f9fe5182551c1e92d&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c509be37bdfb00f2faa69c9a8e6e9c0cbfd021d24f23e109bb3ebfe1bb929e60
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 19:19:02 GMT
server
Akamai Image Manager
etag
"6ec0c84e7fffad318eadb95188f04a80"
x-edgeconnect-cache-status
1
x-arc-request-id
0.4bf01002.1702695751.10073760
content-type
image/avif
cache-control
private, no-transform, max-age=31421901
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751020_34664523_268908384_100_7960_7_0_146";dur=1
content-length
14194
expires
Fri, 13 Dec 2024 19:20:52 GMT
5HRCUTHOUZCUHMZX6E63O7QEKY.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/5HRCUTHOUZCUHMZX6E63O7QEKY.jpg?auth=5b51b74c5e8fda8bf28398fe620fb4a23d75d8a3bcfc7a1ce7381ac802f0b7e7&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ec7679d6d29b15719ee656bd5e67fe006ae97e5c0704f8d6ddd245ed361436a5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Tue, 12 Dec 2023 11:21:18 GMT
server
Akamai Image Manager
etag
"2d6cd9cd2711ce3f44160d9102f11d5b"
x-arc-request-id
0.4bf01002.1702695751.10073761
content-type
image/avif
cache-control
private, no-transform, max-age=31220222
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751020_34664523_268908385_95_7963_7_0_146";dur=1
content-length
28008
expires
Wed, 11 Dec 2024 11:19:33 GMT
GM7OBGDJSVYZBRDNNHGUVYNMPQ.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/GM7OBGDJSVYZBRDNNHGUVYNMPQ.jpg?auth=f807080f22e0f3ed86feceaaa28e46f2a002cd7a682f39f4b7042b8466d8da90&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b33e910ec4484710548384d4fdf7bed5bc864ba8af1b818086c530c371a58d17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 16:04:13 GMT
server
Akamai Image Manager
etag
"a9fa08ec50c2725511d70b4902759cf4"
x-arc-request-id
0.4bf01002.1702695751.10073762
content-type
image/avif
cache-control
private, no-transform, max-age=31410177
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751020_34664523_268908386_149_7952_7_0_146";dur=1
content-length
19018
expires
Fri, 13 Dec 2024 16:05:28 GMT
QIQCPFSWLNB7VAA7U6FUP6PZBE.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/QIQCPFSWLNB7VAA7U6FUP6PZBE.jpg?auth=e37ac08e9efefe9793c0d0dea4a7a513e229d5f53cca08a965a47ca5f222d638&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5aec68c8b080515c3ca98f7465a63204af99556ae6f2b8f33f73c08da2cdb12b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 10:18:29 GMT
server
Akamai Image Manager
x-serial
361
x-check-cacheable
YES
etag
"06fee1453026dd6c9fba05a8789ffea9"
x-arc-request-id
0.4bf01002.1702695751.10073763
content-type
image/avif
cache-control
private, no-transform, max-age=31389308
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751020_34664523_268908387_91_7915_7_0_146";dur=1
content-length
10606
expires
Fri, 13 Dec 2024 10:17:39 GMT
VQ2ZFR6K75CEZMH47C6WVCIO3I.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/VQ2ZFR6K75CEZMH47C6WVCIO3I.jpg?auth=5d5a0abf9b14b33ad8233e42a3f85281a380fba0a505ede1033aebe97b392d31&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
7833516acca930521def5b1e9586064f95aad52f9da5133effff8fe7cc623268
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 14:03:25 GMT
server
Akamai Image Manager
x-serial
613
x-check-cacheable
YES
etag
"6c4624e50168828f4a77269b4f38868e"
x-arc-request-id
0.4bf01002.1702695751.10073764
content-type
image/avif
cache-control
private, no-transform, max-age=31402874
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751020_34664523_268908388_92_8476_7_0_146";dur=1
content-length
24824
expires
Fri, 13 Dec 2024 14:03:45 GMT
BNKLWRBCMNEZ5CKJFEZH26BPFI.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/BNKLWRBCMNEZ5CKJFEZH26BPFI.png?auth=801774b2faa4ea10b7b10d31604d28ab002b282e112a0420c13fc474bab41279&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d247a0ee3081c2f2ccba6be6b27788bf7dc1aea91e6751095ca0f0305bf17809
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 08:26:32 GMT
server
Akamai Image Manager
etag
"7146ba7b863a809247fd434bc5f7556d"
x-arc-request-id
0.4bf01002.1702695751.10073765
content-type
image/avif
cache-control
private, no-transform, max-age=31382680
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751020_34664523_268908389_91_8482_7_0_146";dur=1
content-length
36534
expires
Fri, 13 Dec 2024 08:27:11 GMT
MFWU3CWYUVCAVFTMUE7RADWFFY.bmp
gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/v2/MFWU3CWYUVCAVFTMUE7RADWFFY.bmp?auth=78e07446adc1798a005f6b04481dcbf1ca1de55b3259c7b7cc8401c9cb4b0031&width=800&height=450&smart=true
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4fdbceb89e5935d469bbd06461e0d4a8ea77fbb676a3c70370afd6a3abb66b86
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 14 Dec 2023 08:26:25 GMT
server
Akamai Image Manager
etag
"f778b270de66754ea3898262d3736dfc"
x-arc-request-id
0.4bf01002.1702695751.10073766
content-type
image/avif
cache-control
private, no-transform, max-age=31382693
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751020_34664523_268908390_143_15375_6_0_146";dur=1
content-length
42686
expires
Fri, 13 Dec 2024 08:27:24 GMT
v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw
reconditerespect.com/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reconditerespect.com/v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5d041c661446642f590751b8bd02658fdd3c508d195817ba4deb6bd500a0114d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Sat, 16 Dec 2023 03:02:31 GMT
x-datacenter
gce-europe-west1
etag
"ea2176d5dfaa8f6e5021b724f298648815318f559ed25564c48e82ffaec4f615"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-zlrc
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2sglPwD6cv16a0cnFC0rQ1CHpbVfM07j9ojCzxSbHxiBayPvsnqIuSLXL0EjVtTQDR7yhgNv36s
reconditerespect.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://reconditerespect.com/v2sglPwD6cv16a0cnFC0rQ1CHpbVfM07j9ojCzxSbHxiBayPvsnqIuSLXL0EjVtTQDR7yhgNv36s
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
53b988c3d873cd2c0c14d099834524858337e92c5a0a69884f102468a3d469a9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Sat, 16 Dec 2023 03:02:31 GMT
x-datacenter
gce-europe-west1
etag
"f9d72b2af7cf431988ddca3811b8e1144e6b4353ce5a7d12d3070e0f2df518a7"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-zlrc
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
date
Fri, 15 Dec 2023 17:27:44 GMT
x-amz-cf-pop
FRA56-P6
age
34488
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
YSMn1wHFWFnxya66peE4xSvdWM8rBDRCdkaWLFu0iqI_GrP6YjlUHA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161733/6819/ 		535 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
01b83ab9dd12f79d5f3ec8b655c274567e016aacc9f3341ba33947bc269ce41a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
last-modified
Wed, 26 Jul 2023 14:41:30 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=93418
accept-ranges
bytes
content-length
165409
expires
Sun, 17 Dec 2023 04:59:29 GMT
sdk.js
api-esp.piano.io/public/sdk/v04/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
47824
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 26 Oct 2023 06:35:45 GMT
server
cloudflare
etag
W/"1bbec-18b6ab23590"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8363b01c49ba9bd4-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sun, 15 Dec 2024 03:02:31 GMT
gtm.js
www.googletagmanager.com/ 		227 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e30ec904e766c18de889b9a327a04d38e3f6296424da512e2cc7a815d25a1ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66773
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 03:02:31 GMT
loader.js
cdn.taboola.com/libtrc/meredith-network/ 		1 MB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/meredith-network/loader.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6112f8de193029610ea7c5dc67a5722dd27f45f328edeca066f42db08aa8e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
u2uA4pvW_EiVCMM16qeVAAw3yo4RkL8a
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:31 GMT
x-amz-request-id
55TYFJNWVGWNCEQW
age
10643
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
86875
x-amz-id-2
6RuVpsVD6nh/4IZjk5pnv0N+xfxvGZmEkK8ffBnxLp+3nI88A3gfreaBe2+SD3xXLmoWMl4piDE=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Sat, 16 Dec 2023 00:04:53 GMT
server
AmazonS3
x-timer
S1702695751.082224,VS0,VE0
etag
"d772f08afa3d744e9089afd8046c1978"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
81
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
4
newsroom.js
c2.taboola.com/nr/graytv-wvirnbc29/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/graytv-wvirnbc29/newsroom.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42963e20b8df6dff7886465257fe87c44a0e83d6b91cb2ef458f4129d71d0e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:31 GMT
x-amz-request-id
MAB4HXZH0XZP1RGB
age
7349
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
17724
x-amz-id-2
UvF+kxXDQ7BvE8p8tnh/AOPzhrJuPVMAYDxPZPirreVHqrqwMZ9G18IM0Y4qgqe9LQAoYFwZJww=
x-served-by
cache-fra-etou8220042-FRA
last-modified
Thu, 30 Nov 2023 20:08:58 GMT
server
AmazonS3
x-timer
S1702695751.081328,VS0,VE1
etag
"4c7297fc357ed14ce2091d8eaf90fa48"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-cache-hits
1
47DAA-RMGFC-4U4YY-9C4XF-UTQN5
s.go-mpulse.net/boomerang/ 		205 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/47DAA-RMGFC-4U4YY-9C4XF-UTQN5
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:9a4::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
br
customappheader
mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified
Fri, 08 Dec 2023 05:55:35 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=604800
timing-allow-origin
*
content-length
50393
wvir.jpg
www.29news.com/pf/resources/images/mastheads/backgrounds/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.29news.com/pf/resources/images/mastheads/backgrounds/wvir.jpg?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c038356f5dd062dc662f8b140c3fe86b5f1726ccc4c83edfc2022c02f6adc356
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
x-check-cacheable
YES
x-arc-request-id
0.8c7d1302.1702695751.298baeff
server-timing
cdn-cache; desc=HIT, edge; dur=31, origin; dur=0, ak_p; desc="1702695751024_34831756_697020159_3020_11312_9_0_146";dur=1
content-length
52730
last-modified
Thu, 14 Dec 2023 16:40:58 GMT
server
Akamai Image Manager
x-serial
1567
etag
W/"dc617ededc1a6f4d944c275e2275789e"
content-type
image/avif
access-control-allow-origin
*
cache-control
private, no-transform, max-age=31412245
expires
Fri, 13 Dec 2024 16:39:56 GMT
wvir.svg
www.29news.com/pf/resources/images/mastheads/logos/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.29news.com/pf/resources/images/mastheads/logos/wvir.svg?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
66d7b2344b1aef077bbf6359f32faa055b4cba8d9f2d873a6b9cc04330f01749
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
EWR53-P1
x-amz-server-side-encryption
AES256
x-arc-request-id
0.8c7d1302.1702695751.298baf00
server-timing
cdn-cache; desc=HIT, edge; dur=24, origin; dur=0, ak_p; desc="1702695751024_34831756_697020160_2391_1742_12_0_219";dur=1
content-length
2884
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"8946c09575006a782d182025491807b7"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
u-BI4tN1fJBdybhigngjOaduSmVs1E4IBD3ioaldx-6vatpqmPHXEA==
expires
Sun, 15 Dec 2024 03:02:31 GMT
privacyOptionsIcon.svg
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/privacyOptionsIcon.svg?d=376
Requested by
Host: gray-wvir-prod.cdn.arcpublishing.com
URL: https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
ORD58-P3
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4bf01002.1702695751.10073769
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751028_34664523_268908393_44_4760_6_0_146";dur=1
content-length
781
last-modified
Thu, 14 Dec 2023 16:19:49 GMT
server
openresty
etag
W/"8051dee1dd72e78a9528a16c062cff66"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
5Nf5XTV97qlEKJeyf10z4kN3MWzDZZKkxJ27ZMn__6zegT_wVK3-cA==
expires
Sun, 15 Dec 2024 03:02:31 GMT
grayLogoHorizontal.svg
gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=376
Requested by
Host: gray-wvir-prod.cdn.arcpublishing.com
URL: https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gray-wvir-prod.cdn.arcpublishing.com/pf/resources/dist/wvir/css/main.css?d=376
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
IAD50-C2
x-amz-server-side-encryption
AES256
x-arc-request-id
0.4bf01002.1702695751.1007376a
server-timing
cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1702695751028_34664523_268908394_376_4160_6_0_146";dur=1
content-length
5010
last-modified
Thu, 14 Dec 2023 16:19:49 GMT
server
openresty
etag
W/"4228f26a863969873e28bcee1a6a4ded"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
LNC4BC4yonucfnPAqyOIgTO59hLey_7qFAZ5diZ3yiF1xgxweLKy3Q==
expires
Sun, 15 Dec 2024 03:02:31 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 		153 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1292765
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
156496
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-26350"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dU0pTpAbB9D9hRxAy3a1fJz1iL1kQD8a14O%2BWGE2QGGPgpHCkXpx09PFbnnpKRA%2FHYAjqtMEsSmBgbf6PgSmVBJPNOA0eCBdaB1FZOMNpY8Xi0tQltg376ogArn4uV3iXRdI1AIyCFlOguyVPiZHLtq"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8363b01bfc375d84-FRA
expires
Thu, 05 Dec 2024 03:02:31 GMT
fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-regular-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a302b34ce783fda0c1a493fe5161d2222b71d2409accaa88d454b866ba807ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1293443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25452
last-modified
Fri, 01 Dec 2023 00:32:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65692999-636c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGXJGXQxokKo0MoqX1M24QAbMLYdCHhI19%2FX%2BEeZ5suWUVIYBgYhYyW6NQxO42zA7IiR0QGLm06AsOBCiki18UBucaFJ52MxjxHG67ut30onZEvGqsQN3UBwaAuZRnNEF5MAGfH6J7uRgVYBdl%2B9X0Jt"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8363b01bfc385d84-FRA
expires
Thu, 05 Dec 2024 03:02:31 GMT
7day.jpg
webpubcontent.raycommedia.com/wvir/weather/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpubcontent.raycommedia.com/wvir/weather/7day.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96d090de54134f1dc64d8b2c3dadb3d541f72794b45089c95daf68fa343148f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
120, 120
date
Sat, 16 Dec 2023 03:02:31 GMT
last-modified
Fri, 15 Dec 2023 23:04:28 GMT
server
AmazonS3
x-amz-meta-user-agent-id
wvir@s-69172a5d8df84f908
x-amz-cf-pop
MSP50-C1
etag
"a86f4cb2dd3d805ae138d404254d2e41"
x-amz-meta-user-agent
AWSTransfer
x-arc-request-id
0.897d1302.1702695751.54ce7bc9
content-type
image/jpeg
cache-control
private, max-age=60
server-timing
cdn-cache; desc=HIT, edge; dur=319, origin; dur=0, ak_p; desc="1702695751212_34831753_1422818249_31882_6102_6_14_146";dur=1
content-length
35155
x-amz-cf-id
WuguqlhL0HvcFS3w6gcqrJeTlbvZ5hFzXRGvlQnKHqZYu-9-teCr2Q==
expires
Sat, 16 Dec 2023 03:03:31 GMT
wvir.calendar
tockify.com/ Frame CCCE 		0
0
whitecloseicon.png
www.queryly.com/images/ 		816 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.queryly.com/images/whitecloseicon.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:497c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 15:55:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3473
etag
"4c9d5a55c95da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWEld%2B3yJaJgu3gME10OvPswkTsv3khFJ%2FW4%2B9kK7pYnDiTImIMB7WYjC9zgVsubM39ylTPLRP0XQjn0JbM00O9VYiCtPahl2ZE2E6kYJfbdWPbOz1u0I4ATtgheUGO%2FMhazRSlrWMOOoom1kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8363b01c8d5c1e58-FRA
content-length
816
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c8314cdf7ef3aa2bafb572d3fdf0c7f358d52fc869818769c0f1e107328938d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29092
x-xss-protection
0
server
cafe
etag
466 / 19707 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 03:02:31 GMT
3793
config.aps.amazon-adsystem.com/configs/ 		532 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3793
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-83.prg50.r.cloudfront.net
Software
CloudFront /
Resource Hash
0d39bbdcae43253b7e0d7a69841e70d8781ac7aaca5cd9a20fc9edbf5c643e76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:00:05 GMT
via
1.1 d05dc840d6cf3901928326ad8b6d38c2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
146
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
532
x-amz-cf-id
PpK9CK8GjhHYVHI-xZH9FoFBpF6q_UHQEruMdQjAtJkGY1WHc4BkYA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3793&u=https%3A%2F%2Fwww.29news.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 22:57:41 GMT
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
14689
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.29news.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
8OXzmaYrPiCz4cQM2viLnZcJ_f954inRKfeungP1l-CwPw3VKZg_3Q==
wvir.calendar
tockify.com/ Frame 7878 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tockify.com/wvir.calendar
Requested by
Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.66.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-66-31.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b5be35c4730e85c556511d6d2576c8e73c92906ba75804dece48c79857ff5c01
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options allowall
X-Xss-Protection 1; report=/api/csp-report/5f3f05c46e0627d2acfe4857ed84e8fc8dde6ef2

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0
content-encoding
br
content-type
text/html;charset=utf-8
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sat, 16 Dec 2023 03:02:31 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=300; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
allowall
x-proxy-cache
HIT
x-xss-protection
1; report=/api/csp-report/5f3f05c46e0627d2acfe4857ed84e8fc8dde6ef2
wx-current-conditions-v3
www.29news.com/pf/api/v3/content/fetch/ 		331 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.29news.com/pf/api/v3/content/fetch/wx-current-conditions-v3?_website=wvir&filter=%7B%0A++imperial+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A++metric+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A%7D
Requested by
Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
4c5c0bc71684c76f23a93ac17442562dea496037bf43d0bd892e82904ba7b4a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
120
x-arc-pb-request-id
5bfc0b19-a994-4293-a040-86bfa8cf66d6, 5bfc0b19-a994-4293-a040-86bfa8cf66d6
content-encoding
gzip
date
Sat, 16 Dec 2023 03:02:31 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
ATL58-P6
strict-transport-security
max-age=86400
x-arc-request-id
0.8c7d1302.1702695751.298baf89
server-timing
cdn-cache; desc=HIT, edge; dur=334, origin; dur=0, ak_p; desc="1702695751221_34831756_697020297_33370_1576_7_0_219";dur=1
content-length
190
last-modified
Sat, 16 Dec 2023 03:01:21 GMT
server
openresty
etag
W/"14b-OUS0gjTJOJVE5SWiizXXiuD4XvY"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
max-age=50
x-amz-cf-id
DImDSDg4Oig7Kxh0KZi5RF7nk-EGvS4J5GaABHUkGU4cmR7nI9pIgg==
expires
Sat, 16 Dec 2023 03:03:21 GMT
WVIR_poll.json
s3.amazonaws.com/grayfilestore-wvir/gpollData/ 		16 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/grayfilestore-wvir/gpollData/WVIR_poll.json?rnd=230630&arc-site=wvir
Requested by
Host: www.29news.com
URL: https://www.29news.com/pf/dist/components/combinations/default.js?d=376
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.196.136 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
46be8ce52fecfdee4715f55f764c2de0bc4ca0903c75c9e08f0bd86e1f37e419

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 03:02:32 GMT
Last-Modified
Mon, 09 Aug 2021 19:20:25 GMT
Server
AmazonS3
x-amz-request-id
PVQ49DXQ170G62ZB
ETag
"1ed55897beeab14ca466d97dc048f79e"
Access-Control-Max-Age
3600
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Type
application/json
Accept-Ranges
bytes
Content-Length
16
x-amz-id-2
K0WSHIIn1feS/K0had3H4RnwAfA5XSaRg3AEs7nISMahLjlIvorALkSz3W+E9vHZpvuf+xI+z7Y=
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=nbc29.com&p=29news.com&u=CmL1XKDi-gxQDkCY4n&d=29news.com&g=39189&g0=%2Fhomepage&g1=No%20Author&g4=section&n=1&f=00001&c=0&x=0&m=0&y=6901&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.29news.com%2F&b=1675&t=Db5wmVCi4XTSN16joWnKIZBJnX-y&V=142&i=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&tz=-60&sn=1&sv=BGg0SvCsWoXLD8WgjbD4F58bDWFJpD&sr=external&sd=1&im=06072ffa&_
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.208.135.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-135-151.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
floors.json
ads.pubmatic.com/AdServer/js/pwt/floors/161733/6819/ 		9 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/floors/161733/6819/floors.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bbaf73b17df4502b13e2338b607ffe9e05eeaff41c340977be65aa9d4682420b

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
last-modified
Fri, 15 Dec 2023 14:40:05 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=8754
access-control-allow-credentials
true
accept-ranges
bytes
content-length
746
expires
Sat, 16 Dec 2023 05:28:25 GMT
7day.jpg
webpubcontent.raycommedia.com/wvir/weather/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webpubcontent.raycommedia.com/wvir/weather/7day.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
96d090de54134f1dc64d8b2c3dadb3d541f72794b45089c95daf68fa343148f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
120, 120
date
Sat, 16 Dec 2023 03:02:31 GMT
last-modified
Fri, 15 Dec 2023 23:04:28 GMT
server
AmazonS3
x-amz-meta-user-agent-id
wvir@s-69172a5d8df84f908
x-amz-cf-pop
MSP50-C1
etag
"a86f4cb2dd3d805ae138d404254d2e41"
x-amz-meta-user-agent
AWSTransfer
x-arc-request-id
0.897d1302.1702695751.54ce7bd1
content-type
image/jpeg
cache-control
private, max-age=60
server-timing
cdn-cache; desc=HIT, edge; dur=263, origin; dur=0, ak_p; desc="1702695751262_34831753_1422818257_26251_6039_6_0_146";dur=1
content-length
35155
x-amz-cf-id
WuguqlhL0HvcFS3w6gcqrJeTlbvZ5hFzXRGvlQnKHqZYu-9-teCr2Q==
expires
Sat, 16 Dec 2023 03:03:31 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		160 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=nbc29.com&domain=29news.com&path=%2F29news.com
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3d9fa4b41ab500d0edb279e71568c7a3a141c34d879da27d3a60baed756e475

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
129
x-served-by
cache-fra-eddf8230101-FRA
x-timer
S1702695751.294688,VS0,VE102
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Thu, 14 Dec 2023 03:02:31 GMT
framework.css
www.burst.com/webapps/embed/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.burst.com/webapps/embed/framework.css
Requested by
Host: www.burst.com
URL: https://www.burst.com/webapps/embed/framework.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
Qu8MEetew_9Ci7_W6T894OBW0f_93GQS
content-encoding
gzip
via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
date
Sat, 16 Dec 2023 03:02:31 GMT
last-modified
Tue, 12 Dec 2023 14:49:56 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
15
etag
W/"72f8f831414cf37903a38162b0291620"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=10800
x-amz-cf-id
RBT-ho5r8adj3PUSX-cVoNGuwM0_JRU1aDR1alUAV_1J7ZHrCZ9FBA==
skeleton.gif
static.adsafeprotected.com/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=wboqnn_728x90_
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
379968
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
BWDeABZ8NgGdVGBiHn_7CVgRCmu2rGEkHOCrVEKGhPFHWFk3ZSjjmA==
jquery-2.2.0.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
7893552
x-cache
HIT, HIT
content-length
29875
x-served-by
cache-lga21967-LGA, cache-fra-eddf8230096-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1702695751.296099,VS0,VE0
etag
W/"28feccc0-14e55"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
13, 212292
impl.20231214-9-RELEASE.js
cdn.taboola.com/libtrc/ 		820 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
48b3c9773a97bd00a751c09a47e3606a5eddd6f6fd64cb203b61c6c95ca46143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
C2BWvNaNjPeGDmk71rQiWjjd24F1jAiS
content-encoding
br
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:31 GMT
x-amz-request-id
P6FDX2XADHWD8EBC
age
1781
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173948
x-amz-id-2
ScM5CK/UiUX4jm5QHBrg/JhgNZhNT9whEhFQ/Rpih+JBmtcro59IWGNwSwW1M3IaHbotxe3Jk3U=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 14 Dec 2023 10:25:12 GMT
server
AmazonS3-br
x-timer
S1702695751.305834,VS0,VE0
etag
"d2bbcfa496a6b16f3403985c047b4588"
vary
Accept-Encoding
content-type
application/javascript
abp
83
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
725
gtm.js
www.googletagmanager.com/ 		220 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58WCCRN&l=RCdataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a2d0412e9b0994b8da9848e591eee9ba4c5f05e68ef0d1a42aebb9bfb522edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74678
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 03:02:31 GMT
get-action
nr-events.taboola.com/newsroom/1.0/graytv-wvirnbc29/ 		132 B
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/graytv-wvirnbc29/get-action?page.url=https%3A%2F%2Fwww.29news.com%2F&view.id=201795372148621036&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/graytv-wvirnbc29/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ca06184323d2a559876459d5e99b018c2fc6a0808fc159b3525fc640555c037a

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

tbl-x-upstream
10.44.219.141:80
date
Sat, 16 Dec 2023 03:02:31 GMT
via
1.1 varnish
x-cache
MISS
x-envoy-upstream-service-time
91
content-length
132
x-application-context
front-page-event-server:production
x-served-by
cache-fra-etou8220028-FRA
server
nginx
x-timer
S1702695751.363456,VS0,VE101
vary
Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
0
HEUFV3NF4JD5DIHECFIUBXL6EU.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/Sul4bhvKqvlMbe6r3-bj-hjiznI=/arc-photo-gray/arc3-prod/public/ 		356 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/Sul4bhvKqvlMbe6r3-bj-hjiznI=/arc-photo-gray/arc3-prod/public/HEUFV3NF4JD5DIHECFIUBXL6EU.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1eb12c64933bfb56ae7bb304b7fb3bc74a834099b9120c6cec15cbae47e5bea2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:57:34 GMT
server
Akamai Image Manager
etag
"d58c539e34592c19a1553ef1e1c8410b92b4da21"
x-arc-request-id
0.4bf01002.1702695751.100737b0
content-type
image/avif
cache-control
private, no-transform, max-age=30826607
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751367_34664523_268908464_116_5979_6_0_146";dur=1
content-length
364184
expires
Fri, 06 Dec 2024 21:59:18 GMT
VJD7SQENYJFDZNJIGRC43Z5NRM.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/H4xP_iSFVzqGptfijrUPfCHD3n0=/arc-photo-gray/arc3-prod/public/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/H4xP_iSFVzqGptfijrUPfCHD3n0=/arc-photo-gray/arc3-prod/public/VJD7SQENYJFDZNJIGRC43Z5NRM.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9a64421605751d54fb234f9074079b0e65a9c976c8dbdffdbaa633a4d7dfd28a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Wed, 08 Nov 2023 01:48:39 GMT
server
Akamai Image Manager
etag
"bef336be3eaeb1a7e1b3bdb2f5f9016bc72f4002"
x-arc-request-id
0.4bf01002.1702695751.100737b1
content-type
image/avif
cache-control
private, no-transform, max-age=30599855
server-timing
cdn-cache; desc=HIT, edge; dur=6, ak_p; desc="1702695751367_34664523_268908465_550_5678_6_0_146";dur=1
content-length
121543
expires
Wed, 04 Dec 2024 07:00:06 GMT
CXHM6ZZ7PVBLHJI7XM4ZMKHYVI.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/Lv5Y8Z2udk0ZL6XeD7_WImGsu6k=/arc-photo-gray/arc3-prod/public/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/Lv5Y8Z2udk0ZL6XeD7_WImGsu6k=/arc-photo-gray/arc3-prod/public/CXHM6ZZ7PVBLHJI7XM4ZMKHYVI.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
69c9c7972745e942e10c40a8342e85ca9e3dcf5af2689d3f7a37d536cd635b17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:59:01 GMT
server
Akamai Image Manager
x-serial
1487
x-check-cacheable
YES
etag
"e6e5eab4021fee8fca3b45104390d702f7f63062"
x-arc-request-id
0.4bf01002.1702695751.100737b2
content-type
image/avif
cache-control
private, no-transform, max-age=30826547
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751373_34664523_268908466_60_5780_6_0_146";dur=1
content-length
40947
expires
Fri, 06 Dec 2024 21:58:18 GMT
S7FQB57LCJAZHICBTZG2N5AA5Y.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/SwLjQiv8gJMyFszlIWaH-9oW7XI=/arc-photo-gray/arc3-prod/public/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/SwLjQiv8gJMyFszlIWaH-9oW7XI=/arc-photo-gray/arc3-prod/public/S7FQB57LCJAZHICBTZG2N5AA5Y.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a8cae91460a7edc608e6f397fad2e02bdfc361a3984caabd5c49bb3f82b2b104
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:50:52 GMT
server
Akamai Image Manager
x-serial
632
x-check-cacheable
YES
etag
"7154ed0b0643ab2932e5ccd0c28b83919e61cdb8"
x-arc-request-id
0.4bf01002.1702695751.100737b3
content-type
image/avif
cache-control
private, no-transform, max-age=30826015
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751373_34664523_268908467_63_5734_6_0_146";dur=1
content-length
50463
expires
Fri, 06 Dec 2024 21:49:26 GMT
BCI4FGORUZFK3MEJHGY6ETNQWM.jpg
gray-wvir-prod.cdn.arcpublishing.com/resizer/_F753I4Wp1va_-nWuhFxxlav8uw=/arc-photo-gray/arc3-prod/public/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/_F753I4Wp1va_-nWuhFxxlav8uw=/arc-photo-gray/arc3-prod/public/BCI4FGORUZFK3MEJHGY6ETNQWM.jpg
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4ef54920cf0c52bc49c149f8378cc6bf1667ea9e653b5725cd1983c21dc8ca40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
x-check-cacheable
YES
x-arc-request-id
0.4bf01002.1702695751.100737b4
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751373_34664523_268908468_59_5769_6_0_146";dur=1
content-length
25599
last-modified
Fri, 15 Dec 2023 06:53:03 GMT
server
Akamai Image Manager
x-serial
1843
etag
"9836ad292acd0352a6d813fd60cbe835d922d1f3"
x-edgeconnect-cache-status
1
content-type
image/avif
cache-control
private, no-transform, max-age=31463473
expires
Sat, 14 Dec 2024 06:53:44 GMT
6HT5MDOOAZA3LFFT5DYRSGSCLY.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/RtnOTcM2H4Lhv3wY1i4dOnOpvAQ=/arc-photo-gray/arc3-prod/public/ 		354 KB
355 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/RtnOTcM2H4Lhv3wY1i4dOnOpvAQ=/arc-photo-gray/arc3-prod/public/6HT5MDOOAZA3LFFT5DYRSGSCLY.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ac2385054d54aaaaa1ab1a74929b654508aee4c06726ace247a020b318e2a904
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:54:04 GMT
server
Akamai Image Manager
etag
"15f2ee7b3bdf3c489b0048454f6003f5a2fb7bbc"
x-edgeconnect-cache-status
3
x-arc-request-id
0.4bf01002.1702695751.100737b5
content-type
image/avif
cache-control
private, no-transform, max-age=30826364
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751373_34664523_268908469_131_5753_6_0_146";dur=1
content-length
362462
expires
Fri, 06 Dec 2024 21:55:15 GMT
7G32DHW225DLHENVWLSPHCX4PQ.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/flC5_SyIqttXGu5ypE93KjfYn4M=/arc-photo-gray/arc3-prod/public/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/flC5_SyIqttXGu5ypE93KjfYn4M=/arc-photo-gray/arc3-prod/public/7G32DHW225DLHENVWLSPHCX4PQ.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
0be9ea3282b9037d764f4c4b12ee0da74f6613310f3ff39bd9236b0c7f8e0d36
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:59:37 GMT
server
Akamai Image Manager
x-serial
1653
x-check-cacheable
YES
etag
"9c7c7ad36a1b2b04252629a0f0ca5866bc803544"
x-arc-request-id
0.4bf01002.1702695751.100737b6
content-type
image/avif
cache-control
private, no-transform, max-age=30826610
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695751373_34664523_268908470_66_6248_6_0_146";dur=1
content-length
37943
expires
Fri, 06 Dec 2024 21:59:21 GMT
GHR5IMKK35FQ7EZ7JXF7N246EE.png
gray-wvir-prod.cdn.arcpublishing.com/resizer/NNqB_qUwpRdjD8hZtx061JEvWy8=/arc-photo-gray/arc3-prod/public/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gray-wvir-prod.cdn.arcpublishing.com/resizer/NNqB_qUwpRdjD8hZtx061JEvWy8=/arc-photo-gray/arc3-prod/public/GHR5IMKK35FQ7EZ7JXF7N246EE.png
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:c::210:f18b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8dd30a683c4179f1cba9bf85ef3231bac1ed1ffde80ba7321fa154cb34967ef4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000, 31536000, 31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400
last-modified
Thu, 07 Dec 2023 21:56:17 GMT
server
Akamai Image Manager
etag
"09819c155f305090c45f770c758f5b97cb747d7a"
x-arc-request-id
0.4bf01002.1702695751.100737b7
content-type
image/avif
cache-control
private, no-transform, max-age=30826512
server-timing
cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1702695751373_34664523_268908471_128_4616_6_0_146";dur=1
content-length
42227
expires
Fri, 06 Dec 2024 21:57:43 GMT
notify-impression
nr-events.taboola.com/newsroom/1.0/graytv-wvirnbc29/ 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/graytv-wvirnbc29/notify-impression?page.url=https%3A%2F%2Fwww.29news.com%2F&view.id=201795372148621036&page.template=home&page.dashboard=home
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220033-FRA
tbl-x-upstream
10.45.40.105:80
date
Sat, 16 Dec 2023 03:02:31 GMT
via
1.1 varnish
server
nginx
x-timer
S1702695751.368653,VS0,VE10
x-cache
MISS
access-control-allow-origin
*
x-envoy-upstream-service-time
1
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
432 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 13:14:16 GMT
x-content-type-options
nosniff
age
49695
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
441821
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 14 Dec 2024 13:14:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		59 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.29news.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
605dfd61899ff82d10a6ce26b06f1ae451b990928a7ed0fe87769be6e0ea87a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Sat, 16 Dec 2023 03:02:31 GMT
441
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/441?email=&visitor=&stored_visitor=&pnespid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.29news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8363b01e3a4192b3-FRA
date
Sat, 16 Dec 2023 03:02:31 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
441
api-esp.piano.io/publisher/fusion/lucid/data/ 		2 KB
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/fusion/lucid/data/441?email=&visitor=&stored_visitor=&pnespid=
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac515577acf89c9c6ef7fc765b43e7d88ea45b69265717b40fe39344439d3468
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
x-cache-status
BYPASS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"77a-E/+hUAx77TQDwbCh5EDgtg8HoSg"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
8363b01f0b9d9bd4-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
MIN-516310.js
apv-launcher.minute.ly/api/launcher/ 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apv-launcher.minute.ly/api/launcher/MIN-516310.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.25.1 /
Resource Hash
66f807b4adc100789cbaea28bdd4b71ca60a1999d35d6d675a56f588c97b7e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 14 Dec 2023 14:10:15 GMT
date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
age
132736
x-cache
HIT, HIT
content-length
10830
x-xss-protection
1; mode=block
x-request-id
41ef9bf2-7746-4bc4-8718-bfd4b2c3e9be
x-served-by
cache-iad-kcgs7200088-IAD, cache-fra-etou8220049-FRA
x-runtime
0.421016
referrer-policy
strict-origin-when-cross-origin
x-debug-req-method
GET
server
nginx/1.25.1
x-timer
S1702695751.452906,VS0,VE1
etag
W/"66f807b4adc100789cbaea28bdd4b71c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-debug-app-get
GET
x-debug-server-name
apv-launcher.minute.ly
access-control-allow-credentials
true
cache-control
max-age=30
accept-ranges
bytes
access-control-allow-headers
APP-GET,Content-Type
x-cache-hits
44, 1
card-interference-detector.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29cf8c7bc1c0e3373f0b2d9634a35a1f9658c72a1e4d7ce6b6c178c2bf2e7a4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vGtkxEOxG_97LgMHR3DQhpw5TTapivwe
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:31 GMT
x-amz-request-id
BBF41T38XST9P2SH
age
145611
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2180
x-amz-id-2
5d6bI1Ft2T6Af4apCvXNNePCr+PV1ycWWy+hXID85SO8rjBbtRA9aQ0pw2hOgijKK6449iakhEE=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 14 Dec 2023 10:35:40 GMT
server
AmazonS3
x-timer
S1702695751.424375,VS0,VE0
etag
"c5730794734b589c0fd10823beb6f595"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
75989
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
233898
expires
60
json
trc.taboola.com/graytv-wvirnbc29/trc/3/ 		120 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/graytv-wvirnbc29/trc/3/json?tim=04%3A02%3A31.408&lti=deflated&data=%7B%22id%22%3A799%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1702685083480%2C%22vi%22%3A1702695751405%2C%22cv%22%3A%2220231214-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.29news.com%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5752%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22orig_uip%22%3A%22Homepage%20Native%20Backfill%22%2C%22cd%22%3A512.578125%2C%22mw%22%3A389.5%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22video-reel-sc%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Video%20Reel%20Homepage%22%2C%22orig_uip%22%3A%22Video%20Reel%20Homepage%22%2C%22cd%22%3A2180.109375%2C%22mw%22%3A841.328125%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A5346.65625%2C%22mw%22%3A1270%7D%5D%2C%22ex%22%3A%5B%22%2F2023%2F12%2F15%2Fmattress-pad-recall%2F%22%2C%22%2F2023%2F12%2F15%2Fhealth-officials-warn-accidental-poisonings-around-holidays%2F%22%2C%22%2F2023%2F12%2F15%2Fcharlottesville-area-florist-growing-fast%2F%22%2C%22%2F2023%2F12%2F15%2Fmemorial-plans-wilson-alden-richey%2F%22%2C%22%2F2023%2F12%2F15%2Fcrews-put-out-fire-albemarle-townhome%2F%22%2C%22%2F2023%2F12%2F15%2Flegal-aid-justice-center-calling-lawmakers-make-changes-court-fees%2F%22%2C%22%2F2023%2F12%2F15%2Fpolice-investigating-reported-armed-robbery-albemarle-store%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fpolice-investigating-reported-robbery-albemarle-store-12p%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fcrews-put-fire-albemarle-townhome%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fcharlottesville-area-florist-growing-fast%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fmemorial-plans-will-richey%2F%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbs-feed-01%3Apub%3Dmeredith-network%3Aabp%3D0%2C%2CHomepage%20Native%20Backfill%3Dthumbnails-native%3Apub%3Dmeredith-network%3Aabp%3D0%2C%2CVideo%20Reel%20Homepage%3Dvideo-reel-sc%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2f1169102bcab99877aa3dd5627eae90c37acac92a12519bc44a5d917f383c92

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
1172
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.14229166666666668
x-fastly-to-nlb-rtt
7449
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1702695751.424365,VS0,VE1172
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
855.ee2c11f4d8ec19c3e644.js
public.tockify.com//app/ Frame 7878 		632 KB
179 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/855.ee2c11f4d8ec19c3e644.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-63.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4710dce6e41f2e1551ed4127aa8c5f0caf1f42805c5671d34b2b0a2abf13f9f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 12:09:55 GMT
content-encoding
br
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3855156
x-cache
Hit from cloudfront
last-modified
Wed, 01 Nov 2023 12:08:31 GMT
server
nginx
etag
W/"65423fbf-9dfc6"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
kxNpDxaTOqHUqVcRsPMd2P7ZDvKGILQhOQboqpiHX6NP0p3etHY-fw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
201.ac5bc9ef1c62d61e35d9.js
public.tockify.com//app/ Frame 7878 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/201.ac5bc9ef1c62d61e35d9.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-63.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
224a5b8eaaf3653d627299347111991d79dc40bd42ec6b61c55921da4a3e40ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 12:09:55 GMT
content-encoding
br
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3855156
x-cache
Hit from cloudfront
last-modified
Wed, 01 Nov 2023 12:08:31 GMT
server
nginx
etag
W/"65423fbf-fcc4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
nCoWnMlTuJcZzegH68x_86GmMuqfnfBX30sKoZ7MakGZSZYG_3yXlg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
736.ef286327c36ee15e6da4.js
public.tockify.com//app/ Frame 7878 		432 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/736.ef286327c36ee15e6da4.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-63.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ceec13d8c655e8054fdb414719c64ba880b50a4f9059026a4f1eaecd2ee05c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:35:39 GMT
content-encoding
br
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2651212
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:34:11 GMT
server
nginx
etag
W/"65549ea3-6bfd0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dMfKnIVD1V43S_mFrViIZ1Fc0DPvah-V9yXndcWAmBAMQp5fInzudQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
viewer.e536a60d5a573dc03c37.js
public.tockify.com//app/ Frame 7878 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/viewer.e536a60d5a573dc03c37.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-63.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7cfff10d1716acbf183fef47552add779d67b323e3d8ad6f5c788b0d3fcd0cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 10:22:58 GMT
content-encoding
br
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2651973
x-cache
Hit from cloudfront
last-modified
Wed, 15 Nov 2023 10:21:35 GMT
server
nginx
etag
W/"65549baf-628a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
j6lJPfs0_bIPlydEIiwS6XB1LYgntzwJJu99cnDsAn1VvIiTKnR2nQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
polyfill.7a1639b94b22e6ded050.js
public.tockify.com//app/ Frame 7878 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.tockify.com//app/polyfill.7a1639b94b22e6ded050.js
Requested by
Host: tockify.com
URL: https://tockify.com/wvir.calendar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-63.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
50d9594f0c84c61608f60a47071b4051c9052407eb928afb38f5b82686b98885

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 12:09:55 GMT
content-encoding
br
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
3855156
x-cache
Hit from cloudfront
last-modified
Wed, 01 Nov 2023 12:08:31 GMT
server
nginx
etag
W/"65423fbf-6237"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
dMlUyuy8BW0iKL_f2QrPzAztGTB0vwA8OcVWRVUG1dYNxNB4Cceipw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		258 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LQ23MJC9WT&l=RCdataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58WCCRN&l=RCdataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
276c9c8782e2df160320707ffc394a08d3ab24563ed56a7d6bba2bc90e0c503f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89491
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 03:02:31 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58WCCRN&l=RCdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 01:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4457
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Dec 2023 03:48:14 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=WCF7SPYSxZcyq&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-6_exzoDyXdJvzjM7Ds4S2AjFlHtU4kMfo-DCvzkwlF6OIYGFX8%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
9HSEXA5NRN4QTEXKP5GD
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
palTMLhCTrxn_EUu8VjaRWdGyy22qP1JuI7zjHW33KbEc3MmSlRQ-w==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=WCF7SPYSxZcyq&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-CdGoNUU-oXp1uPIrSfCgUrWo3BkAO4ehh7hogfVRgG33c3pgiV%22%2C%22s%22%3A%5B%221024x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
F9D53SSSBAE55AAKC917
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
8GalfcLWQZxZ1ebO0FApPqt5kWDTSYfMA-lfXXUYojbhi90kYkkqzw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=WCF7SPYSxZcyq&cb=2&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-HjpYnDSzveOfVjodonzfJ8TFd-yocgGOnI_SDsYYlpZFhW5lc_%22%2C%22s%22%3A%5B%221900x1200%22%2C%220x0%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
XGVHEXMGVCQF37PZ37P2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
sEVccz0ZdIjC_rxG2-i-gSCk0GUxPIn6EAvOj8jmpOmF6BR0KJpwVA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=WCF7SPYSxZcyq&cb=3&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-rEQTPw3u-b6gVDJc3BVm0f0OoAstdDYvJBL4Qn0BijlrAmrxdA%22%2C%22s%22%3A%5B%22728x90%22%2C%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%2Fstory-feature%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
ZDFDP7EXJXC28J34M6E4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
XcKxben6oIopAJ3ctWlzTq6E3qmj7r13N5hYUcxv3j9kT-y2rUx3Tg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3793&u=https%3A%2F%2Fwww.29news.com%2F&pid=WCF7SPYSxZcyq&cb=4&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-9JJpSiRvK9Y-9Qn4xyHWKe1HU5FfFZah35-UKFsEE71Vl1RX0J%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F63316753%2Fwvir%2Fweb%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
GRT4HHX37NQCS619J902
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
SuTiUUEcRpioNI0q-M9J-L_cNvvXhvUkHvr0lgvkopcY213zRdv7Uw==
mi-scraper-1.17.0.32.js
snippet.minute.ly/publishers/gray_group/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-516310.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
790e90d45636000ad24f407cb54e878f2a793a795fbf95497396074aa0d39ddb

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
via
1.1 varnish, 1.1 varnish
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y2D1XN7SFMDJMPJS
age
2113742
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-id-2
rWLsRYGEaH2TWDNAQ/v6SUziAk57Z+qqp06+TqiVFyaP8wC0MG1UH4LN/YW01YQRZ0qx4b3jnEc=
x-served-by
cache-iad-kcgs7200020-IAD, cache-fra-eddf8230136-FRA
last-modified
Wed, 10 May 2023 08:47:33 GMT
server
cloudflare
x-timer
S1702695752.531584,VS0,VE0
etag
W/"60cdfd1f3dea6013e68c22afa83110bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32JwN3res8ewMAk8Cx1io6BQodTXCWGaUPkVZfIlcJpIXMdo46BN8aTc%2BvYyAyGV0P8crK2OnzfNHhcuCZcj2nzqU9fWt7FhsHiji1fvwFjxgZ6Ebm2P1nWu4LP8z8U60Sp3A6oGTycMPlEbLTxU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8363b01f0d5a9b9b-FRA
access-control-allow-headers
content-type
x-cache-hits
39, 81
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1650850831&t=pageview&_s=1&dl=https%3A%2F%2Fwww.29news.com%2F&ul=en-us&de=UTF-8&dt=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=1915323065&gjid=292678658&cid=671840452.1702695751&tid=UA-82494642-170&_gid=1115491348.1702695751&_r=1&_slc=1&gtm=45He3bt0n8158WCCRNv813349527&cg1=%2Fhomepage&cg2=section&cg3=wvir&cg4=%2Fhomepage&cd5=section&cd6=0&cd8=wvir&cd9=wvir&cd10=%2Fhomepage&cd11=%2Fhomepage&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=&cd14=NBC29%20is%20Charlottesville%27s%20most%20experienced%20and%20most%20watched%20televisions%20station.&cd16=Sat%20Dec%2016%202023%2004%3A02%3A30%20GMT%2B0100%20(Central%20European%20Standard%20Time)&cd17=%2B01%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&cd19=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&cd40=default&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1012844970
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-LQ23MJC9WT&gtm=45je3bt0v890211784z8813349527&_p=1702695750998&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=671840452.1702695751&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702695751&sct=1&seg=0&dl=https%3A%2F%2Fwww.29news.com%2F&dt=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&uid=&en=page_view&_fv=1&_ss=1&ep.date_published=&ep.published_day=&ep.published_month=&ep.published_year=&ep.content_type=section&ep.primary_section_name=&ep.content_owner=wvir&ep.content_provider=wvir&ep.content_id=%2Fhomepage&ep.ad_target=%2Fhomepage&ep.platform_name=PageBuilder%20Fusion%20-%20Arc%20Publishing&ep.author=&ep.user_timezone_timestamp=Sat%20Dec%2016%202023%2004%3A02%3A30%20GMT%2B0100%20(Central%20European%20Standard%20Time)&ep.timezone_offset=%2B01%3A00&ep.content_name=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&ep.content_keywords=&ep.distributor_name=&ep.distributor_category=&ep.distributor_subcategory=&ep.distributor_reference_id=&ep.distributor_model=&ep.output_type=default&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.109%20Safari%2F537.36&tfd=2011
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQ23MJC9WT&l=RCdataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LQ23MJC9WT&cid=671840452.1702695751&gtm=45je3bt0v890211784z8813349527&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LQ23MJC9WT&l=RCdataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LQ23MJC9WT&cid=671840452.1702695751&gtm=45je3bt0v890211784z8813349527&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1412227834
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-82494642-170&cid=671840452.1702695751&jid=1915323065&gjid=292678658&_gid=1115491348.1702695751&_u=YGBACEAABAAAACAAI~&z=1725894410
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 16 Dec 2023 03:02:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
33.svg
www.29news.com/pf/resources/images/weather/weather-condition-icons/svgs/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.29news.com/pf/resources/images/weather/weather-condition-icons/svgs/33.svg?d=376
Requested by
Host: www.29news.com
URL: https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
f3c65d582ca2d913ae347ba7833a21c28a04f00d9897032ffb9d9668cb05a5ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
31536000
date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=86400
x-amz-cf-pop
MIA3-P6
x-amz-server-side-encryption
AES256
x-arc-request-id
0.8c7d1302.1702695751.298bb098
server-timing
cdn-cache; desc=HIT, edge; dur=23, origin; dur=0, ak_p; desc="1702695751596_34831756_697020568_2297_1435_6_0_146";dur=1
content-length
3373
last-modified
Thu, 14 Dec 2023 16:19:51 GMT
server
openresty
etag
W/"a26f5120fe71558b711588b2cbf815aa"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
UGyw0jLZYLgP3iyaS5OXLXRTPOmUHfWcjfB5FySx8z4yIQkR0HcBew==
expires
Sun, 15 Dec 2024 03:02:31 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
25fad879-eadf-4eb8-8dc2-faeafc3e68d4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=383
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Sat, 16 Dec 2023 03:02:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e10533caffc00d83700fab907042028dc53d4f049400d82a3b0a353d0e6989

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IK0XNhzRuRJnTa0rWtSunR9wTZEBw6kIMJlPmqL9ZkHyy0qDjeoNJ%2FGN10PNZx6DdK6x%2FvbgM%2FeGxkNf7frUY8DQwGeO%2Fw0cbNi96gNi8lvIRnBuMsmn4MJaRU%2Fjg8EJId3FqxNn"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8363b0200ed837d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=597
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Sat, 16 Dec 2023 03:02:30 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
301d2ba6f3bf360754f6f02be8408c5f9201892f9f6725bf48303626bca61cc6

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwdAZrFjlq8q0kBy7Hbq7%2FZuOFokNVWy9UoXtmxq3ybJZxTtItpbOIwR7fbh1cIVJOn3Y9LaeXIpVTvyl7rBpmGbjZMvGYR0wy%2B1mduXuWbzGSiOFvFfzOBq5niE%2Febr4Fv44s2u"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8363b0200eda37d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
684edae0-a4d0-4f22-9911-2379590cff3b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
c78e0ddb-515d-4aec-859d-e39e581a17f3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10dd53cda6250293f701db966c62cbe46c5e77674f83149d9fa1e5fe1642485c

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXa51PIBwp5%2FG2JqXZYAwysCCea3lWUlpUF77gNoHsR9Iu14wlqAb4uyD4brI%2F0S0pDsS1c%2FtNkMupokUNIZBPAX22r%2By9SMFpDGUYsSBsE535ptDA9YIwCqYpuoUX5z1yrbcd%2Bg"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8363b0200edc37d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client&correlator=59
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Sat, 16 Dec 2023 03:02:31 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
e20a2273-09aa-47d3-9509-11ed22fe12d6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
051075840ffed7b4bb4d4f182e3347891f08cd06be65df91682ad2bcb021df30

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4d5z25G%2F%2Bki3EdCJuFTBmMHbtT251pLVNn1n9%2Bwovy0%2F19VjBg5hw5HFwlBAw%2FzVCvn7hc1eS6UdbDr05UIJAO4ZLuV8lX3KYvsiOOE4QAU2UP0mr3aJzorXqL3QIdVWliPe6A9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8363b0200edf37d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
truncated
/ Frame 7878 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
fontcss
d3v5317qx0o9g1.cloudfront.net/ Frame 7878 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Requested by
Host: public.tockify.com
URL: https://public.tockify.com//app/855.ee2c11f4d8ec19c3e644.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:1c00:1:4e32:7440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e69b75877807cbc3c8a90b55b7607df6ea93978cb1ab8f0ada09e00307c16794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 14:03:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
219538
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
0
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=604800,stale-while-revalidate=604800
timing-allow-origin
*
link
<https://d2csfia1ogd5wa.cloudfront.net>; rel=preconnect; crossorigin
x-amz-cf-id
Z_i4-Zxj9VOjnSh_kWLetEthk7QgiiS9RTzV4EexiQ8Z7qutOE_XlA==
expires
Wed, 13 Dec 2023 14:03:33 GMT
fontcss
d3v5317qx0o9g1.cloudfront.net/ Frame 7878 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Requested by
Host: public.tockify.com
URL: https://public.tockify.com//app/855.ee2c11f4d8ec19c3e644.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:1c00:1:4e32:7440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9dc0571019f0847eeb755ad6ffc8bcebe2d09af91fd1348e0f69d246facadf14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:03:38 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
via
1.1 e14614617e85116e937d5168b35a94de.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
97133
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-xss-protection
0
server
nginx
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=604800,stale-while-revalidate=604800
timing-allow-origin
*
link
<https://d2csfia1ogd5wa.cloudfront.net>; rel=preconnect; crossorigin
x-amz-cf-id
47ofYsm5Tz_eUL9DOI_K3i2zf5oP6_7ONx0_zvj1JbJABr3nVRxdpw==
expires
Fri, 15 Dec 2023 00:03:38 GMT
_.gif
counter.snackly.co/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8363b0205e049bdd-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 16 Dec 2023 03:02:31 GMT
_.gif
counter.snackly.co/ 		0
38 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.snackly.co/_.gif
Requested by
Host: snippet.minute.ly
URL: https://snippet.minute.ly/publishers/gray_group/mi-scraper-1.17.0.32.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8363b0205e039bdd-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 16 Dec 2023 03:02:31 GMT
787
api-esp.piano.io/tracker/lucid/visit/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/787?story_url=https%3A%2F%2Fwww.29news.com%2F&visitor=tdywcltknpim9hqt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.29news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8363b0202adf92b3-FRA
date
Sat, 16 Dec 2023 03:02:31 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 01:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4457
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Dec 2023 03:48:14 GMT
787
api-esp.piano.io/tracker/lucid/visit/ 		65 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/visit/787?story_url=https%3A%2F%2Fwww.29news.com%2F&visitor=tdywcltknpim9hqt
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9382551ba72ed5110b0e585dd23fe4ac0876ca1ab53f70ec36f8bb22af3aeba
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
server
cloudflare
etag
W/"41-m1mybEpcCd/ISm8p69gUaTC7rIQ"
access-control-max-age
36000
vary
X-HTTP-Method-Override
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
8363b020fb905c26-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
iframeResizer.min.js
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vz.1.108.13-79dc946e&p=787
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
40029
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"2e2f-18c447e5b90"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8363b0202b3b5c26-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sun, 15 Dec 2024 03:02:31 GMT
state-machine.min.js
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vz.1.108.13-79dc946e&p=787
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
28126
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"f2a-18c447e5b94"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8363b0202b3c5c26-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sun, 15 Dec 2024 03:02:31 GMT
displayer.js
api-esp.piano.io/public/sdk/vx/widgets/base/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vz.1.108.13-79dc946e&p=787
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
36170
x-cache-status
MISS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"8abb-18c447e5b94"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8363b0202b3e5c26-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sun, 15 Dec 2024 03:02:31 GMT
displayer.js
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vz.1.108.13-79dc946e&p=787
Requested by
Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
40029
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"19c7-18c447e5b94"
access-control-max-age
36000
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
8363b0202b3f5c26-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sun, 15 Dec 2024 03:02:31 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=851638
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b92db80a97d8d0ad40fce8b79e49105b5751dc2b9fa561900786dc7266b85b2d

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a690H10BkndSvq4RqwX22TMIYH1HDthA5LencuyBBK9dhdTWITQ%2BzUa0VKpD66f4C3qTB3RAB4J%2BLu8ycmZVjJeZqg9Y9aqY4nMPXq4neiTd%2BAK0nLJ71SyNZnHdwvec6PVeEllP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8363b0205f2e37d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		139 B
698 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6c7dbd8857d0324015e701c7c4752d0e2f09d378ec5cb5887f1e2cb07a2ee11b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
99d4fdd6-8143-4f10-bc7b-5ae03f261a99
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		695 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2898426256219873&correlator=459351174528573&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702695751753&lmt=1702695750&adxs=1135&adys=578&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=300x317&msz=300x285&fws=512&ohw=0&ga_vid=671840452.1702695751&ga_sid=1702695752&ga_hid=1650850831&ga_fc=true&dlt=1702695750882&idt=567&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1%26amznbid%3D2%26amznp%3D2&adks=3251230404&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
455bd1275b5bddcccaa77f139eb30ef9bcb6abb87e1f8802fbdd0b73436df2eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
358884e55e082cf7b225de21f9421034731e8439b45236dd5a357b3846f53144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12246
x-xss-protection
0
container.html
dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 739C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sun, 15 Dec 2024 03:02:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2898426256219873&correlator=459351174528573&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702695751763&lmt=1702695750&adxs=165&adys=202&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=1270x125&msz=1270x109&fws=0&ohw=0&ga_vid=671840452.1702695751&ga_sid=1702695752&ga_hid=1650850831&ga_fc=true&dlt=1702695750882&idt=567&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D1%26amznbid%3D2%26amznp%3D2&adks=489315719&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92427a29faa36f4f720dbf7a95bd6841ec8d41b98277ab3cd025febbe02ca5fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14317
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		616 B
302 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2898426256219873&correlator=459351174528573&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1024x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702695751781&lmt=1702695750&adxs=288&adys=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=671840452.1702695751&ga_sid=1702695752&ga_hid=1650850831&ga_fc=true&dlt=1702695750882&idt=567&prev_scp=position%3D101%26pt%3Dsection%26cid%3D%252Fhomepage%26amznbid%3D2%26amznp%3D2&adks=249233974&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
818a88731cded6e9c7f0cb4856405af8802a151bd607f26020aac79242ec2759
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2898426256219873&correlator=459351174528573&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage%2Cstory-feature&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702695751788&lmt=1702695750&adxs=165&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=954x141&msz=954x109&fws=0&ohw=0&ga_vid=671840452.1702695751&ga_sid=1702695752&ga_hid=1650850831&ga_fc=true&dlt=1702695750882&idt=567&prev_scp=pt%3Dsection%26cid%3D%252Fhomepage%26position%3D2%26amznbid%3D2%26amznp%3D2&adks=2772206292&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fba43ad5f10c9d96048aa40b02a8e6b419b015060f8c28dc60bc28e368dfc37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14367
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 430D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24104
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sat, 16 Dec 2023 09:44:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 5356 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1198
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8363b020fc6239c2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sat, 16 Dec 2023 07:02:31 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame F9A8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
77465
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 16 Dec 2023 03:02:31 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
494, 404423
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220048-FRA
X-Timer
S1702695752.835266,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4D75 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24104
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sat, 16 Dec 2023 09:44:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8E42 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
77465
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 16 Dec 2023 03:02:31 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
494, 379832
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220103-FRA
X-Timer
S1702695752.835093,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 38E4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1198
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8363b020fc6139c2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sat, 16 Dec 2023 07:02:31 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2A57 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
77465
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 16 Dec 2023 03:02:31 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
494, 390990
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220035-FRA
X-Timer
S1702695752.835241,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B5F9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=24104
content-encoding
gzip
content-length
5622
content-type
text/html
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sat, 16 Dec 2023 09:44:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame FFE2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1198
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8363b020fc6039c2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sat, 16 Dec 2023 07:02:31 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CF9A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
77465
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 16 Dec 2023 03:02:31 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
494, 379950
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220119-FRA
X-Timer
S1702695752.835159,VS0,VE0
ixmatch.html
js-sec.indexww.com/um/ Frame 4AA3 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1198
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8363b020fc5f39c2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sat, 16 Dec 2023 07:02:31 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6015 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
77465
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 16 Dec 2023 03:02:31 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
494, 379847
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220070-FRA
X-Timer
S1702695752.835231,VS0,VE0
ads
securepubads.g.doubleclick.net/gampad/ 		551 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2898426256219873&correlator=459351174528573&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=63316753%2Cwvir%2Cweb%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1900x1200&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702695751824&lmt=1702695750&adxs=-150&adys=186&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.29news.com%2F&vis=1&psz=1600x109&msz=1900x109&fws=4&ohw=1600&ga_vid=671840452.1702695751&ga_sid=1702695752&ga_hid=1650850831&ga_fc=true&dlt=1702695750882&idt=567&prev_scp=position%3D1%26pt%3Dsection%26cid%3D%252Fhomepage%26amznbid%3D2%26amznp%3D2&adks=2581162759&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439237d245f719e8c126a456f603d209037bffb7bb9c21a8923e4d64bae44e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 04:06:52 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
4920939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
XxDoriMxy_4NSkOfEd56TBqfMWQoxzgsZatXUYIhQWuK8qiUAVMPmg==
expires
Sat, 19 Oct 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 17:26:14 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5132177
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
IUxP_Pj276qaXqtIJOe5XKsZzeER19FLGV_dYJFtwrqI27mUQS9gXQ==
expires
Wed, 16 Oct 2024 17:26:14 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1650850831&t=pageview&_s=1&dl=https%3A%2F%2Fwww.29news.com%2F&ul=en-us&de=UTF-8&dt=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABCAAAACAAI~&jid=1146402661&gjid=532107709&cid=671840452.1702695751&tid=UA-81117537-17&_gid=1115491348.1702695751&_slc=1&z=1249959394
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-81117537-17&cid=671840452.1702695751&jid=1146402661&gjid=532107709&_gid=1115491348.1702695751&_u=ACCAgEABCAAAAGAAI~&z=285020054
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 16 Dec 2023 03:02:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
1190
api-esp.piano.io/publisher/unattended/ Frame 2625 		138 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/publisher/unattended/1190?wv=50&v=vz.1.108.13-79dc946e
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6063e91e9d9d53e4251784c15ba4b1791ef0fa94b86f853f6cc44c8fd489ea5a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
api-esp.piano.io
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000 public
cf-cache-status
DYNAMIC
cf-ray
8363b0211bbb5c26-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 16 Dec 2023 03:02:31 GMT
etag
W/"22694-Cnvubv+wsSDGcu0G+J7ex4yCWsk"
expires
Sun, 15 Dec 2024 03:02:31 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
x-cache-status
HIT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 7878 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 07:28:26 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
4822445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19752
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
CHDXyrfeMrXk5jCiP_qCKS9zOPgF_XBC8fv9gRf7l6WaBNeIg4YWAg==
expires
Sun, 20 Oct 2024 07:28:26 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 7878 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 11:25:29 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
6363422
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
2rUVDpxd7IR5KLfAZnmwTRLr5xM2avHMT21zNYVjME-LCBatcOe-lw==
expires
Wed, 02 Oct 2024 11:25:29 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 7878 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 04:02:05 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
6649226
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QZYGoxyno4naAzuQ-ZzIVKrqy-Q-gFg_Q3v-Ml60l2wVSQPgmWLTSQ==
expires
Sun, 29 Sep 2024 04:02:05 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 7878 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 07:41:24 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5426467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DW5qBRDSMPJxLuIql111v-8ZsxGgjujpWnq-G4zQ_w5aX7cCdn1V7g==
expires
Sun, 13 Oct 2024 07:41:24 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 7878 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 18:36:09 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5559982
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19720
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:47:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
r3pOT6OGsMS-Vn5-zqUAYpmls6VrZGdYVg2S0URd21fXV3SU9tDMVA==
expires
Fri, 11 Oct 2024 18:36:09 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 7878 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 11:48:29 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
1264442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hsihkoYgGdfpLOn1pJYhiEsloJ2MIXV9FG9PlsAQzoJ6xbvcLEknFA==
expires
Sat, 30 Nov 2024 11:48:29 GMT
u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 7878 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 09:03:17 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
7322354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19900
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
cNbCJOOlgcvj6yLul8PlsrR0i1GNibqwnVAbZYoc-MOnXADHXiYRnQ==
expires
Sat, 21 Sep 2024 09:03:17 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/ Frame 7878 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Merriweather:300,400,700,900,300italic,400italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 17:16:19 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
7379172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
19844
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
lmJDq6p0mMVyPpEX7Dq5s_tKAmK5SRGfpCPUO9hpQNM6e5du_3ER6g==
expires
Fri, 20 Sep 2024 17:16:19 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 430D 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79242947&p=161733&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-length
0
KFOkCnqEu92Fr1MmgVxIIzI.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 05:27:12 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
6039319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15764
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
UcDIIFbpLufxYDcCXDRjKCwMGIyHBQzj5SsxPHJboImUBczsZslUvw==
expires
Sun, 06 Oct 2024 05:27:12 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 15:16:12 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
992779
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
SWU2URuuCDLhPb1OTjreefL-AKSYfds3w82UzpHgiAw7BhhL4z-Z6A==
expires
Tue, 03 Dec 2024 15:16:12 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 03:37:30 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5009101
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
CEsXdUPyZJHC1j4BJh-XHNPBgGccK5TaVZoVkqqJPvKzMqpwt2YYnQ==
expires
Fri, 18 Oct 2024 03:37:30 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 16:37:51 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5221480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
C1koo2u9sMDyGui5pyqCY_8oNHtIrApvoW49gWMT2QH5I36TVMLFbA==
expires
Tue, 15 Oct 2024 16:37:51 GMT
KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOiCnqEu92Fr1Mu51QrEzAdLw.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 07:52:40 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5425791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17060
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
4Dge-3e5t0x7s7Y8dmuOTmui5hIcD8lsQwUgFO1yKYqNhEruXZvwQQ==
expires
Sun, 13 Oct 2024 07:52:40 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:37:38 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
6132293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17508
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
IApqlhpTBsQ49_ilMWG0JASQTZpT47v8DKxDUliik_vvligKcEBkjw==
expires
Sat, 05 Oct 2024 03:37:38 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 16:18:35 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5395436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
2AXucgBDlY1nV7oAKY5VUUDRN22WXJ8hb_EBPhmUVd33T_T9DTbhEw==
expires
Sun, 13 Oct 2024 16:18:35 GMT
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 21:23:30 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5117941
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17336
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
xNcvh9-RUiof8l5vh4FXlMV22XM3mfTLqaqkFhYZlBwndOHLj1vPLg==
expires
Wed, 16 Oct 2024 21:23:30 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:27:18 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5466913
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17032
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DEN5w19ip0Ou9JLGGN_c_-Mj7a-9lkx4T_G85kyyebp0twHN4E8dpw==
expires
Sat, 12 Oct 2024 20:27:18 GMT
KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/ Frame 7878 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2csfia1ogd5wa.cloudfront.net/s/roboto/v30/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
Requested by
Host: d3v5317qx0o9g1.cloudfront.net
URL: https://d3v5317qx0o9g1.cloudfront.net/fontcss?family=Roboto:100,300,400,500,700,900,100italic,300italic,400italic,500italic,700italic,900italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:12:3f97:c680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
sffe /
Resource Hash
3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d3v5317qx0o9g1.cloudfront.net/
Origin
https://tockify.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 04:56:13 GMT
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P5
age
5436378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
17552
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
YGYFEpBS6DMfyOB-Atna12kKuI6BY8dsX8pGMtAPnD5XcCFedLgD7w==
expires
Sun, 13 Oct 2024 04:56:13 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Dec 2023 03:02:31 GMT
bounce
ib.adnxs.com/ Frame 8E42
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
9c771d1b-02ec-474c-ac07-e4ed8c0234d3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
6b861420-815e-4599-a036-119a622c6bde
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame CF9A
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
ffda7098-5a7b-4d29-83f2-7f8040f93f21
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
e19b282a-4f71-4eb7-aa82-169843dd113a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2A57 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
d6307c80-50e3-426e-a9a9-e7cc9a3bbf24
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6015 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
58a8ed81-5196-4f22-a966-3c56beeac78e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F9A8 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
an-x-request-uuid
89d24792-1d62-4837-8d3f-205a5e750516
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 9BBF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca35e3abb3afcec275310b5589450e260806e43e84e316579ec204c37ca17da4

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8363b021a9625c74-FRA
content-encoding
br
content-type
text/html
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JS%2FO1lLDwjPc%2BfyWmN1Etj9gY%2Bk4SSbgP3J0%2FgmhI4D38Z6gaPLUEIiyk%2B3I4roglc1DjTGwADWNss80FY2hgXYpSyb5lxMxyVCs5yMUDtn9id0eXIukM2wZP0ZFkSdheJr7UIdh9PQtPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8363b021881a37d8-FRA
content-length
0
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bg%2FUaOM4Aesy9iD1RTuwWYjcNp498GRt5961vAImJFIW0Em0dVDaKvPrm%2FF1%2BPYBhuhfUrmpSbon%2FjMieA4rtMlwjErNFS94hP1o1WbdEOxTTygQFVC%2BJLPMnIXsYEpJ66htJ%2FEwcRi9rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 48AC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189995ab190fef7a72165b5d6698eec9caf524712683f6ccf63b49556b63e74a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8363b021a9645c74-FRA
content-encoding
br
content-type
text/html
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsxHOYk4NsVlgXfAsHyX%2BjtA6usyauSFL7M2O2ehcaSVIFnzI7ePn9lBE2f02UqYX4kFsHTitSQfqAfOLOT5dGAm6SXbAfyEBdVEw7jUjNnVtyFdcY5HYQIbnrTIdOkyuIA%2FW4SYEDJBHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8363b021881537d8-FRA
content-length
0
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqS1ftiwvRXBFcKxr6ewzkFBLXE9CHa3Ck%2Fo21yB5HHeCXqs1hofMWNP2ZYmaujIwWlXiN26yDQe4x8L1OT7tSDP3keFjKplXu63Fci81WG%2FFT5B2gAptEJfxMYDsQ6sBrAnKHICCaBerw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 15FD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48439d30a395942dbd65f27b159f84245dd81b9e72472cb572aee029cbe40b23

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8363b021a9635c74-FRA
content-encoding
br
content-type
text/html
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=am7q0f%2FI73zZ8tyfyrzA3S26OPGeWA%2BVyKEZ3EDCWxJj6iXb7pujF0pvy3ju1RC%2BVzVtlCiDtlCUt28QlnPAsO14xxPodh5ErAYAqEc95%2BXX%2B5yfS6twNpufEQZrEss2JTnOsYxqqy1N9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8363b021881737d8-FRA
content-length
0
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KM9ynTXpHkErH3LA8pFKETjtYae%2Fq7rlicor64HJE5QFmPRTW7IVPxaNIAkEXHYYqy9p66RHSRxiRj7GsPQximeEzb%2Bsc%2BHeAepZKWu0zojOLdS80k94iRJbP14fL5tJAJpUZj1FPzLiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame C926
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec68d354d9a0a52652b5ebff1116a1f3d73b48d5bfc6a8ba2b131f6a2c6dc1e5

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8363b021a9615c74-FRA
content-encoding
br
content-type
text/html
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kf71cWnRGGpj2SCVmAaZ%2BjA9ffL82lzQ5MJdQv36ldQVDBbJdUxYv9GzcA26m1yTy54vM%2FT6y9FQlepVuWsfWyBowk3Qq2tX8rkmDpDowwgLK6esjAP9q2H6%2FKBElKHgVgB1KQ9%2Fh99fBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8363b021881937d8-FRA
content-length
0
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p8PwGNOxF0YFAK%2FcVdmCmL7sXkfvWVTgwxxbdxIVsiHEU2mRL2ySR5gQsz7phduquqT%2FcHQTGhpLoS2ndHass5KRMXsUXPwaqfuIABkwSjUSt8mA5L8SFWzjxTkpR%2FcqdMUJNBkz6P6WWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
d6ea6db1130ea1bd5682f27fd1fb995eb8c3af6c5
operationchicken.com/0/a30a390256563/ 		303 B
807 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://operationchicken.com/0/a30a390256563/d6ea6db1130ea1bd5682f27fd1fb995eb8c3af6c5
Requested by
Host: reconditerespect.com
URL: https://reconditerespect.com/v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
43c3c98f73e5795e627d8e3872c83dcfd3329cffa3b0cfcbce49c0ebce8c4c1c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
x-hostname
fen-hoothoot-europe-west1-zlrc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 16 Dec 2023 03:02:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 325F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
43606
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 14:55:45 GMT
expires
Sat, 14 Dec 2024 14:55:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 68CC 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
49dcb1818dc579ca070b0d8ba0e1c6e0a602bfe2d440f8e0e34c457a1864ce11
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Pn9l32gVy1VIjD44uREQ4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Pn9l32gVy1VIjD44uREQ4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sat, 16 Dec 2023 03:02:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
config.json
c.go-mpulse.net/api/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=47DAA-RMGFC-4U4YY-9C4XF-UTQN5&d=www.29news.com&t=5675653&v=1.720.0&sl=0&si=1266ce44-a0b0-457c-8927-9cf0484bfac2-s5qog6&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=677334
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/47DAA-RMGFC-4U4YY-9C4XF-UTQN5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:184::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9eef2e70d312f387dd3b582baf494c966675d76e206a89e55ce04fc1d2280b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 03:02:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
817
casale
match.adsrvr.org/track/cmf/ Frame 48AC 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 48AC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9TD5KWDDAY7ZB67TPBH2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1D7JTG74XY5PAJ9B9NH5
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 48AC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA6bZdz8427QnaRxJXmrl1A&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA6bZdz8427QnaRxJXmrl1A&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8klkB34WqKNTZbnZILy5rIwjpWnk53ssvL1ZEsx6zk%2BvSoOJejy89W83NJVHhcmk2rLQIcAyRnYZw4vPtf2Zjcc7HnfdF32SURJ1vutqSxxewvbgZZ%2BmYEpgufz6Uowjp%2BL4G8Ut9QDmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02259b35c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA6bZdz8427QnaRxJXmrl1A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
live_intent_sync
x.dlx.addthis.com/e/ Frame 48AC
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX0TR8-IB3cTurnxLTMuqQAA%263212&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX0TR8-IB3cTurnxLTMuqQAA%263212&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=994ff8250cfe493b9f9ab0f81ca3984e
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=7277780670113784995
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8cad3cbe-fcb8-4cf5-864e-688023537674
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8cad3cbe-fcb8-4cf5-864e-688023537674&rd=Y
43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8cad3cbe-fcb8-4cf5-864e-688023537674&rd=Y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
2.19.217.66 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 16 Dec 2023 03:02:33 GMT
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=8cad3cbe-fcb8-4cf5-864e-688023537674&rd=Y
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Sat, 16 Dec 2023 03:02:33 GMT
crum
dsum-sec.casalemedia.com/ Frame 48AC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E0EEF2CC2B8B48299D75C6DFFDF5E619
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E0EEF2CC2B8B48299D75C6DFFDF5E619
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2F7tjNH%2FxGGNapwO5P7kNYojPKNkBLWdU0tNb82fQJxWQcu9q6vZtBq1sRgEHTgMsCMaMqXHOrlIdUYycFpSzYF1nrOXs1CPtHLfzJoxb3OX23HYa5f8j%2Ff4s6gzzsqCJV1Zbruru8gnjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02229a55c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 16 Dec 2023 03:02:32 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=E0EEF2CC2B8B48299D75C6DFFDF5E619
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 15 Dec 2023 03:02:32 GMT
user-registering
ads.stickyadstv.com/ Frame 48AC 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZX0TR8-IB3cTurnxLTMuqQAA%263212&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:32 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1702695751576096-595
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 48AC 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:31 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 48AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZX0TR8_IB3cTurnxLTMuqQAADIwAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO4QUjreUTAmT-by91zfuQc&google_cver=1
43 B
730 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO4QUjreUTAmT-by91zfuQc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwMTH3Pg1aPLAwEfcdDz3CiYF5jThZY3Qvw8T22uBg5QaLabX6pCF2JfHNvRU4tcyTs8MpmnmquYagi5AwKO1Y2cNbrET2%2BOpqScxAB%2FXELTiJKcZytk9QHac1KSIM65hro9WTW8De1XYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02279c35c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEO4QUjreUTAmT-by91zfuQc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 48AC 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZX0TR8-IB3cTurnxLTMuqQAA%263212
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
62377
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8363b021ecd739c2-FRA
content-length
43
expires
Sun, 17 Dec 2023 03:02:31 GMT
dcm
s.amazon-adsystem.com/ Frame 15FD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E13J5P6SMS5SHX4WV2JC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4T2QH8PGC2BTAZCYXKMK
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 15FD
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=d6a9ba46b9f7449788890b733eaf8c2b
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d6a9ba46-b9f7-4497-8889-0b733eaf8c2b
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=d49ebdf9-e4a2-4b04-a2fb-e23a30abbc53%3A1702695752.552832&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd49ebdf9-e4a2-4b04-a2fb-e23a30ab...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322330163116219&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd49ebdf9-e4a2-4b04-a2...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=d49ebdf9-e4a2-4b04-a2fb-e23a30abbc53%3A1702695752.552832&_=1702695752.556358
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=d49ebdf9-e4a2-4b04-a2fb-e23a30abbc53%3A1702695752.552832&_=1702695752.556358
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=d49ebdf9-e4a2-4b04-a2fb-e23a30abbc53%3A1702695752.552832&_=1702695752.556358
content-length
443
x-amz-cf-id
CFHAhPXbu2mFWWsj-J03GTksR8yGeVnSbarzr777xfH8hwKvuS05XQ==
usermatchredir
ssum-sec.casalemedia.com/ Frame 15FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIPm3A4_34Bkjuf4bS6x_Us&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIPm3A4_34Bkjuf4bS6x_Us&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHdak5UfowESyjtMNLWdQUESA2LCXeaN0Runeq%2BpLiaEW7Yzf9cUuZULyzO8kFwskGZmT79NjQKUmN%2FSYvd8ocmB67ayPGmgrk6YOjWliAdWQvXAMU5qQuhyHHrVN4F%2FcFhkeuhz7n9zUw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02259b45c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIPm3A4_34Bkjuf4bS6x_Us&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 15FD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCskzOWulzbfXCdFhURw38&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCskzOWulzbfXCdFhURw38&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BSvClCuPMHRUckEyyIwJyZhgADOC%2BrrafpO%2BYkJYsxj3scXFi4EqP6wf07YpVTrAKHbydOgXVXuSa7gLBbE4y27cLzoNkEjmt6SiKv4NSnIp7sj2qWbiB9tsLYpGawAHtG%2FO4sgdDfyVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02289cd5c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEDCskzOWulzbfXCdFhURw38&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 15FD 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.190.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
bridge
cm.adgrx.com/ Frame 15FD 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-4
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame 15FD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HIcQraVeWo5fdE6ivFfKolFfBSs
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HIcQraVeWo5fdE6ivFfKolFfBSs
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg6FRQLlVpuoi%2BC19QY0w29PcxyG2iXHMM99GWyh4sxcRURH9SqCcORmELDzENYOLj9aqZUci2m%2F0YAzs6KuC76GoVZzavxvCY5d7h%2BlXsbts7ZNiWPH4mlCp%2BbN%2Bwk2eh73Qw7YvqslLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b0244a9d5c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HIcQraVeWo5fdE6ivFfKolFfBSs
Date
Sat, 16 Dec 2023 03:02:32 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 15FD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=EDxbl0H21RekWI5
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=EDxbl0H21RekWI5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zNxd5TqfipF3pX%2BKGQNK4PzUaKiC0tbnrI%2B3di1%2BszIWBw2BVUxVj8K9fB2nEAx%2F7EZUl3Nc1oQxhU3CFsx%2F3ecCEuRGKMz3f1KTooewRxYQJhoPe9iM7rKRGqISwlVgTANZpgqNhLMJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02249b05c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:31 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=EDxbl0H21RekWI5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 15FD 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZX0TR3RFexcWRhqkK9aNbwAA%263163
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
62377
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8363b021ecd839c2-FRA
content-length
43
expires
Sun, 17 Dec 2023 03:02:31 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 9BBF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEANf92LicBvugimhunbCwhM&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEANf92LicBvugimhunbCwhM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa0mZkaQhZ%2Fdl824Hnw20l8zx%2F5MiguIcEHYe%2BEyfCqHQ7PDgQAGf78J6Cw6RfIM%2Fbs9bMmuyu564NSh4aX4bN%2FFkHEu4gY6AKF47N061KZzmwZ3l0L%2B%2F7WzM0yf11mwfcvZh3aixGpUdA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02289cb5c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEANf92LicBvugimhunbCwhM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9BBF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL7ugHpDWGfY-vGOz9sd7bI&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL7ugHpDWGfY-vGOz9sd7bI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9y6FyKZwf%2BLGTW8BmgJtkGCMaXdoO2V%2BPEOMtyvz8qi9cCEybntQ8Iw%2FE4ZqCow7eJukRdk7VVAKZosx5xw1EFs6dw1RAsMB4DZcUrt4h4jwelkN3fhlWKtg8GdhHsQtH4IumDmFucA%2Bww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02289cc5c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL7ugHpDWGfY-vGOz9sd7bI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 9BBF
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=8cad3cbefcb84cf5864e688023537674
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=8cad3cbe-fcb8-4cf5-864e-688023537674
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=ee8159bb-2ffc-4052-b613-eb86ee531ef1%3A1702695752.551941&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee8159bb-2ffc-4052-b613-eb86ee53...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322330163116219&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee8159bb-2ffc-4052-b6...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=ee8159bb-2ffc-4052-b613-eb86ee531ef1%3A1702695752.551941&_=1702695752.555066
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=ee8159bb-2ffc-4052-b613-eb86ee531ef1%3A1702695752.551941&_=1702695752.555066
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=ee8159bb-2ffc-4052-b613-eb86ee531ef1%3A1702695752.551941&_=1702695752.555066
content-length
443
x-amz-cf-id
l1iH2aiC0OVIXwLJ8Fa-NygMzMGQAzAM0bXT3hy766WZwiyeOsYImA==
dcm
s.amazon-adsystem.com/ Frame 9BBF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TW7B5F6DZA4W3TSA8HFQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:32 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VYRMNPFBE0H8Z4AK3ZNM
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 9BBF 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:3014:5030:a5b6:caa6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 9BBF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX0TR3RFexcWRhqkK9aNbwAA%263163
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX0TR3RFexcWRhqkK9aNbwAA%263163&tc=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=AO66_VLj1Csx41qQOKxvZZxktUJUTuEc9b2njU4c9UM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX0TR3RFexcWRhqkK9aNbwAA%263163&tc=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=AO66_VLj1Csx41qQOKxvZZxktUJUTuEc9b2njU4c9UM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX0TR3RFexcWRhqkK9aNbwAA%263163&tc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gesSLcltMLz6dqlKeWVrZb0w3MD68oxbHKQ%2BPzY5s07q%2Fpd6%2F8%2BYpDW38%2BnhqJDkdgRzqUd6d1NAGWiYljagxYxNvSTBuKf5PjpCuoQqSl5ytK4%2FwgGIT6Uw5NEF0EuDDeRwrTAww0mcxw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02269bc5c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=AO66_VLj1Csx41qQOKxvZZxktUJUTuEc9b2njU4c9UM&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=ZX0TR3RFexcWRhqkK9aNbwAA%263163&tc=1
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT, Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ie
match.prod.bidr.io/cookie-sync/ Frame 9BBF 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.177.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-177-198.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:32 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame 9BBF
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1702782152
43 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1702782152
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctGfui2nhg8ZiDifgWSs72P0B26loi5aShHwi9d981pPDR%2BNAzZ2JhOl7hzIrau0C2gtXHN5RIpMCqi8fl%2Bs%2B587a3OmGyVT1XH5sTDZoABMCNMfeyxuMxAOYXk7XJnHY%2BvN%2Bi0N"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b022c8ce37d8-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1702782152
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 9BBF 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZX0TR3RFexcWRhqkK9aNbwAA%263163
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
62377
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8363b021fcdd39c2-FRA
content-length
43
expires
Sun, 17 Dec 2023 03:02:31 GMT
crum
dsum-sec.casalemedia.com/ Frame C926
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ8J1jjbQtpvb-6DkVt027o&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ8J1jjbQtpvb-6DkVt027o&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmVtgV8JmEPRFu3P2M1uTZcwwVzsexRnOGXyLGJd%2Bmzb4jH8BZiavwN7L%2Fv0gt%2Fcnl0Z%2BMvniVJ%2FNIbcB0wLgPXlTZ1UN9gpqUGJkJusbQLdzdq10jiFa4ROhprWQ0dTHeFFq%2FzTXV9TkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02269b95c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJ8J1jjbQtpvb-6DkVt027o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame C926
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZX0TR3RFexcWRhqkK9aNbwAA%263163&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c543bcb1c493449ba8aef43c70103569
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=d6a9ba46-b9f7-4497-8889-0b733eaf8c2b
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=63e3242a-ef28-4c7c-99f5-b0561a7898c2%3A1702695752.5522416&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D63e3242a-ef28-4c7c-99f5-b0561a7...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588528074527539&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D63e3242a-ef28-4c7c-99...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=63e3242a-ef28-4c7c-99f5-b0561a7898c2%3A1702695752.5522416&_=1702695752.5547507
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=63e3242a-ef28-4c7c-99f5-b0561a7898c2%3A1702695752.5522416&_=1702695752.5547507
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C1
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=63e3242a-ef28-4c7c-99f5-b0561a7898c2%3A1702695752.5522416&_=1702695752.5547507
content-length
447
x-amz-cf-id
L4mSOAwmZup--a8who540eaixrQa2eZI3VzPKdjwKqwycJ3uAF2wBg==
casale
match.adsrvr.org/track/cmf/ Frame C926 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame C926
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJLEnbkUfuX2vLuNBquYOk8&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJLEnbkUfuX2vLuNBquYOk8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUkrZc49ZOhsgsKpOVAWpEIA%2B98FTDpxxG%2B%2FBncuXcVPVNaKyq62fIA5ZzQ3SOUWBwKODJ7unBp2vZ93iuIJgwPzJOtDnzGu%2FxK9yKMmHQz%2FElfp7BBrebnYPGIQJkQhnmguov2RKLs09g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8363b02269be5c74-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEJLEnbkUfuX2vLuNBquYOk8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame C926 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.190.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
ix
ad4m.at/ad/sim/ Frame C926 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
user-registering
ads.stickyadstv.com/ Frame C926 		43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:4::25 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Dec 2023 03:02:32 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1702695751837049-527
sync
ssbsync.smartadserver.com/api/ Frame C926 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.180 , France, ASN16276 (OVH, FR),
Reverse DNS
ip180.ip-164-132-25.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame C926 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZX0TR3RFexcWRhqkK9aNbwAA%263163
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.29news.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
62377
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8363b021fcde39c2-FRA
content-length
43
expires
Sun, 17 Dec 2023 03:02:31 GMT
css
fonts.googleapis.com/ Frame 2625 		2 KB
979 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-esp.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 01:20:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Dec 2023 03:02:32 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 325F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 00:43:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
8330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Dec 2024 00:43:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 68CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=2898426256219873&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
489e855498b4caba5552d43a48e99701be3bc2390ba
operationchicken.com/3d923421c37/ 		3 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://operationchicken.com/3d923421c37/489e855498b4caba5552d43a48e99701be3bc2390ba
Requested by
Host: reconditerespect.com
URL: https://reconditerespect.com/v2bkp9Uun3-1LRAB_lzCZndpym_6H7eOtuB69j2DMKvsxBxYzTMW8Pcb8nw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:636d::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
x-hostname
fen-hoothoot-europe-west1-zlrc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 16 Dec 2023 03:02:31 GMT
mail-logo.png
api-esp.piano.io/public/sdk/v04/assets/ Frame 2625 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-esp.piano.io/public/sdk/v04/assets/mail-logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-esp.piano.io/publisher/unattended/1190?wv=50&v=vz.1.108.13-79dc946e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
47816
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
18301
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"477d-18c447e5b90"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8363b0225c6c5c26-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sun, 15 Dec 2024 03:02:32 GMT
success.png
api-esp.piano.io/public/sdk/v04/assets/ Frame 2625 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-esp.piano.io/public/sdk/v04/assets/success.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://api-esp.piano.io/publisher/unattended/1190?wv=50&v=vz.1.108.13-79dc946e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
47778
x-cache-status
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
20011
last-modified
Thu, 07 Dec 2023 13:36:20 GMT
server
cloudflare
etag
W/"4e2b-18c447e5b90"
access-control-max-age
36000
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
api-esp.piano.io
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8363b0225c6d5c26-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires
Sun, 15 Dec 2024 03:02:32 GMT
w_shown
api-esp.piano.io/tracker/lucid/event/787/1190/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/event/787/1190/w_shown?src_story=https%3A%2F%2Fwww.29news.com%2F&visitor=tdywcltknpim9hqt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.29news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://www.29news.com
access-control-max-age
36000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8363b0226bb192b3-FRA
date
Sat, 16 Dec 2023 03:02:32 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains
w_shown
api-esp.piano.io/tracker/lucid/event/787/1190/ 		39 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-esp.piano.io/tracker/lucid/event/787/1190/w_shown?src_story=https%3A%2F%2Fwww.29news.com%2F&visitor=tdywcltknpim9hqt
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
DYNAMIC
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
content-length
39
server
cloudflare
etag
W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-max-age
36000
access-control-allow-credentials
true
cf-ray
8363b0231cc15c26-FRA
access-control-allow-headers
Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
/
0217991e.akstat.io/ 		0
202 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://0217991e.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/47DAA-RMGFC-4U4YY-9C4XF-UTQN5
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:9a4::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Sat, 16 Dec 2023 03:02:32 GMT
generate_204
tpc.googlesyndication.com/ Frame 325F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SB531Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
js
www.googletagmanager.com/gtag/ Frame 7878 		244 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Requested by
Host: public.tockify.com
URL: https://public.tockify.com//app/736.ef286327c36ee15e6da4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6edc41fd18de693f46454d25aa8dc40be58276c2357292c0eb691c117648d241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86510
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 03:02:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=2898426256219873&bg=!-_il-LfNAAY3kmNgF5I7ADQBe5WfOM_n95uCbtfyQKNVGeR17V5bOQhet-R2BSbrCHh1qMfA37MFV45NuDX9irbeEbkkAgAAAExSAAAAAmgBBwoAfz9wjDNFCUETQXFHuQcQV5ssIMTzVniuV_KgXbZA2njdkaSOsXdTupvoveayJOlKgpQTrTGiolDXNxh0vzIqxOQztwAhha55E08bs7kMzNzfZ8FLP6ocIbR1PEDQHt2PHbJMjkx9v5vlJfKVxiLyLNL0U6kEXYM2xUpciVNnbW6ZAv7O-QnVVPcoa5EM_STA5sZadcpI6dbQVAL1HpKVcIyaRkc0QOqJdJ6TseD0Cro7AmaAV_eCj14HE4YHBMtz0eMcxobyV1B0Gdj8PVOPPZTWrG4CB-BoxcaN0rbJeOdmWnxi2P7Qw1yeVm99aZEoCSW4EzU6SNKqAwAInOJH6mVyfqfAEArZjvV141OIynJjo396cCqhoj_8MFrujk145U6TrUIvZsixn6gF7vv7H-W63ypaoezXgwoxPTn4ps1ETf5sGKXTSsJhJTGYtP0HNaMI3TcPIDiMDtI491nrhKaXgI-U9jxrsamjvF0h4hU_E6TIm7bWae5hVY2N9Ff07h6wXwNKNKVf8X_TYajomUTSwxzQRf_VOVLea1-3nU1nrpbYfpkIjx0Q1gV8ef0UHT74IyUUGWUWy6WbrCUUt_aeOHN3wCEV2d5lJDVLjEB0DFrMxnGND5Chnz_K-RwdDw3UcIWlnCtNOT7IPcUgI_7HZBswh3uS1v3l-_stYjHp38pUg3fS74TvAztDiKSgG4GNNMXM-xNtjgXkyQDWfNXBDFk0UCXPPOxRaVXOVgLFvBageI6AMdFcHKWs_km2Y1raf-jw3pCeDuu_VgS04qCptwCj9SnXpltuxdyqfCxtlYlrCqxm9uPuwhNVyT5ps1K3wHtKBPG_LSmt1HkT8Oel95Epzp69_wVTbTmrpHB5em9Qx6Hjf3f4EuBhBZkNbOgr2X8kWhJhOASGjC3nHFUDHCmHiY-Y1gNR-0EzeI7SChFlVTzx0Z8TNw6R-DhDRJu4iP77MhT8TnC6ENXYofb6Fe0PT6T_pjjVflvcNa73G-wE4BNpoaZc5AZ-KMRc_1zK3kir7pI8aR8m6Di2Qp7GSM7oI8UUiD93ooGzcvLcqulXQ1R2OUDzxlEFa2Usp7zgfPVbKRhahkg7qM3Gd7H_fqyI91Izwh_jV1BuotDVKGFFBFI9mqOOnn-DLXLzzFLrFlR6_oLiwpGu3j-4tjU2ilU7IL000kZu8G3uD4i9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
video-reel.js
cdn.taboola.com/ui-ab-tests/video-reel/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfbe54b8cccdae69aca8b2da4cdcbc0f61a4e142ccdcbe72d65fb767cd46eb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
KvQtu.MFG3yZl31_3R4jp.Co0Nm2lgRh
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:32 GMT
x-amz-request-id
P7J8WXEPCG44E6JJ
age
27725
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
10622
x-amz-id-2
iXZPiOgtSsTFXAsjv6t8NpKuzLH6mpWFVxxbJ/tbA8SbqdUIx+SqqiCufHdZT1x2w5cpNAusvxU=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 14 Dec 2023 11:20:26 GMT
server
AmazonS3
x-timer
S1702695753.641835,VS0,VE0
etag
"e7c1b011fd739806c383e202beb1ad36"
vary
Accept-Encoding
content-type
application/x-javascript
abp
77
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2245
video-reel.css
cdn.taboola.com/ui-ab-tests/video-reel/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/video-reel/video-reel.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3996eb66cb853fa453b95aaa992fcbed2ff3f176fe8bea6c19429edaa177525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
MH3BbPBKSG_lXERKhMaG5ggjY4rw8rfH
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:32 GMT
x-amz-request-id
XPE0BME9YK174T8G
age
27726
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2611
x-amz-id-2
SbXaUY2kwY0MHJ9IODevnohDUTxOFKMCekSoXV/YUpyC7dWkGEaH9JdLkH3k3Q6FugUTPhBrlAk=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 14 Dec 2023 11:20:25 GMT
server
AmazonS3
x-timer
S1702695753.641839,VS0,VE0
etag
"803a96d34abbdd0ad7b05d2c05b72cdd"
vary
Accept-Encoding
content-type
text/css
abp
4
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
2208
UnitInstreamDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.5/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.6.5/UnitInstreamDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f1e2aff8baeea2cb4962805e9a8f098013c38cae12af54691cfed60a31b9da3

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
212740
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34191
x-served-by
cache-fra-etou8220028-FRA
last-modified
Wed, 13 Dec 2023 15:44:08 GMT
server
AmazonS3
x-timer
S1702695753.661544,VS0,VE0
etag
"6864d48baf873d271259624a7f62a8c7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
9R_gz_cETg9mhAQg_GZLAFO_VF_e-ZI-5e4XUk69Q65856V50gEyew==
x-cache-hits
8396
userx.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fd57fcaa8ad308df1294bec4cac27c6d3de96d4ddd8c9ccc0e64bbf53405c1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
0w2Kzly3isndPbrevoFCAXmSdzyXCJks
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:32 GMT
x-amz-request-id
YFCDEYY3N9YCDVEJ
age
145664
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
TNNTZARWu7CjvPpq3w8eYNj4guDerff1G6w2MIBKwqehoxfRml64bg2IpDa0lgf2zGXcIbi7MYg=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 14 Dec 2023 10:34:49 GMT
server
AmazonS3
x-timer
S1702695753.661437,VS0,VE0
etag
"8e107f1dd6be47202c60bb3cae1364bb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
62
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
48422
distance-from-article.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fbff9b65ef8723e80ceca2e6e427a2ab2504dc2ded26428e63b031271efb1567

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
lW7YGGeN6hcYeF66iX_fhz2y856dmCTe
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:32 GMT
x-amz-request-id
A35HNKK4CQS7KMRY
age
145615
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
C8BvsT6/ttWQnxoeCzouv73UXc++BPmkmRIsVo/7NLFd+MMqo5lSFiaV6nQpApCebgyIwjB2O+E=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 14 Dec 2023 10:35:36 GMT
server
AmazonS3
x-timer
S1702695753.661424,VS0,VE0
etag
"dd412c7d99a54edade3091a2b2ef3541"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
222527
article-detection.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3561c9de219c6c970eee73fe84ad5bf1cabc27795b956a798c9b3c7856e88a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
EIWEQi6Z_h9z4q2CNc_AgVz6tATB9PZJ
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:32 GMT
x-amz-request-id
GM8JVX1ZSFS4MZM8
age
145608
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
BQwo9+Ltxp+C3F2Ho8rGHoSzSfWffzHO6w9UGg+OeTBXyNVyrVWLPvkggxz3Hf8y3+kR8CIhA5k=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 14 Dec 2023 10:35:45 GMT
server
AmazonS3
x-timer
S1702695753.661642,VS0,VE0
etag
"8bd5d4c95ab5925470f34d1b54d8584d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
21
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
222468
article-and-feed-area-scanner.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a790c4426c39f8a3c6d8fbc63bb0921a1679f6e994bc96b14ac212d5f8de1e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
o9NWirnmpyfw_2bfYdpRllp.Avyh8Ij.
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:32 GMT
x-amz-request-id
8E1WM9RDWHE3NAYJ
age
145606
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1149
x-amz-id-2
6eO03uxpowresnLGdiB0ygl94drpYFj1tvvqpmv9JqKDg6HO5t6nRcs22wa98zGMTm2ZC1zbr4s=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 14 Dec 2023 10:35:46 GMT
server
AmazonS3
x-timer
S1702695753.662026,VS0,VE0
etag
"a06e9c954ac81096ccad58bd03650876"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
84589
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.5/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d14db5aa3a9a0f4c0196782e2f038cf75c37c41b3dee5770c9c73b5f79b5b63

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
213345
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34196
x-served-by
cache-fra-etou8220028-FRA
last-modified
Wed, 13 Dec 2023 15:44:08 GMT
server
AmazonS3
x-timer
S1702695753.661633,VS0,VE0
etag
"c00c10ab2c90d22318ea8bb174cb61ec"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
oVEanwhuuTb2obkvu8uyjVd3Pae76NsuRCS0qcwVvLJ5r8RVeHZopQ==
x-cache-hits
35164
feed-card-placeholder.20231214-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231214-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/meredith-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dc3395f1ebb5b9a3540c4f66c1137e123f0559efe4ffe7394a036951e8f2150

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
ljFZxInz.r7lTZ88icjfA0iOUXikUcz6
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:32 GMT
x-amz-request-id
ZK4Z7DD89BBX9YF1
age
145629
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
2mqN8vtFL4Fpfw4k60MAxiU9dHAo3BnWueheaxFd3Ox9ZsQOzCPOwegVQg7F3mEsJ51dbiPHJV8=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Thu, 14 Dec 2023 10:35:24 GMT
server
AmazonS3
x-timer
S1702695753.662467,VS0,VE0
etag
"c08dd6376a0e380b7b11e56045024f65"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
74
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
215510
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:32 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
36
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1702695753.690857,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
60
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
6
json
hp.taboola.com/graytv-wvirnbc29/trc/3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/graytv-wvirnbc29/trc/3/json?tim=04%3A02%3A32.701&lti=deflated&data=%7B%22id%22%3A109%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695751_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA%22%2C%22ui%22%3A%22da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7%22%2C%22uifp%22%3A%22da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7%22%2C%22lbt%22%3A1702685083480%2C%22vi%22%3A1702695751405%2C%22cv%22%3A%2220231214-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.29news.com%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7765%2C%22nsid%22%3A%22meredith-network%22%2C%22ad%22%3A%7B%22hp4uGetRegions%22%3Atrue%7D%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20Latest%20Headlines%201%22%2C%22orig_uip%22%3A%22HP%20Latest%20Headlines%201%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20More%20News%201%22%2C%22orig_uip%22%3A%22HP%20More%20News%201%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22ex%22%3A%5B%22%2F2023%2F12%2F15%2Fmattress-pad-recall%2F%22%2C%22%2F2023%2F12%2F15%2Fhealth-officials-warn-accidental-poisonings-around-holidays%2F%22%2C%22%2F2023%2F12%2F15%2Fcharlottesville-area-florist-growing-fast%2F%22%2C%22%2F2023%2F12%2F15%2Fmemorial-plans-wilson-alden-richey%2F%22%2C%22%2F2023%2F12%2F15%2Fcrews-put-out-fire-albemarle-townhome%2F%22%2C%22%2F2023%2F12%2F15%2Flegal-aid-justice-center-calling-lawmakers-make-changes-court-fees%2F%22%2C%22%2F2023%2F12%2F15%2Fpolice-investigating-reported-armed-robbery-albemarle-store%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fpolice-investigating-reported-robbery-albemarle-store-12p%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fcrews-put-fire-albemarle-townhome%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fcharlottesville-area-florist-growing-fast%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fmemorial-plans-will-richey%2F%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20Latest%20Headlines%201%3Dorganic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%2C%2CHP%20More%20News%201%3Dorganic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22trcDomain%22%3A%22hp.taboola.com%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
19b6c13986b65975fa61d31548f48901452f87ef9c8be9ac932397d939a94883

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
60
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.13208333333333333
x-fastly-to-nlb-rtt
7521
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1702695753.725891,VS0,VE60
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abtests
trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-dupChecker%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1702695752702%7D&tim=04%3A02%3A32.702&id=6840&llvl=2&ri=cc7c6fa0d238722a47eb26107b52fbe5&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695751_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.29news.com
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-ct%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1702695752703%7D&tim=04%3A02%3A32.703&id=8708&llvl=2&ri=cc7c6fa0d238722a47eb26107b52fbe5&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695751_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.29news.com
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1702695752704%7D&tim=04%3A02%3A32.704&id=4655&llvl=2&ri=cc7c6fa0d238722a47eb26107b52fbe5&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695751_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://www.29news.com
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/graytv-wvirnbc29/log/3/abtests?route=AM:AM:V&tvi2=13482&tvi48=10638&tvi50=13923&lti=deflated&ri=cc7c6fa0d238722a47eb26107b52fbe5&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695751_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&wi=-7992345245744169175&pt=home&vi=1702695751405&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1702695752652%7D&tim=04%3A02%3A32.652&id=5097&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
288 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?route=AM:AM:V&tvi2=13482&tvi48=10638&tvi50=13923&lti=deflated&ri=cc7c6fa0d238722a47eb26107b52fbe5&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695751_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&wi=-7992345245744169175&pt=home&vi=1702695751405&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1702695752661%7D&tim=04%3A02%3A32.661&id=7050&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7366
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695753.706192,VS0,VE10
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc-events.taboola.com/graytv-wvirnbc29/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/graytv-wvirnbc29/log/2/debug?tim=04%3A02%3A32.661&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=5893&cv=20231214-9-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22taboola-below-homepage-thumbnails%22%5D&vi=1702695751405
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12546
64afb2fa3f7c0c2167ee41e0927ab226.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64afb2fa3f7c0c2167ee41e0927ab226.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8714ca9660a9693b36fab864a7ccda1ace5b522489133209acfe5eb5f5740552

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64afb2fa3f7c0c2167ee41e0927ab226.jpg
age
1270202
edge-cache-tag
306971698270442488496225556722597122028,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
306971698270442488496225556722597122028,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
836
req-referer
https://www.augsburger-allgemeine.de/
content-length
28026
x-request-id
7703281526a31a9985c75f3dc3e14e8b
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000135-IAD, cache-iad-kiad7000165-IAD, cache-lax-kwhp1940025-LAX, cache-iad-kiad7000040-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 01 Dec 2023 08:24:34 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=33446,owidth=1200,oheight=800,obytes=175475
x-timer
S1702695753.727389,VS0,VE1
etag
"606278c821efa623bd727a4a88c94b2e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1d34d9360bf7b20b2bc7f617e311fc00e2701790c89ddcbb1a8b9492ee19fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
age
663623
edge-cache-tag
430448083929883128751191760526608857454,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
430448083929883128751191760526608857454,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
116
req-referer
https://fancy24.eu/
content-length
19956
x-request-id
9f2e6d1e103d94f8b44a832aef4dc3eb
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100124-IAD, cache-iad-kjyo7100035-IAD, cache-lga21933-LGA, cache-iad-kiad7000153-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 08 Dec 2023 10:42:10 GMT
server
nginx
surrogate-reporting
width=932,height=517,bytes=57894,owidth=932,oheight=582,obytes=128865
x-timer
S1702695753.727169,VS0,VE1
etag
"c55174b913c33af59a1e46de82a07e17"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
31c431056b091aea1ef4b804aeacee0d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/31c431056b091aea1ef4b804aeacee0d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ae0209ee3efe384229f3d84d12fef6c514e26548e24dfb28b2a614f616b23860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/31c431056b091aea1ef4b804aeacee0d.png
age
3209910
edge-cache-tag
521905498663367633710541409358798272650,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
521905498663367633710541409358798272650,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
477
req-referer
https://www.karlsruhe-insider.de/
content-length
15332
x-request-id
8c08b01054e2fa1137d2b4572c68fffd
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100168-IAD, cache-iad-kjyo7100062-IAD, cache-sna10736-LGB, cache-iad-kiad7000068-IAD, cache-fra-etou8220042-FRA
last-modified
Mon, 02 Oct 2023 15:37:13 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=33518,owidth=1024,oheight=833,obytes=1076910
x-timer
S1702695753.727169,VS0,VE1
etag
"01327154aad51522a10e6c2c34938028"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5832e7b1161d4c5d7a4d9321474f0e5b60978981e266d4254d4731d90e76c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
age
222611
edge-cache-tag
335444885133266968752896752173434359422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
335444885133266968752896752173434359422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
211
expiration
expiry-date="Mon, 25 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.watson.de/
content-length
20864
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000092-IAD, cache-iad-kjyo7100158-IAD, cache-lga21934-LGA, cache-iad-kiad7000046-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 24 Nov 2023 13:50:19 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=23573,owidth=600,oheight=400,obytes=329618
x-timer
S1702695753.727372,VS0,VE0
etag
"c853d7db0e51c40ef0081b31bf0472c3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 9
242539260f63a0747c93d98a79c54310.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/242539260f63a0747c93d98a79c54310.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8d70459db62c246981231f38d44f2fc338a9394dc18720e0fe66577fa87d029

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/242539260f63a0747c93d98a79c54310.png
age
4041949
edge-cache-tag
330909382232880183499343241642809654123,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
330909382232880183499343241642809654123,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
131
req-referer
https://cdn.taboola.com/
content-length
89162
x-request-id
a343234b4d703712ae0a4b945f55efff
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200062-IAD, cache-iad-kiad7000146-IAD, cache-iad-kiad7000172-IAD, cache-fra-etou8220042-FRA
last-modified
Mon, 30 Oct 2023 08:03:10 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=166287,owidth=1000,oheight=600,obytes=1535599
x-timer
S1702695753.727525,VS0,VE1
etag
"02257440632c24008f2a8c313dc627e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2, 1
32f3fff616702a4cedf32b67795028de.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32f3fff616702a4cedf32b67795028de.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa36ae562963a93b1181f56d0079c422d85ce9969f1e0f391cf46f5478f752ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32f3fff616702a4cedf32b67795028de.jpg
age
128809
edge-cache-tag
567278900994004249683827301186378243653,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
567278900994004249683827301186378243653,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
459
req-referer
https://www.fussballtransfers.com/
content-length
36320
x-request-id
4d6bafd67a3034ccef2e4867bd9a3764
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100101-IAD, cache-iad-kiad7000127-IAD, cache-ewr18161-EWR, cache-iad-kcgs7200167-IAD, cache-fra-etou8220042-FRA
last-modified
Mon, 11 Dec 2023 11:35:51 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=53480,owidth=1500,oheight=1000,obytes=128116,ef=(1,13,17,23,30)
x-timer
S1702695753.741213,VS0,VE1
etag
"42dc97280743d025e0e2f70c2d85fa7e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
df131adc1570a875c48731e3bb5ee82c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df131adc1570a875c48731e3bb5ee82c.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
656985ea1d2b50a2585a1099dcd80a31348e6e45760c0d96947a17ff234dab65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df131adc1570a875c48731e3bb5ee82c.png
age
1172994
edge-cache-tag
541394118002638703420422170101642682339,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
541394118002638703420422170101642682339,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
151
expiration
expiry-date="Mon, 06 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tippsundtricks.co/
content-length
23234
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kjyo7100070-IAD, cache-lax-kwhp1940049-LAX, cache-iad-kjyo7100153-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 06 Oct 2023 13:19:13 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=33079,owidth=600,oheight=600,obytes=498130
x-timer
S1702695753.742894,VS0,VE1
etag
"1d60fac8b20d21ea034cdaeff389eb50"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 28, 0, 19, 1
cfd80db57f304463e5686837f074d9ad.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfd80db57f304463e5686837f074d9ad.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1028d4cb1b58d40ac786525eff481970ddb7a9caf5baefdd9fae01f816c13254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfd80db57f304463e5686837f074d9ad.png
age
5061064
edge-cache-tag
340955847638608330389613144424760946790,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
340955847638608330389613144424760946790,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
120
req-referer
https://www.express.de/
content-length
17266
x-request-id
237e6dff74b3a237a44239534f342b87
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200177-IAD, cache-iad-kiad7000074-IAD, cache-iad-kcgs7200067-IAD, cache-fra-etou8220042-FRA
last-modified
Thu, 31 Aug 2023 22:18:49 GMT
server
nginx
x-timer
S1702695753.742973,VS0,VE1
etag
"7d3ac633748e83dce8366adb7068ac38"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2, 1
93b00cf9420a16b5bd28580926bed799
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93b00cf9420a16b5bd28580926bed799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51d5a3c37bd0e20bfa9856f24fff86386a7fe173f244ee3836c8f6cc34a436a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93b00cf9420a16b5bd28580926bed799
age
2197367
edge-cache-tag
349087921095247456509117759328833712828,458819120031143973608810691998763911622,29ecf9b93bbf306179626feeda1fab70
cache-tag
349087921095247456509117759328833712828,458819120031143973608810691998763911622,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
712
req-referer
https://lifestyleguroz.com/
content-length
42320
x-request-id
6c9d1cffeb9ab29044b6c320db97e34a
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000137-IAD, cache-iad-kjyo7100132-IAD, cache-lax-kwhp1940026-LAX, cache-iad-kjyo7100031-IAD, cache-fra-etou8220042-FRA
last-modified
Sun, 19 Nov 2023 14:47:20 GMT
server
nginx
surrogate-reporting
width=760,height=423,bytes=65438,owidth=1445,oheight=1445,obytes=324566
x-timer
S1702695753.756023,VS0,VE0
etag
"5f32e9856130de4d61b02d6db4f676b4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
ab515d9895f28c93bb8dbf7090f1206e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab515d9895f28c93bb8dbf7090f1206e.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1319c4c43a4607a471af204b9044d622064b0782011d751bca6dc2ca10e0f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab515d9895f28c93bb8dbf7090f1206e.jpeg
age
2561955
edge-cache-tag
328869905289344028489765850892341152885,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
328869905289344028489765850892341152885,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
172
req-referer
https://investructor.com/
content-length
77370
x-request-id
56b027e15521fdf10d177ddf350494d6
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000166-IAD, cache-iad-kcgs7200027-IAD, cache-lax-kwhp1940037-LAX, cache-iad-kcgs7200028-IAD, cache-fra-etou8220042-FRA
last-modified
Thu, 16 Nov 2023 11:10:14 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=135415,owidth=1000,oheight=600,obytes=550418
x-timer
S1702695753.756082,VS0,VE0
etag
"26c33a410aa239d4a4593041d9eb362c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 2
7bbe8aa581187e147c7403cdbcb1dcf8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7bbe8aa581187e147c7403cdbcb1dcf8.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7b1062f7c6bf4d592608c3aa18abcff0344e66e98dd4bc89b3db5b8d36e85aba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7bbe8aa581187e147c7403cdbcb1dcf8.png
age
138973
edge-cache-tag
522108669499032248938959992943685868759,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
522108669499032248938959992943685868759,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
542
req-referer
https://www.diehundezeitung.com/
content-length
20186
x-request-id
2e29c890dd5dbf76b1f52bf3b494486c
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000074-IAD, cache-iad-kiad7000039-IAD, cache-lga21938-LGA, cache-iad-kcgs7200136-IAD, cache-fra-etou8220042-FRA
last-modified
Thu, 14 Dec 2023 09:38:03 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=39032,owidth=1500,oheight=1000,obytes=2398861,ef=(1,13,17,23,30)
x-timer
S1702695753.756456,VS0,VE1
etag
"b62acdf9d51c982cff083a29fdd8673a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
f8cf890bd82fe3c03926b9aac489a301.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f8cf890bd82fe3c03926b9aac489a301.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0726038a625f5d70b7ddda9d1a20d9cd0925e03c035b1bee62fa5df4696e0216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f8cf890bd82fe3c03926b9aac489a301.png
age
1348990
edge-cache-tag
443585993254176392709509941664157148677,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
443585993254176392709509941664157148677,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
400
req-referer
https://www.kurier.de/
content-length
29864
x-request-id
96318959cd11cc2b0f16af36449fb13e
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kiad7000034-IAD, cache-lga21926-LGA, cache-iad-kiad7000035-IAD, cache-fra-etou8220042-FRA
last-modified
Thu, 30 Nov 2023 05:33:34 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=44214,owidth=1200,oheight=800,obytes=1481913
x-timer
S1702695753.756448,VS0,VE1
etag
"b77f7e31ef25e49aa421d1d82eb390f5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 33, 1
5319d8a1f6a4ea89090392b15f8e7a52.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_17/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_17/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5319d8a1f6a4ea89090392b15f8e7a52.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3883c637af0f0fd6d799b25accf959d4d828d93856c225ebf3eadbd421c0a7a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_17/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5319d8a1f6a4ea89090392b15f8e7a52.png
age
299284
edge-cache-tag
310683571962317940898649286781419957212,373520236059341755824899149448805271876,29ecf9b93bbf306179626feeda1fab70
cache-tag
310683571962317940898649286781419957212,373520236059341755824899149448805271876,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
673
req-referer
https://ads.taboola.com/
content-length
63370
x-request-id
c9a30d07017de61e2960afa74120b64f
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200110-IAD, cache-iad-kjyo7100140-IAD, cache-lga21942-LGA, cache-iad-kjyo7100140-IAD, cache-fra-etou8220042-FRA
last-modified
Tue, 12 Dec 2023 15:54:26 GMT
server
nginx
surrogate-reporting
width=1199,height=674,bytes=111034,owidth=1200,oheight=827,obytes=1471204,ef=(1,13,17,23,30)
x-timer
S1702695753.756449,VS0,VE0
etag
"8037c7805ae60cfda29bc668ed36f361"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 269
container.html
dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA8F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sun, 15 Dec 2024 03:02:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c85fd58a6e168987fa57ecdc7d39c25f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c85fd58a6e168987fa57ecdc7d39c25f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6d7b54989fe886d8bbff8c71594aeef8941e034fe439e6d5d1cd4ea308e4da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
235
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c85fd58a6e168987fa57ecdc7d39c25f.png
age
0
edge-cache-tag
470890937811096928602757729207966275338,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
cache-tag
470890937811096928602757729207966275338,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
77
req-referer
https://blog.wapka.xyz/
content-length
3574
x-request-id
24df0b847dcf4853bf30653260bc2087
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100178-IAD, cache-iad-kcgs7200175-IAD, cache-lga21925-LGA, cache-iad-kiad7000105-IAD, cache-fra-etou8220042-FRA
last-modified
Tue, 28 Nov 2023 11:11:02 GMT
server
nginx
surrogate-reporting
width=160,height=107,bytes=4797,owidth=600,oheight=896,obytes=871218
x-timer
S1702695753.766537,VS0,VE235
etag
"2780e4a7304f56be3079a897ab6807c0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 17, 1
tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		138 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Requested by
Host: apv-launcher.minute.ly
URL: https://apv-launcher.minute.ly/api/launcher/MIN-516310.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985e21298ee9f5e3c80214000d34a1827d8032d57422934f2feef400fa591f74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
2, 4
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
6T8EQD04FMBV2YR4
age
2110988
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
40656
x-amz-id-2
NXy3xO+Gm9ocEKnOXL2ZSdoY8Vf24Cir6GUW/7ATFl+MxpLEGtHyPST3rtaUMzuEbOUH2BhrxI8=
x-served-by
cache-iad-kcgs7200066-IAD, cache-fra-eddf8230100-FRA
last-modified
Sun, 15 Oct 2023 07:17:24 GMT
server
cloudflare
x-timer
S1702695753.825827,VS0,VE0
etag
"3418050a21530b192c1bab2fc7e163b1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8363b027180b3606-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=5322ba76f610a7fe3eeff838e6d6e72f&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695751_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&d=%7B%22type%22%3A%22videoReel-pageload%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=04%3A02%3A32.755&id=945&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7490
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695753.767804,VS0,VE10
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
64afb2fa3f7c0c2167ee41e0927ab226.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64afb2fa3f7c0c2167ee41e0927ab226.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8714ca9660a9693b36fab864a7ccda1ace5b522489133209acfe5eb5f5740552

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64afb2fa3f7c0c2167ee41e0927ab226.jpg
age
1270202
edge-cache-tag
306971698270442488496225556722597122028,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
306971698270442488496225556722597122028,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
836
req-referer
https://www.augsburger-allgemeine.de/
content-length
28026
x-request-id
7703281526a31a9985c75f3dc3e14e8b
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000135-IAD, cache-iad-kiad7000165-IAD, cache-lax-kwhp1940025-LAX, cache-iad-kiad7000040-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 01 Dec 2023 08:24:34 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=33446,owidth=1200,oheight=800,obytes=175475
x-timer
S1702695753.774146,VS0,VE0
etag
"606278c821efa623bd727a4a88c94b2e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1d34d9360bf7b20b2bc7f617e311fc00e2701790c89ddcbb1a8b9492ee19fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8d09eac6e9c9897dd22885bcaabb6e1e.jpeg
age
663623
edge-cache-tag
430448083929883128751191760526608857454,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
430448083929883128751191760526608857454,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
116
req-referer
https://fancy24.eu/
content-length
19956
x-request-id
9f2e6d1e103d94f8b44a832aef4dc3eb
x-backend-name
CH_nlb802
x-served-by
cache-iad-kjyo7100124-IAD, cache-iad-kjyo7100035-IAD, cache-lga21933-LGA, cache-iad-kiad7000153-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 08 Dec 2023 10:42:10 GMT
server
nginx
surrogate-reporting
width=932,height=517,bytes=57894,owidth=932,oheight=582,obytes=128865
x-timer
S1702695753.774510,VS0,VE0
etag
"c55174b913c33af59a1e46de82a07e17"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 2
31c431056b091aea1ef4b804aeacee0d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/31c431056b091aea1ef4b804aeacee0d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ae0209ee3efe384229f3d84d12fef6c514e26548e24dfb28b2a614f616b23860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/31c431056b091aea1ef4b804aeacee0d.png
age
3209910
edge-cache-tag
521905498663367633710541409358798272650,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
521905498663367633710541409358798272650,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
477
req-referer
https://www.karlsruhe-insider.de/
content-length
15332
x-request-id
8c08b01054e2fa1137d2b4572c68fffd
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100168-IAD, cache-iad-kjyo7100062-IAD, cache-sna10736-LGB, cache-iad-kiad7000068-IAD, cache-fra-etou8220042-FRA
last-modified
Mon, 02 Oct 2023 15:37:13 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=33518,owidth=1024,oheight=833,obytes=1076910
x-timer
S1702695753.774479,VS0,VE0
etag
"01327154aad51522a10e6c2c34938028"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5832e7b1161d4c5d7a4d9321474f0e5b60978981e266d4254d4731d90e76c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ffc7d0a84f8cbb1737bfb7cbb8c4b217.png
age
222611
edge-cache-tag
335444885133266968752896752173434359422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
335444885133266968752896752173434359422,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
211
expiration
expiry-date="Mon, 25 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.watson.de/
content-length
20864
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000092-IAD, cache-iad-kjyo7100158-IAD, cache-lga21934-LGA, cache-iad-kiad7000046-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 24 Nov 2023 13:50:19 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=23573,owidth=600,oheight=400,obytes=329618
x-timer
S1702695753.774471,VS0,VE0
etag
"c853d7db0e51c40ef0081b31bf0472c3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 10
242539260f63a0747c93d98a79c54310.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/242539260f63a0747c93d98a79c54310.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8d70459db62c246981231f38d44f2fc338a9394dc18720e0fe66577fa87d029

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/242539260f63a0747c93d98a79c54310.png
age
4041949
edge-cache-tag
330909382232880183499343241642809654123,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
330909382232880183499343241642809654123,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
131
req-referer
https://cdn.taboola.com/
content-length
89162
x-request-id
a343234b4d703712ae0a4b945f55efff
x-backend-name
US_nlb104
x-served-by
cache-iad-kcgs7200062-IAD, cache-iad-kiad7000146-IAD, cache-iad-kiad7000172-IAD, cache-fra-etou8220042-FRA
last-modified
Mon, 30 Oct 2023 08:03:10 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=166287,owidth=1000,oheight=600,obytes=1535599
x-timer
S1702695753.774430,VS0,VE0
etag
"02257440632c24008f2a8c313dc627e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2, 2
32f3fff616702a4cedf32b67795028de.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32f3fff616702a4cedf32b67795028de.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa36ae562963a93b1181f56d0079c422d85ce9969f1e0f391cf46f5478f752ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/32f3fff616702a4cedf32b67795028de.jpg
age
128809
edge-cache-tag
567278900994004249683827301186378243653,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
567278900994004249683827301186378243653,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
459
req-referer
https://www.fussballtransfers.com/
content-length
36320
x-request-id
4d6bafd67a3034ccef2e4867bd9a3764
x-backend-name
US_nlb105
x-served-by
cache-iad-kjyo7100101-IAD, cache-iad-kiad7000127-IAD, cache-ewr18161-EWR, cache-iad-kcgs7200167-IAD, cache-fra-etou8220042-FRA
last-modified
Mon, 11 Dec 2023 11:35:51 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=53480,owidth=1500,oheight=1000,obytes=128116,ef=(1,13,17,23,30)
x-timer
S1702695753.784787,VS0,VE0
etag
"42dc97280743d025e0e2f70c2d85fa7e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
df131adc1570a875c48731e3bb5ee82c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df131adc1570a875c48731e3bb5ee82c.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
656985ea1d2b50a2585a1099dcd80a31348e6e45760c0d96947a17ff234dab65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df131adc1570a875c48731e3bb5ee82c.png
age
1172994
edge-cache-tag
541394118002638703420422170101642682339,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
541394118002638703420422170101642682339,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
151
expiration
expiry-date="Mon, 06 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tippsundtricks.co/
content-length
23234
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100070-IAD, cache-iad-kjyo7100070-IAD, cache-lax-kwhp1940049-LAX, cache-iad-kjyo7100153-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 06 Oct 2023 13:19:13 GMT
server
nginx
surrogate-reporting
width=600,height=333,bytes=33079,owidth=600,oheight=600,obytes=498130
x-timer
S1702695753.787718,VS0,VE0
etag
"1d60fac8b20d21ea034cdaeff389eb50"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 28, 0, 19, 2
cfd80db57f304463e5686837f074d9ad.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfd80db57f304463e5686837f074d9ad.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1028d4cb1b58d40ac786525eff481970ddb7a9caf5baefdd9fae01f816c13254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfd80db57f304463e5686837f074d9ad.png
age
5061064
edge-cache-tag
340955847638608330389613144424760946790,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
340955847638608330389613144424760946790,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
120
req-referer
https://www.express.de/
content-length
17266
x-request-id
237e6dff74b3a237a44239534f342b87
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200177-IAD, cache-iad-kiad7000074-IAD, cache-iad-kcgs7200067-IAD, cache-fra-etou8220042-FRA
last-modified
Thu, 31 Aug 2023 22:18:49 GMT
server
nginx
x-timer
S1702695753.787367,VS0,VE0
etag
"7d3ac633748e83dce8366adb7068ac38"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2, 2
supply-feature
trc-events.taboola.com/graytv-wvirnbc29/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/graytv-wvirnbc29/log/3/supply-feature?lti=deflated&ri=cc7c6fa0d238722a47eb26107b52fbe5&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695751_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%223.46875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=04%3A02%3A32.791&id=4432&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
rtb
rtb.ads.travelaudience.com/ Frame 4E62 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
86781b16003bc88f6f5631458304b27000b4aff24a259fdda870f52afab762c8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 16 Dec 2023 03:02:32 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-engine-version
0.0.0
x-host
deliveryengine-rtb-production-765454475-2tm29
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BA8F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
45891
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BA8F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BA8F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
350763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 01:36:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BA8F 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Dec 2023 03:02:32 GMT
js
www.googletagmanager.com/gtag/ Frame 7878 		174 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22922522-3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e87f20ae81a3468381e43429f8473e8f298c338d1b8e3c1f2a87da7c48e13ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
64854
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Dec 2023 03:02:32 GMT
collect
region1.google-analytics.com/g/ Frame 7878 		0
69 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-794QV8SQ9L&gtm=45je3bt0v873184827&_p=1702695751614&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&cid=265917879.1702695753&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=%2Fwvir.calendar&dr=https%3A%2F%2Fwww.29news.com%2F&sid=1702695752&sct=1&seg=0&dt=WVIR%20Community%20Calendar&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.transport_type=beacon&tfd=1609
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tockify.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
93b00cf9420a16b5bd28580926bed799
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93b00cf9420a16b5bd28580926bed799
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51d5a3c37bd0e20bfa9856f24fff86386a7fe173f244ee3836c8f6cc34a436a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/93b00cf9420a16b5bd28580926bed799
age
2197367
edge-cache-tag
349087921095247456509117759328833712828,458819120031143973608810691998763911622,29ecf9b93bbf306179626feeda1fab70
cache-tag
349087921095247456509117759328833712828,458819120031143973608810691998763911622,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
712
req-referer
https://lifestyleguroz.com/
content-length
42320
x-request-id
6c9d1cffeb9ab29044b6c320db97e34a
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000137-IAD, cache-iad-kjyo7100132-IAD, cache-lax-kwhp1940026-LAX, cache-iad-kjyo7100031-IAD, cache-fra-etou8220042-FRA
last-modified
Sun, 19 Nov 2023 14:47:20 GMT
server
nginx
surrogate-reporting
width=760,height=423,bytes=65438,owidth=1445,oheight=1445,obytes=324566
x-timer
S1702695753.834140,VS0,VE0
etag
"5f32e9856130de4d61b02d6db4f676b4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 3
ab515d9895f28c93bb8dbf7090f1206e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab515d9895f28c93bb8dbf7090f1206e.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a1319c4c43a4607a471af204b9044d622064b0782011d751bca6dc2ca10e0f41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_423%2Cw_760%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ab515d9895f28c93bb8dbf7090f1206e.jpeg
age
2561955
edge-cache-tag
328869905289344028489765850892341152885,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
328869905289344028489765850892341152885,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
172
req-referer
https://investructor.com/
content-length
77370
x-request-id
56b027e15521fdf10d177ddf350494d6
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000166-IAD, cache-iad-kcgs7200027-IAD, cache-lax-kwhp1940037-LAX, cache-iad-kcgs7200028-IAD, cache-fra-etou8220042-FRA
last-modified
Thu, 16 Nov 2023 11:10:14 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=135415,owidth=1000,oheight=600,obytes=550418
x-timer
S1702695753.834931,VS0,VE0
etag
"26c33a410aa239d4a4593041d9eb362c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 3
7bbe8aa581187e147c7403cdbcb1dcf8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7bbe8aa581187e147c7403cdbcb1dcf8.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7b1062f7c6bf4d592608c3aa18abcff0344e66e98dd4bc89b3db5b8d36e85aba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7bbe8aa581187e147c7403cdbcb1dcf8.png
age
138973
edge-cache-tag
522108669499032248938959992943685868759,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
522108669499032248938959992943685868759,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
542
req-referer
https://www.diehundezeitung.com/
content-length
20186
x-request-id
2e29c890dd5dbf76b1f52bf3b494486c
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000074-IAD, cache-iad-kiad7000039-IAD, cache-lga21938-LGA, cache-iad-kcgs7200136-IAD, cache-fra-etou8220042-FRA
last-modified
Thu, 14 Dec 2023 09:38:03 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=39032,owidth=1500,oheight=1000,obytes=2398861,ef=(1,13,17,23,30)
x-timer
S1702695753.834414,VS0,VE0
etag
"b62acdf9d51c982cff083a29fdd8673a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
f8cf890bd82fe3c03926b9aac489a301.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f8cf890bd82fe3c03926b9aac489a301.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0726038a625f5d70b7ddda9d1a20d9cd0925e03c035b1bee62fa5df4696e0216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f8cf890bd82fe3c03926b9aac489a301.png
age
1348990
edge-cache-tag
443585993254176392709509941664157148677,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
cache-tag
443585993254176392709509941664157148677,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
400
req-referer
https://www.kurier.de/
content-length
29864
x-request-id
96318959cd11cc2b0f16af36449fb13e
x-backend-name
CH_nlb804
x-served-by
cache-iad-kjyo7100092-IAD, cache-iad-kiad7000034-IAD, cache-lga21926-LGA, cache-iad-kiad7000035-IAD, cache-fra-etou8220042-FRA
last-modified
Thu, 30 Nov 2023 05:33:34 GMT
server
nginx
surrogate-reporting
width=500,height=278,bytes=44214,owidth=1200,oheight=800,obytes=1481913
x-timer
S1702695753.834669,VS0,VE0
etag
"b77f7e31ef25e49aa421d1d82eb390f5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 33, 2
5319d8a1f6a4ea89090392b15f8e7a52.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_17/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_17/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5319d8a1f6a4ea89090392b15f8e7a52.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3883c637af0f0fd6d799b25accf959d4d828d93856c225ebf3eadbd421c0a7a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_1.7778%2Cw_1199%2Cx_1%2Cy_17/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5319d8a1f6a4ea89090392b15f8e7a52.png
age
299284
edge-cache-tag
310683571962317940898649286781419957212,373520236059341755824899149448805271876,29ecf9b93bbf306179626feeda1fab70
cache-tag
310683571962317940898649286781419957212,373520236059341755824899149448805271876,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
673
req-referer
https://ads.taboola.com/
content-length
63370
x-request-id
c9a30d07017de61e2960afa74120b64f
x-backend-name
US_nlb106
x-served-by
cache-iad-kcgs7200110-IAD, cache-iad-kjyo7100140-IAD, cache-lga21942-LGA, cache-iad-kjyo7100140-IAD, cache-fra-etou8220042-FRA
last-modified
Tue, 12 Dec 2023 15:54:26 GMT
server
nginx
surrogate-reporting
width=1199,height=674,bytes=111034,owidth=1200,oheight=827,obytes=1471204,ef=(1,13,17,23,30)
x-timer
S1702695753.834394,VS0,VE0
etag
"8037c7805ae60cfda29bc668ed36f361"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 3, 270
json
hp.taboola.com/graytv-wvirnbc29/trc/3/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hp.taboola.com/graytv-wvirnbc29/trc/3/json?tim=04%3A02%3A32.835&lti=deflated&data=%7B%22id%22%3A489%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3A%22v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695752_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA%22%2C%22ui%22%3A%22da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7%22%2C%22uifp%22%3A%22da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7%22%2C%22lbt%22%3A1702685083480%2C%22vi%22%3A1702695751405%2C%22cv%22%3A%2220231214-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.29news.com%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Fwww.29news.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7988%2C%22nsid%22%3A%22meredith-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A0%2C%22uim%22%3A%22organic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22uip%22%3A%22HP%20More%20News%202%22%2C%22orig_uip%22%3A%22HP%20More%20News%202%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%5D%2C%22ex%22%3A%5B%22%2F2023%2F12%2F15%2Fmattress-pad-recall%2F%22%2C%22%2F2023%2F12%2F15%2Fhealth-officials-warn-accidental-poisonings-around-holidays%2F%22%2C%22%2F2023%2F12%2F15%2Fcharlottesville-area-florist-growing-fast%2F%22%2C%22%2F2023%2F12%2F15%2Fmemorial-plans-wilson-alden-richey%2F%22%2C%22%2F2023%2F12%2F15%2Fcrews-put-out-fire-albemarle-townhome%2F%22%2C%22%2F2023%2F12%2F15%2Flegal-aid-justice-center-calling-lawmakers-make-changes-court-fees%2F%22%2C%22%2F2023%2F12%2F15%2Fpolice-investigating-reported-armed-robbery-albemarle-store%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fpolice-investigating-reported-robbery-albemarle-store-12p%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fcrews-put-fire-albemarle-townhome%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fcharlottesville-area-florist-growing-fast%2F%22%2C%22%2Fvideo%2F2023%2F12%2F15%2Fmemorial-plans-will-richey%2F%22%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHP%20More%20News%202%3Dorganic-hp-swap-mode%3Apub%3Dmeredith-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_3%22%2C%22trcDomain%22%3A%22hp.taboola.com%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81a6ef2ad173cb2d69b77a1bb4535e3516028db69c45dbbbecd87eb0c34c6952

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
41
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.28229166666666666
x-fastly-to-nlb-rtt
7365
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1702695753.836814,VS0,VE41
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.29news.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
collect
region1.google-analytics.com/g/ Frame 7878 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-794QV8SQ9L&gtm=45je3bt0v873184827&_p=1702695751614&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&cid=265917879.1702695753&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dl=%2Fwvir.calendar%2Fupcoming&dr=https%3A%2F%2Fwww.29news.com%2F&sid=1702695752&sct=1&seg=1&dt=WVIR%20Community%20Calendar&en=page_view&_ee=1&ep.transport_type=beacon&tfd=1624
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tockify.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
532.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		66 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/532.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8bd226cdf91c81d69a90eec8ded92138adf203d05cbab1f09f68d85bc6baf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 8
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
E50DXZWCFM8SD1G3
age
2110988
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
8552
x-amz-id-2
lmDeFatEHNenkNDbP4VLAqQa/L7DxzNCyLr7GJKLD/BlZp9ivZYvWMh27O5FajnIU8Vl3RW0NHE=
x-served-by
cache-iad-kiad7000037-IAD, cache-fra-eddf8230100-FRA
last-modified
Sun, 15 Oct 2023 07:17:17 GMT
server
cloudflare
x-timer
S1702695753.860894,VS0,VE0
etag
"c4a13ea4e02c933cce4586fa1e25c0b6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8363b027584a3606-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
_.gif
counter.tldw.me/ 		0
169 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8363b02768663606-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 16 Dec 2023 03:02:32 GMT
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=5322ba76f610a7fe3eeff838e6d6e72f&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695752_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&d=%7B%22type%22%3A%22videoReel-compatible%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=04%3A02%3A32.849&id=4151&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
12
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7479
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695753.851266,VS0,VE12
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
css
fonts.googleapis.com/ 		2 KB
688 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a80283a2a54ea158b37690f2c26663c329737910163b122fed2c5766c9b95962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Dec 2023 01:52:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Dec 2023 03:02:32 GMT
784.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/784.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa0fe7bfa14cc45a5b9b0c5eee68844d87dd5c8bf88eab7f416065a54e2dde9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 2
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
KM8SHMEQWQ1VN78B
age
2110977
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1848
x-amz-id-2
zaGaLHV+M4w5ZDb52nTAn49s+fEkf6Vv8o7Fhbpb80G878MHBsBLQeUXKe8Fo0QZXihkPHYDzLc=
x-served-by
cache-iad-kcgs7200110-IAD, cache-fra-eddf8230100-FRA
last-modified
Sun, 15 Oct 2023 07:17:14 GMT
server
cloudflare
x-timer
S1702695753.878106,VS0,VE0
etag
"ae6b74a655637d6517be20402b28429d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8363b02768553606-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
298.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/298.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44948fce039263b30389aba4b5d19d5723382b84cc9a7a56887324c650d61a48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 11
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
E503FA53NK04JEG6
age
2110987
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
2695
x-amz-id-2
aZPTAKUuFH8m3V+ljerieyONnhEcKlFx1rdMop7NFwlW2BbdkaaxZczoyU4Ohvqq9SK+tlD0uEU=
x-served-by
cache-iad-kjyo7100026-IAD, cache-fra-eddf8230133-FRA
last-modified
Sun, 15 Oct 2023 07:17:08 GMT
server
cloudflare
x-timer
S1702695753.872570,VS0,VE0
etag
"d4b536dd2bb2bd6c4ca716af3c7490a1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8363b02768563606-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=5322ba76f610a7fe3eeff838e6d6e72f&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695752_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&d=%7B%22type%22%3A%22videoReel-available%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=04%3A02%3A32.857&id=5994&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7478
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695753.859978,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
v-b98d2f1c-83bb-4948-3404690-87ad-1985bad8f04d-s114.181-121.121tvl.mp4
apv-static.tldw.me/videos/ 		378 KB
378 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-b98d2f1c-83bb-4948-3404690-87ad-1985bad8f04d-s114.181-121.121tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
265cde21a31bf5129655195869debc3e9fb2983a2c830d400768108fd21ed344

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
j8.HDNmMFOXpFxve2.zD4.5DC3zKD3pk
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 03:02:32 GMT
x-amz-request-id
7430VVCZZ1GQJH59
age
727314
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 0-386574/386575
Content-Length
386575
x-amz-id-2
j27iolGs/Mto/YnoxgxSDWpmTQSRyBkSUoEe/v1Jmsv1Kj9+I4xuaHRy7RYkAtf0TkajTudtNqY=
x-served-by
cache-iad-kiad7000080-IAD, cache-fra-etou8220094-FRA
last-modified
Thu, 07 Dec 2023 15:56:17 GMT
server
AmazonS3
x-timer
S1702695753.889642,VS0,VE1
etag
"8ebf2bf2648232712f83fffc3bb62732"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
6208, 0
673e8e58-4b31-4bb1-9296-cc8fb931f7fe
https://www.29news.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.29news.com/673e8e58-4b31-4bb1-9296-cc8fb931f7fe
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/ Frame BA8F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba9fcbdebf4a1a9135a4f2335e84147f8f1ec9a9dbd4557670ab607fa1d74260

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ Frame 7878 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22922522-3&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 01:48:14 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4458
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Dec 2023 03:48:14 GMT
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 16:39:23 GMT
x-content-type-options
nosniff
age
37389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20824
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 14 Dec 2024 16:39:23 GMT
3e3c12c164fdb386a01a6354f910a160.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_567%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_567%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e3c12c164fdb386a01a6354f910a160.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4347045cbe6553f9321a2f82203a5791cacbc30fbeb19f2a60d9c1ccc3c3925d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_567%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e3c12c164fdb386a01a6354f910a160.png
age
57480
edge-cache-tag
425367507080442546747518404233857382367,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
425367507080442546747518404233857382367,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
272
req-referer
https://whoswho.de/
content-length
36184
x-request-id
aad74b9138916fa4adfd37efd54ab1f2
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200020-IAD, cache-iad-kcgs7200093-IAD, cache-lax-kwhp1940041-LAX, cache-iad-kiad7000038-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 15 Dec 2023 11:04:33 GMT
server
nginx
surrogate-reporting
width=1067,height=592,bytes=54036,owidth=1067,oheight=600,obytes=457212,ef=(1,13,17,23,30)
x-timer
S1702695753.916847,VS0,VE2
etag
"1431b746337f91c624d20a9ad6797cea"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 1
async_usersync
ib.adnxs.com/ Frame 8E42 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
an-x-request-uuid
423eb528-4a08-4d61-b89b-c4521c26f7b0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame CF9A 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
an-x-request-uuid
5592a906-ac4d-44cd-b48d-b0b7c741ebd3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2A57 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
an-x-request-uuid
ba13932a-e937-498b-8e45-78bcd89d73ce
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6015 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
an-x-request-uuid
ef5c7c3a-b30c-4559-bd5a-fa9f46a8e07a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F9A8 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:32 GMT
an-x-request-uuid
322b6eb7-e3e3-4773-98e2-00c7ec745813
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7EB9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Dec 2023 03:02:31 GMT
expires
Sun, 15 Dec 2024 03:02:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
el.ashx
ads.travelaudience.com/ Frame 4E62 		631 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.10986622899082209&adPos=&ai1=1%3B30000734%3B16%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3BStcQOJoaADOzAwnr6Vh5Xg%3D%3D%3B60027404%3B999%252c1%3B%3B%3B2%3B4%3B50005906%3BcpWsPs0FaIeXvIrK-ataOg%3D%3D%3BUSD%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70016359%3B4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-6c8d77fbc7-pfwz7&bnr=0&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=970x250&gcpm=4416069&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=04&sc=&site=www.29news.com&ssp=0&sv=1&tsf=&ua=&uc=DE&ucy=&uuid=29344569-727E-425D-9B9F-2880676D01B7&view=&vrt=&vw=&wp=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/jpeg
x-host
tde-deliveryengine-production-6b95976987-rhcz5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
970x250.jpg
static.travelaudience.com/img/import/visit_savannah/Q42023/German/ Frame 4E62 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/visit_savannah/Q42023/German/970x250.jpg
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
18ea6813f582d678ee930081c6be14d8cb3129e168157d02ad06e9dc4619a6b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:29 GMT
age
3
x-guploader-uploadid
ABPtcPqGJJSLv4GX3IexiTypnGkgLup0sqrKqUbNgcMxAAAZQKNUoK0G-3HnvRjlkDkBPnrYu4ahnxhbiw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202713
last-modified
Mon, 30 Oct 2023 15:33:51 GMT
server
UploadServer
etag
"b9082c842682623dac00109d1be845fa"
vary
Origin
x-goog-generation
1698680031718977
x-goog-hash
crc32c=l4eHew==, md5=uQgshCaCYj2sABCdG+hF+g==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
202713
accept-ranges
bytes
expires
Sat, 16 Dec 2023 04:02:29 GMT
moatad.js
z.moatads.com/travel198849194933/ Frame 4E62 		334 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/travel198849194933/moatad.js
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
46fca6dc6e672a29d25c9bf87c1402e9ba22990aa214ab0d8c848fdc40862df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:33:51 GMT
server
AmazonS3
x-amz-request-id
FFQHGTMB5W7CY91P
etag
"9521db5e6c70e50593db6744649776f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=37700
accept-ranges
bytes
content-length
115798
x-amz-id-2
igXf06Axmq/a6BYVLd7vzhsQLN7bo4tDbYcbiRFCjbkpABllzo0yupLPiACS2XePt2RB3nwU9Dg=
creative.js
ads.travelaudience.com/js/ Frame 4E62 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
3084a495bd132318b7c2399889654e5a8ff35cd1f0f345586ed8f0c988fec767

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 15 Dec 2023 23:17:17 GMT
server
nginx/1.21.6
etag
W/"657cde7d-e1b5"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 17 Dec 2023 03:02:32 GMT
3e3c12c164fdb386a01a6354f910a160.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_567%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_567%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e3c12c164fdb386a01a6354f910a160.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4347045cbe6553f9321a2f82203a5791cacbc30fbeb19f2a60d9c1ccc3c3925d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:32 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_567%2Cw_1020%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3e3c12c164fdb386a01a6354f910a160.png
age
57480
edge-cache-tag
425367507080442546747518404233857382367,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
425367507080442546747518404233857382367,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
272
req-referer
https://whoswho.de/
content-length
36184
x-request-id
aad74b9138916fa4adfd37efd54ab1f2
x-backend-name
LA_nlb203
x-served-by
cache-iad-kcgs7200020-IAD, cache-iad-kcgs7200093-IAD, cache-lax-kwhp1940041-LAX, cache-iad-kiad7000038-IAD, cache-fra-etou8220042-FRA
last-modified
Fri, 15 Dec 2023 11:04:33 GMT
server
nginx
surrogate-reporting
width=1067,height=592,bytes=54036,owidth=1067,oheight=600,obytes=457212,ef=(1,13,17,23,30)
x-timer
S1702695753.948174,VS0,VE0
etag
"1431b746337f91c624d20a9ad6797cea"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 0, 2
collect
www.google-analytics.com/ Frame 7878 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=452955877&t=pageview&_s=1&dl=https%3A%2F%2Ftockify.com%2Fwvir.calendar%2Fupcoming&dr=https%3A%2F%2Fwww.29news.com%2F&ul=en-us&de=UTF-8&dt=WVIR%20Community%20Calendar&sd=24-bit&sr=1600x1200&vp=300x406&je=0&_u=YAgAAQABAAAAAAAAIE~&cid=265917879.1702695753&tid=UA-22922522-3&_gid=2030489549.1702695753&gtm=457e3bt0z8873184827&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&jsscut=1&z=1479952349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 07:51:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
69089
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rtb
rtb.ads.travelaudience.com/ Frame BC05 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
c46f164c88960571a92fc5e442ec198e261ab73ee89583e9c8f7030b4a48a32d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 16 Dec 2023 03:02:32 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-engine-version
0.0.0
x-host
deliveryengine-rtb-production-765454475-x6c6j
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7EB9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 14:17:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
45891
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Dec 2023 14:17:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7EB9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:54:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
4093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Dec 2023 01:54:19 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7EB9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
350763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 11 Dec 2024 01:36:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7EB9 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Dec 2023 03:02:32 GMT
truncated
/ Frame 7EB9 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1da07ed1bd458c8d42566be19ff3b339aa8797b2920415f9b11497fca8e0ce54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
el.ashx
ads.travelaudience.com/ Frame BC05 		631 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.856013333938955&adPos=&ai1=1%3B30000734%3B16%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3BStcQOJoaADOzAwnr6Vh5Xg%3D%3D%3B60027404%3B999%252c1%3B%3B%3B2%3B4%3B50005906%3BcpWsPs0FaIeXvIrK-ataOg%3D%3D%3BUSD%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70016358%3BSkto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-6c8d77fbc7-796wq&bnr=0&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=728x90&gcpm=4312702&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=10&sc=&site=www.29news.com&ssp=0&sv=1&tsf=&ua=&uc=DE&ucy=&uuid=29344569-727E-425D-9B9F-2880676D01B7&view=&vrt=&vw=&wp=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/jpeg
x-host
tde-deliveryengine-production-6b95976987-26nzd
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
728x90.jpg
static.travelaudience.com/img/import/visit_savannah/Q42023/German/ Frame BC05 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.travelaudience.com/img/import/visit_savannah/Q42023/German/728x90.jpg
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
def5bbfa0e81a2fbcd2fb6c1d587f96658c1d7a2e97e63f046f67d4a25a626f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 02:51:41 GMT
age
651
x-guploader-uploadid
ABPtcPqOR06CozGFEJjATz9fZ3rjt6fAsnSFj81RO19cHUSkVUGMK0D00-rfJkL1F3YqDep9EDJXVcz1Ow
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63261
last-modified
Mon, 30 Oct 2023 15:33:52 GMT
server
UploadServer
etag
"445498e900a39b411d667706ead518b8"
vary
Origin
x-goog-generation
1698680032067854
x-goog-hash
crc32c=EuNOFQ==, md5=RFSY6QCjm0EdZncG6tUYuA==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
63261
accept-ranges
bytes
expires
Sat, 16 Dec 2023 03:51:41 GMT
moatad.js
z.moatads.com/travel198849194933/ Frame BC05 		334 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/travel198849194933/moatad.js
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
46fca6dc6e672a29d25c9bf87c1402e9ba22990aa214ab0d8c848fdc40862df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
last-modified
Mon, 04 Dec 2023 07:33:51 GMT
server
AmazonS3
x-amz-request-id
FFQHGTMB5W7CY91P
etag
"9521db5e6c70e50593db6744649776f6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=37699
accept-ranges
bytes
content-length
115798
x-amz-id-2
igXf06Axmq/a6BYVLd7vzhsQLN7bo4tDbYcbiRFCjbkpABllzo0yupLPiACS2XePt2RB3nwU9Dg=
creative.js
ads.travelaudience.com/js/ Frame BC05 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
3084a495bd132318b7c2399889654e5a8ff35cd1f0f345586ed8f0c988fec767

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
public
date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
via
1.1 google
last-modified
Sat, 16 Dec 2023 00:04:52 GMT
server
nginx/1.21.6
etag
W/"657ce9a4-e1b5"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 17 Dec 2023 03:02:33 GMT
c85fd58a6e168987fa57ecdc7d39c25f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c85fd58a6e168987fa57ecdc7d39c25f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f6d7b54989fe886d8bbff8c71594aeef8941e034fe439e6d5d1cd4ea308e4da3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_107%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c85fd58a6e168987fa57ecdc7d39c25f.png
age
0
edge-cache-tag
470890937811096928602757729207966275338,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
cache-tag
470890937811096928602757729207966275338,586812539319807230366117120745388737208,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
77
req-referer
https://blog.wapka.xyz/
content-length
3574
x-request-id
24df0b847dcf4853bf30653260bc2087
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100178-IAD, cache-iad-kcgs7200175-IAD, cache-lga21925-LGA, cache-iad-kiad7000105-IAD, cache-fra-etou8220042-FRA
last-modified
Tue, 28 Nov 2023 11:11:02 GMT
server
nginx
surrogate-reporting
width=160,height=107,bytes=4797,owidth=600,oheight=896,obytes=871218
x-timer
S1702695753.023046,VS0,VE0
etag
"2780e4a7304f56be3079a897ab6807c0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 17, 2
n.js
mb.moatads.com/ Frame 4E62 		125 B
302 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XWfr9LOK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-bA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753031&de=307795652838&m=0&ar=cc84ca2002d-clean&iw=34392e3&q=2&cb=0&ym=0&cu=1702695753031&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000734%3A50005906%3A60027404%3A70016359&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=29news.com&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=970x250&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=970x250&zMoatDomain=29news.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A195%3A195%3A0%3A0&jk=-1&jm=-1&fs=206701&na=1262053521&cs=0&ord=1702695753031&jv=2083900027&callback=DOMlessLLDcallback_45544565
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
541e8db6db0acedc0e1f13283ee78037d879c820e38dc0ab62f6573f6bda96c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
server
istio-envoy
etag
"da9f0882767948738ad4691ef458532ec22b8691"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
6
timing-allow-origin
*
content-length
125
pixel.gif
px.moatads.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753031&de=307795652838&m=0&ar=cc84ca2002d-clean&iw=34392e3&q=3&cb=0&ym=0&cu=1702695753031&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000734%3A50005906%3A60027404%3A70016359&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=29news.com&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=970x250&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=970x250&zMoatDomain=29news.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A195%3A195%3A0%3A0&jk=-1&jm=-1&fs=206701&na=1806210848&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
js-err
rtb.ads.travelaudience.com/ Frame 4E62 		35 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.ads.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%253D%253D.60027404.OTk5JTJjMQ%3D%3D...cpWsPs0FaIeXvIrK-ataOg%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D970%26y%3D250%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%2526client%253Dca-pub-0883126725773026%2526adurl%253D%26googlewinningprice%3DZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw%26wpc%3DEUR%26site%3Dwww.29news.com%26slotvisibility%3D1%26gcpm%3D4416069%26gpos%3D1%26bidder%3Dbidder-rtb-production-6c8d77fbc7-pfwz7%26dv%3D1%26uuid%3D%26suid%3D%26brq%3D4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg%26ssp_id%3D0%26l%3Den%26ts%3D1702695752%26uc%3DDE%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DyPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI%3D
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Origin
https://rtb.ads.travelaudience.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin
https://rtb.ads.travelaudience.com
content-type
image/gif
VideoBidRequestHandlerServlet
wf.taboola.com/ 		21 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=624&height=350&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1702695753094&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1584&pt=-210320540&tz=60&viewable=true&ddast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3291224&dpubid=182887&abtst=adxsub-out_vA!adxsub-out_vB!adxsub_vA!mprdct01val_vA!video-reel_vA&mPre=0&cirf=https%3A%2F%2Fwww.29news.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cd3b3b005de17695241145f67bced934475b65402c0fdc93aac191059d6b40e0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1472
x-cache
MISS
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695753.096894,VS0,VE116
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&cmcv=&pix=31589837&cb=1702695753092&uv=3368&tms=1702695753092&abt=adxsub-out_vA!adxsub-out_vB!adxsub_vA!mprdct01val_vA!video-reel_vA&ft=0&unm=INSTREAM&debug=pn:!sqg:!torgn:1702695749563.3!ts:1702695753092&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
content-length
0
server
nginx
st
imprammp.taboola.com/ 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&cmcv=&pix=undefined&cb=1702695753092&uv=3368&tms=1702695753092&abt=adxsub-out_vA!adxsub-out_vB!adxsub_vA!mprdct01val_vA!video-reel_vA&ft=0&unm=INSTREAM&aure=false&agl=1&cirid=3ae6a7ff-413f-42ae-ab3c-0ca67bb4c79a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1702695753.097002,VS0,VE9
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-fra-etou8220033-FRA
st
imprammp.taboola.com/ Frame C4B5 		439 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&cmcv=&pix=undefined&cb=1702695753097&uv=3368&tms=1702695753097&abt=adxsub-out_vA!adxsub-out_vB!mprdct01val_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=5970c404-0685-4c17-bc1c-c299097d1b42&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
562c711b1304ad9a0a5ba5767014784ffdae0b94462d14e0d85972eeed1bf3c2

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sat, 16 Dec 2023 03:02:33 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220033-FRA
x-timer
S1702695753.100182,VS0,VE13
sync
am-match.taboola.com/ Frame E04E 		422 B
516 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
4356c765f0c9b65dc260114c2fb9b0e7e62880bcc80abde18a364c790e097f69

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 16 Dec 2023 03:02:33 GMT
machineid
3408
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702461749
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
6CDHVS36R08VG65W
age
233926
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702461750
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
XruSshPGSogZXCAYPVjCGo7+18kUaXTUqlsbmpC3j7FeoOhkvbxfB1UwBg16VJ9+hdISIcm5zJQ=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Wed, 13 Dec 2023 10:02:31 GMT
server
AmazonS3-br
x-timer
S1702695753.102829,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
185840
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_6_8/infra/ 		525 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
5fb1750807cbcd188c9507dc9d1c01a1c9477cd9b54316a333fe0c4b77985e56

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702461736
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9JRHA1T5YFXV7DR7
age
233923
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702461737
x-amz-meta-mode
33188
content-length
110952
x-amz-id-2
mSypDsvm6fsiykI7yF/Q/kTnVBaiH55gBBt7gNhe4kQXP/lMMPzYfMXBHDg50S1SbbPuwS3v4Bc=
x-served-by
cache-fra-etou8220028-FRA
last-modified
Wed, 13 Dec 2023 10:02:18 GMT
server
AmazonS3-br
x-timer
S1702695753.102933,VS0,VE0
etag
"9459759f1dd6fba462615a090c275d65"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
143095
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&cmcv=&pix=31589837&cb=1702695753097&uv=3368&tms=1702695753097&abt=adxsub-out_vA!adxsub-out_vB!mprdct01val_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1702695749563.3!ts:1702695753097&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
content-length
0
server
nginx
n.js
mb.moatads.com/ Frame BC05 		126 B
201 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5tyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-NM4Tcd8kL9Bk3A%3D%3D&sc=1&os=1-dA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753104&de=197206533317&m=0&ar=cc84ca2002d-clean&iw=34392e3&q=2&cb=0&ym=0&cu=1702695753104&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000734%3A50005906%3A60027404%3A70016358&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=29news.com&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=29news.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A81%3A81%3A0%3A0&jk=-1&jm=-1&fs=206701&na=1448149595&cs=0&ord=1702695753104&jv=982244255&callback=DOMlessLLDcallback_25213108
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
3cd4f09783b623a2493a3c93b3a48c3fc81c1f27a888221a7c54c7a4c8b2c02e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
server
istio-envoy
etag
"e98a947c9a17515162b0e313d0f275f2805d9bc5"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
7
timing-allow-origin
*
content-length
126
pixel.gif
px.moatads.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753104&de=197206533317&m=0&ar=cc84ca2002d-clean&iw=34392e3&q=3&cb=0&ym=0&cu=1702695753104&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=30000734%3A50005906%3A60027404%3A70016358&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=29news.com&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=728x90&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=29news.com&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A81%3A81%3A0%3A0&jk=-1&jm=-1&fs=206701&na=1208593826&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
pixel.gif
px.moatads.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fstatic.travelaudience.com%2Fimg%2Fimport%2Fvisit_savannah%2FQ42023%2FGerman%2F970x250.jpg&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XWfr9LOK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-bA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753031&de=307795652838&cu=1702695753031&m=51&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A195%3A195%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=31&cd=0&ah=31&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016359&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=970x250&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=970x250&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=206701&na=1887880523&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
generic
match.adsrvr.org/track/cmf/ Frame C4B5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&cmcv=&pix=undefined&cb=1702695753097&uv=3368&tms=1702695753097&abt=adxsub-out_vA!adxsub-out_vB!mprdct01val_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=5970c404-0685-4c17-bc1c-c299097d1b42&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame C4B5 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&cmcv=&pix=undefined&cb=1702695753097&uv=3368&tms=1702695753097&abt=adxsub-out_vA!adxsub-out_vB!mprdct01val_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=5970c404-0685-4c17-bc1c-c299097d1b42&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b770:182f:d3e9:1c89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame C4B5 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&cmcv=&pix=undefined&cb=1702695753097&uv=3368&tms=1702695753097&abt=adxsub-out_vA!adxsub-out_vB!mprdct01val_vA!scndvdunt_vA!ufm!video-reel_vA&ft=0&unm=FEED_MANAGER&aure=false&agl=1&cirid=5970c404-0685-4c17-bc1c-c299097d1b42&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
js-err
rtb.ads.travelaudience.com/ Frame BC05 		35 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.ads.travelaudience.com/js-err?description=Script%20error.&url=&line=0&col=0&parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%253D%253D.60027404.OTk5JTJjMQ%3D%3D...cpWsPs0FaIeXvIrK-ataOg%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D728%26y%3D90%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%2526num%253D1%2526sig%253DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%2526client%253Dca-pub-0883126725773026%2526adurl%253D%26googlewinningprice%3DZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg%26wpc%3DEUR%26site%3Dwww.29news.com%26slotvisibility%3D1%26gcpm%3D4312702%26gpos%3D1%26bidder%3Dbidder-rtb-production-6c8d77fbc7-796wq%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DSkto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA%26ssp_id%3D0%26l%3Den%26ts%3D1702695752%26uc%3DDE%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3DC2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o%3D
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Origin
https://rtb.ads.travelaudience.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin
https://rtb.ads.travelaudience.com
content-type
image/gif
pixel.gif
px.moatads.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fstatic.travelaudience.com%2Fimg%2Fimport%2Fvisit_savannah%2FQ42023%2FGerman%2F728x90.jpg&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5tyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-NM4Tcd8kL9Bk3A%3D%3D&sc=1&os=1-dA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753104&de=197206533317&cu=1702695753104&m=20&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A81%3A81%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=11&cd=0&ah=11&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016358&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=206701&na=58176974&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/ 		428 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
76c009cddf9e13e03f1c6ab8f56e2a0472c57ae0123bf4ad8ff383f61e45c382

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702376628
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
8SXY84F0YGYMZ0G8
age
319077
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702376641
x-amz-meta-mode
33188
content-length
82265
x-amz-id-2
A9HamS7JPpYSOE0Q8mU05u0wZK8mwwmTmaZ3GYCgKxOfWX7iCF2+L+07Xbu1YpucGAlvNFCu3LY=
x-served-by
cache-fra-etou8220028-FRA
last-modified
Tue, 12 Dec 2023 10:24:02 GMT
server
AmazonS3-br
x-timer
S1702695753.184435,VS0,VE0
etag
"3c4e11167fa4904c28b5e4f28dcc6a15"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
287104
sync
am-match.taboola.com/ Frame 0C8D 		577 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f2ab2eb5e18f1394730f256ff96ce7df0d13a1a475f801ea8a81aa7fe933962f

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 16 Dec 2023 03:02:33 GMT
machineid
3401
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame E04E 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E04E 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b770:182f:d3e9:1c89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame E04E 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.190.202 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-190-202.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
125488
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-etou8220033-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1702695753.209937,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
1374
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=31&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016359&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=970x250&ord=1702695753031&r=307795652838&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=11&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016358&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=728x90&ord=1702695753104&r=197206533317&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
getmu
ioms.bfmio.com/ 		49 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702695753223&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-54-235.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.29news.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 0C8D 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 0C8D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b770:182f:d3e9:1c89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame FF0B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YWYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYID-AEktd4ONaTBaC2bD1Vq0cezWEo9j49ZYlsvBcjdyTEyTISCp5W6wMQ1Ga8FsuFqLNo7dWuJxbNway3I5WO5GjolpMgUgxnKZDGqBhGX2-w5CvttlePhcBlHR9bbYHU6z5w0s0HQ6fK57ve73u0uWc5fvc9f43XYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DABQHhfkY_XaXzWU2-QMAAAAACAAAAAASAALKZyUAXqpbTvz_________xxigz7yR8f___3_DoAfAgw-AByEAAAAfQyxUhDacyOS1iBS0FmEEAAAAIOqrYOXIJJ2gYlHl__-_3wrAFQCAAEa4ySeeLLqDEm9hAAAAAMYs0MPi95sddo3f7TL__________2b-z_yjEYoavU4TdDUzo-YXEABgzS8gAACbcQMA8EYATtAhaMVgsDoBMTsAAAAAd_7____1gMxis3IYNhPbZLAa7JazmWHjsW1Mo-HI47I5XM7tGflGlmh55ujrIyIss993EPLdLsPD5zKIiq63xe5wmj0H8UHDsJwMgvmZsMVoNZlslsPZcjEZDEfD0Wh_BmIyGKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRDDtdmstrt1hKXbeIWrRwrt3A2cq51I-PMOZrNFovFZi16fUwf32w53Pi2SDCAZC-Sp0U6kdh8G5NjtDCMJgvTYrjyzDwjj8NlGY1cq83GtbCIJZqTRTqRXfadxWblMGwmtslgNdgtZzPDxmPbmEbDkcdlc7ic-5LDtZmsdru1xGWbuEUrx8otnI2ca93IOHOOZrPFYrFZi14f08c3Ww43vn1jN5jMlqvdarFv7AaT2XK1Wy32HSbTM_U5G13LY9rjU0bWZ6nI5jQoXAaL9ycxLabd2cG3uSifOqcxWdQZ_X6_3-_3-_1-v9-g9RzMBoVvmK1VpYufbLWTFh4HgyKWCC7Sic7ycJ5ub93tablbPJblRCxRmi7Sib7od7sMD5_LXxFLBKeLdCL0u10W9R8p4GKuXM1Vc9FmlQAAAAAAAAAALME0000AAAAAnAxiOBkOd-t0MIvNaDdbLReAhZekLmAQAAAAAACAXZEVfFghIv8pxRp7DOIsD-fp9tbdnpa7xWNZThkAQMEhs80-I4i1Wi1rAAAAAtgAAAACuOnGm4BQKO7___9_HAAAABk59AAAAOj3AR2tFnrgRrHzK4jNcrLZPwAVYq1Wq9uNtVqtgAW0mY1GE_j___9PEAAAAAAAwGas4P________8w!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Dec 2023 03:02:33 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pixel.gif
px.moatads.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XWfr9LOK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-bA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753031&de=307795652838&cu=1702695753031&m=205&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=130&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A195%3A195%3A0%3A291&aa=0&ad=80&cn=0&gk=80&gl=0&ik=80&ic=80&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=31&cd=31&ah=31&am=31&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016359&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=970x250&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=970x250&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=700975845&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=80&fi=1&apd=190&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016359&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=970x250&ord=1702695753031&r=307795652838&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=80&fi=1&apd=190&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016359&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=970x250&ord=1702695753031&r=307795652838&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=80&fi=1&apd=190&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016359&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=970x250&ord=1702695753031&r=307795652838&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016359.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=970&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt3uCSBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE6gFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNQAQfotbDq9cDmnk3B_Fb-CymbOqfuqQcnK9EAj-u7sS7ZtQso3rMIVjgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcB%26num%3D1%26sig%3DAOD64_1Ntjy7ZiQwE55PPcwNUpVghQN02A%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAFs0AH_Z6LAAtO9R4DoZCYFGT0INUdlw&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4416069&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-pfwz7&dv=1&uuid=&suid=&brq=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=yPGi0himeLjC_Be9SYCiVbCSC8PAD6QmoPCSC5WPstI=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702461749
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
6CDHVS36R08VG65W
age
233926
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702461750
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
XruSshPGSogZXCAYPVjCGo7+18kUaXTUqlsbmpC3j7FeoOhkvbxfB1UwBg16VJ9+hdISIcm5zJQ=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Wed, 13 Dec 2023 10:02:31 GMT
server
AmazonS3-br
x-timer
S1702695753.243769,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
185841
cmTagINSTREAM.js
vidstat.taboola.com/vpaid/units/33_6_8/infra/ 		386 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_8/infra/cmTagINSTREAM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fffb035db62e063210afdd8bda00411ec40554b17909505f571febf6a9a77164

Request headers

Referer
https://www.29news.com/
Origin
https://www.29news.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702461728
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0PHG82DDVX6Q060K
age
233920
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1702461729
x-amz-meta-mode
33188
content-length
90414
x-amz-id-2
3m2h1kmGsFpS28L0VmlRBCbuq/wNq0r5kjZA1cewvker9pwU3KQazwpTt0CNG31Cx/ndiUlpDxE=
x-served-by
cache-fra-etou8220028-FRA
last-modified
Wed, 13 Dec 2023 10:02:10 GMT
server
AmazonS3-br
x-timer
S1702695753.243834,VS0,VE0
etag
"1e1aaa43270d3579fd5209e8e6a0de4f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
6519
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6eab9c5940faf4875ba74f76ea909581bc577fad943041e12196621445175fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Sat, 16 Dec 2023 03:02:33 GMT
getmu
ioms.bfmio.com/ 		49 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702695753305&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-54-235.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.29news.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
getmu
ioms.bfmio.com/ 		49 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702695753306&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-54-235.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.29news.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
getmu
ioms.bfmio.com/ 		49 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702695753306&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-54-235.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.29news.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
getmu
ioms.bfmio.com/ 		49 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=0b284f28-466c-4a00-c19e-6f576cef8401&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=pre&stream=in&playback=2&cb=R0.1702695753306&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.54.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-54-235.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.29news.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
ptv
secure.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=16816844&size=841x473&promo_alignment=center&cb=R0.1702695753307&ext_inv_code=cm_182887-3291224_UNKNOWN&referrer=https%3A%2F%2Fwww.29news.com&pubclick=http%3A%2F%2Fclickam.zorosrv.com%2Fst%3Fcipid%3D66363435%26ttype%3D1%26crid%3D-1%26dast%3DV8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!%26cmcv%3D${CMCV}%26tgtf%3D&GDPR_APPLIES=1&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
an-x-request-uuid
1b357f5e-23b8-4eaa-a0a7-7a448c015e33
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
85
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.29news.com/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.29news.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ecc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

akamai-true-ttl
120
x-arc-pb-request-id
4e2f5d9a-616c-421d-b625-1a6a31dd9b2d, 7d6fa347-0913-44dc-97fb-41d6de28871e
content-encoding
gzip
date
Sat, 16 Dec 2023 03:02:33 GMT
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
FRA56-P4
strict-transport-security
max-age=86400
x-arc-request-id
0.8c7d1302.1702695753.298bb58d
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1702695753317_34831756_697021837_77_1852_6_0_146";dur=1
prerender-cache-tag
prerender-gray-wvir-prod-b308edcd
last-modified
Sat, 16 Dec 2023 03:02:30 GMT
server
openresty
etag
W/"b0db0-WFlZ41oEET6oCmlJu41B5HIADTM"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private, max-age=60
x-amz-cf-id
NsG3Ux3uw38sKFqrE_bxBviRDNViKWvTiJX2mn1qFkFteBP8zAdagA==
x-akamai-transformed
9 - 0 pmb=mRUM,2
expires
Sat, 16 Dec 2023 03:03:33 GMT
sync
am-match.taboola.com/ Frame 4079 		577 B
671 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_8/infra/cmTagINSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f2ab2eb5e18f1394730f256ff96ce7df0d13a1a475f801ea8a81aa7fe933962f

Request headers

Referer
https://www.29news.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 16 Dec 2023 03:02:33 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&cmcv=&pix=31589837&cb=1702695753278&uv=3368&tms=1702695753278&su=&abt=adxsub-out_vA!adxsub-out_vB!adxsub_vA!adxsub_vA!mprdct01val_vA!video-reel_vA&ft=0&unm=INSTREAM&debug=pn:!sqg:!torgn:1702695749563.3!ts:1702695753277&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
content-length
0
server
nginx
usync.js
eus.rubiconproject.com/ Frame FF0B 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59c9a98fdce832840396257575b4ee4230d78cdd2a3ec2a631cd56f2ce3b6bab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 03:02:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Dec 2023 09:40:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23867
Connection
keep-alive
Content-Length
13169
Expires
Sat, 16 Dec 2023 09:40:20 GMT
pixel.gif
px.moatads.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5tyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-NM4Tcd8kL9Bk3A%3D%3D&sc=1&os=1-dA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753104&de=197206533317&cu=1702695753104&m=235&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=83&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A81%3A81%3A0%3A179&aa=0&ad=108&cn=0&gk=108&gl=0&ik=108&ic=108&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=11&cd=11&ah=11&am=11&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016358&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=1&jm=-1&tc=0&fs=206701&na=198883768&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=108&fi=1&apd=227&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016358&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=728x90&ord=1702695753104&r=197206533317&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=108&fi=1&apd=227&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016358&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=728x90&ord=1702695753104&r=197206533317&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=108&fi=1&apd=227&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016358&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=728x90&ord=1702695753104&r=197206533317&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000734.16.0.70016358.0.0..0.DE.-1..StcQOJoaADOzAwnr6Vh5Xg%3D%3D.60027404.OTk5JTJjMQ==...cpWsPs0FaIeXvIrK-ataOg%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=728&y=90&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP1XeSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9wFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HGw53K7ckSxAUw15wgIqAe-EoJ6M53U-yvqpDOd0PCxWoBIh2FSuM6iMp4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwE%26num%3D1%26sig%3DAOD64_0J8WFX1HBY0bbwyXAALUWWwgvsTw%26client%3Dca-pub-0883126725773026%26adurl%3D&googlewinningprice=ZX0TSAAJ0hMH_ZDuAAIjrTMIpUATZ4lskbgRUg&wpc=EUR&site=www.29news.com&slotvisibility=1&gcpm=4312702&gpos=1&bidder=bidder-rtb-production-6c8d77fbc7-796wq&dv=1&uuid=&suid=&brq=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&ssp_id=0&l=en&ts=1702695752&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=C2ONLa_J68suFRQb4_ksEEonBBvdKVdTNN28pPbCJ6o=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:33 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BA8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqg9ISBN9ZcDmFou99u8P9Z2t4A3KkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQKyZy8ba0myPuACAKgDAcgDAqoE5wFP0HqIuNAfOjSTtngN8agsZB2V1apR5-TkTKVW90UePQUZFUXqaChP6ML0hj7PRLARXjDaDnCqst3GRY_99VoG6vwppCOoTu3dSITCHEB1xH6Q1CI1NtX1vYUB_tu__V8BRcvuk_RvvJxv42HfwjSaGquObFL5E5noIhxtfkmvc5EslO19V4OfTAYPhF3z-H8rdaxLEffx9I_GZF2qKYEevW6Us2UBDX3QwTZbt5ZyW5I6IH-5M1TpLc6T6m9l-9FNAgY-MERtRN6cdVCSkPTJRzSBZkeVlLysLyBBkIobw-ij9l_bquXgBAGABsKA76fXnvlwoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WLnRyPv7koMDgAoD-gsCCAGADAHiDRMI84XJ-_uSgwMVi579Bx31Tgvc0BUBgBcBshccChoSFHB1Yi0wODgzMTI2NzI1NzczMDI2GNmQHQ&sigh=tBd2MCL6ou4&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_7zytXtb2K_vvzhfOedFiovdcnvc2jYkaymllUxu8zwGnnYnX58q5_bxdiNJb9Ai4epDV5oJRDI28G_u4YM1hAcChdqxcDLGDFRgB&cbvp=2&vis=1
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 4079 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
server
Kestrel
content-length
70
content-type
image/gif
da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4079 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:b770:182f:d3e9:1c89 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 41B5 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Dec 2023 03:02:33 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame FF0B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 7EB9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnElNSBN9ZZOkJ-6h9u8PrceI6APKkbX7ctPipc7RCsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi0wODgzMTI2NzI1NzczMDI2yAEJqQIW7EraW0ayPuACAKgDAcgDAqoE9AFP0JLwacN0ANEN1Ez6ou92BpCghOWZ7zOgjZ43ScHF0nZ9ILpqC0LECrKz4LyqfmAFrVLceRGanDNS1PgmZ1lS8IJl0nh5ct_LHmK0iCGnKpQPZjHPDZ1vWuSuaQXXcc1YH5jMUXMgGCuoIYeP2Bh2IJJDp7JH0YW7x0fA6DgRBcp46P7CtNCEcTd3-x4Qw1XIoYHRHxP1p5ayYU-LsTMDmCcYx7xBnSi3whtx_nYuyLCFoJx_AvI1n-_yfsYCX5jlgyPX7GOuhBxA471HG0x1CiW25f8dXLFZJR2F6V4wAKmU12GqDhnMPE-6vjiEHBj94iIT4AQBgAaQps6wupX902OgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY_vjJ-_uSgwOACgP6CwIIAYAMAeINEwiLqcr7-5KDAxXukP0HHa0jAj3QFQGAFwGyFxwKGhIUcHViLTA4ODMxMjY3MjU3NzMwMjYY2ZAd&sigh=Iel2Peqooeg&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_Sdqu973Au8Ug8mo_itTipNFKktWicqw73VePU2vkCI9ox55bxJFnq7sLS7nLgm_TqAoWkYm-F40AEja5FFePjl89k7ZWKBJglxgB&cbvp=2&vis=1
Requested by
Host: dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
URL: https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
712.tvp.js
snippet.tldw.me/tv/0.42.26-chunks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snippet.tldw.me/tv/0.42.26-chunks/712.tvp.js
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44b9bedbeec84c99876e563796ef513218c0730a2b608e8b7bfa5464e6883ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits
1, 3
date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
cf-cache-status
DYNAMIC
x-amz-request-id
A0GMKT435GGDEBCA
age
2110997
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
2767
x-amz-id-2
LQqPhP/T7Ec0vf1bnXA7NKn6Hn/DAgbLLbTCdEXiCOHQgDz1Wx2B8oA5dnJc3Bh4Ojtr4ftVfvc=
x-served-by
cache-iad-kcgs7200126-IAD, cache-fra-eddf8230100-FRA
last-modified
Sun, 15 Oct 2023 07:17:13 GMT
server
cloudflare
x-timer
S1702695753.369152,VS0,VE0
etag
"baf77930b4847099dec05b0ab981ef1b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8363b02a8b903606-FRA
access-control-allow-headers
content-type
expires
Fri, 01 Jan 1971 00:00:00 GMT
v-9e6cb151-2b09-4ca1-3423933-9f05-2c456fd069f1-s25.025-31.832tvl.mp4
apv-static.tldw.me/videos/ 		445 KB
445 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-9e6cb151-2b09-4ca1-3423933-9f05-2c456fd069f1-s25.025-31.832tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc58826d3966fe75cc6ed22cd69628730355a8ee892ea226449d21e9593ed2f4

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
W874Sfr2om6eaPGdeQ6IfQKcVvSGgfE9
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 03:02:33 GMT
x-amz-request-id
9DYWVBA7TDBMGPS1
age
270095
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 0-455363/455364
Content-Length
455364
x-amz-id-2
Rvo5EIrp+qZWDeZ25XsbzOZVUP9izJntncZkyl40+DZ6uSEPgML7+NWUUxsgXKwdiaZFRP8/6z4=
x-served-by
cache-iad-kcgs7200125-IAD, cache-fra-etou8220094-FRA
last-modified
Tue, 12 Dec 2023 22:31:01 GMT
server
AmazonS3
x-timer
S1702695753.360119,VS0,VE1
etag
"69d12a78bd5d027bfc7030d947a2d2f9"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1136, 0
usync.js
eus.rubiconproject.com/ Frame 41B5 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
59c9a98fdce832840396257575b4ee4230d78cdd2a3ec2a631cd56f2ce3b6bab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Sat, 16 Dec 2023 03:02:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Dec 2023 09:40:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23867
Connection
keep-alive
Content-Length
13169
Expires
Sat, 16 Dec 2023 09:40:20 GMT
vast_error
ib.adnxs.com/ 		0
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/vast_error?1702695753376
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
an-x-request-uuid
0d019b88-5010-41b0-8a7d-e1bb6a7eddb7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
81.95.5.43; 81.95.5.43; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
_.gif
counter.tldw.me/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://counter.tldw.me/_.gif
Requested by
Host: snippet.tldw.me
URL: https://snippet.tldw.me/tv/0.42.26-chunks/tvp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
max-age=0, private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
8363b02aaba53606-FRA
access-control-allow-headers
Content-Type
content-length
0
expires
Sat, 16 Dec 2023 03:02:33 GMT
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=5322ba76f610a7fe3eeff838e6d6e72f&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695752_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&d=%7B%22type%22%3A%22videoReel-readyToPlay-v2%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=04%3A02%3A33.379&id=1881&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7437
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695753.386146,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=5322ba76f610a7fe3eeff838e6d6e72f&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695752_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&d=%7B%22type%22%3A%22videoReel-readyToPlay%22%2C%22data%22%3A%22%5C%22%5C%22%22%7D&tim=04%3A02%3A33.379&id=8763&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
11
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7461
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695753.386221,VS0,VE11
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
khaos.json
token.rubiconproject.com/ Frame 41B5 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
pubs-generic
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/pubs-generic?lti=deflated&ri=5322ba76f610a7fe3eeff838e6d6e72f&sd=v2_313ea03b62050796f0cc6c448dcefae9_da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7_1702695751_1702695752_CIi3jgYQkr1ZGO2dzYTHMSABKAEwODib4wlAofErSNS12QNQ____________AVgAYABo06-UtbOljN4acAA&ui=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&pi=/&pt=home&vi=1702695751405&d=%7B%22type%22%3A%22videoReel-rendered%22%2C%22data%22%3A%22%7B%5C%22t%5C%22%3A%5C%223.85%5C%22%7D%22%7D&tim=04%3A02%3A33.410&id=8598&llvl=2&cv=20231214-9-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-vcl-time-ms
11
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7461
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695753.411993,VS0,VE11
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cmAdService.js
vidstat.taboola.com/vpaid/units/33_6_8/infra/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_8/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_8/infra/cmTagINSTREAM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-meta-mtime
1702461745
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 14b30c40b56ef4c9699e1ca92d5cdc08.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
233923
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1702461745
x-amz-meta-mode
33188
content-length
11556
x-served-by
cache-fra-etou8220033-FRA
last-modified
Wed, 13 Dec 2023 10:02:27 GMT
server
AmazonS3
x-timer
S1702695754.509853,VS0,VE0
etag
"395c2d3a29b53f05f31fcb3046a9dd43"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
wPnT4gaRoiLmuqeny_s5eKaKq2gVAXTbn11izfkWUz6gTwj95-yOEg==
x-cache-hits
177924
bulk
trc.taboola.com/graytv-wvirnbc29/log/3/ 		0
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/graytv-wvirnbc29/log/3/bulk?tvi2=13482&tvi48=10638&tvi50=13923&route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7459
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695754.730510,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.29news.com%2F&domain=www.29news.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.29news.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 16 Dec 2023 03:02:33 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
179565
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		49 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a000034LEzsAAG&gdpr=0&src=pbjs&ver=7.39.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Dec 2023 03:02:34 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
json
gum.criteo.com/sid/ 		2 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.29news.com%2F&domain=www.29news.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
186069
expires
0
prebid
id5-sync.com/api/config/ 		135 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
33459a46d0456447c25713d7950d6a1e376b4cb1ec1b6323b27e56d71922ae1e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Sat, 16 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		43 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.253.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-253-3.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.29news.com
cache-control
no-cache
x-server
10.45.24.21
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ 		63 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
b6147484cea0eb3e2073fb3508961c8ea0cc55e7b50a51d1f45cf8e99f7cb795

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Dec 2023 03:02:33 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.29news.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 15 Jan 2024 03:02:33 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
7fdda67d00191af2bcd55d18c53a93e4b280ffe83ba4f30456725918137abfe0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Sat, 16 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
429.json
id5-sync.com/g/v2/ 		251 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/429.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
7cde68d471eec3a69b9a095a5f01014ffe4773e01afeee9196fb40ab17348434
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.29news.com
date
Sat, 16 Dec 2023 03:02:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sat, 16 Dec 2023 03:02:33 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
16858
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1702695754.802490,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
55
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
1778
v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
apv-static.tldw.me/videos/ 		75 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
RsSmOp2z_7RKUTnA_0ofFS2auIEjryEF
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 03:02:33 GMT
x-amz-request-id
2QJPR6K7QP7DP5TP
age
71160
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 0-972100/972101
Content-Length
972101
x-amz-id-2
LPvgKcneMCgeEM0IXOim9Vma//7Z9Bx+55iE5zGns2qort+lWOmckiJpG0b5qtM9GoPdaEIm85Y=
x-served-by
cache-iad-kiad7000067-IAD, cache-fra-etou8220094-FRA
last-modified
Thu, 07 Dec 2023 17:17:51 GMT
server
AmazonS3
x-timer
S1702695754.865918,VS0,VE1
etag
"545a6d2beb453c7af5ca3aa3ad0e9a88"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1510, 0
v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
apv-static.tldw.me/videos/ 		21 KB
21 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90d13728cbca7742b466476a33b15c0ae2c27299b921b64ca9acd9e8320f2016

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=950272-

Response headers

x-amz-version-id
RsSmOp2z_7RKUTnA_0ofFS2auIEjryEF
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 03:02:33 GMT
x-amz-request-id
2QJPR6K7QP7DP5TP
age
71160
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 950272-972100/972101
Content-Length
21829
x-amz-id-2
LPvgKcneMCgeEM0IXOim9Vma//7Z9Bx+55iE5zGns2qort+lWOmckiJpG0b5qtM9GoPdaEIm85Y=
x-served-by
cache-iad-kiad7000067-IAD, cache-fra-etou8220094-FRA
last-modified
Thu, 07 Dec 2023 17:17:51 GMT
server
AmazonS3
x-timer
S1702695754.879315,VS0,VE1
etag
"545a6d2beb453c7af5ca3aa3ad0e9a88"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1510, 0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
wl
t.pubmatic.com/ 		17 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=161733
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161733/6819/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
apv-static.tldw.me/videos/ 		885 KB
886 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://apv-static.tldw.me/videos/v-e5f2184a-b6bf-436b-3405015-a1da-7846acf366aa-s17.084-24.491tvl.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.211.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58153f389afa34682fbba702f009986890698173497a1cb5582d8c15a71cba72

Request headers

Referer
https://www.29news.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range
bytes=65536-

Response headers

x-amz-version-id
RsSmOp2z_7RKUTnA_0ofFS2auIEjryEF
via
1.1 varnish, 1.1 varnish
date
Sat, 16 Dec 2023 03:02:33 GMT
x-amz-request-id
2QJPR6K7QP7DP5TP
age
71160
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
Content-Range
bytes 65536-972100/972101
Content-Length
906565
x-amz-id-2
LPvgKcneMCgeEM0IXOim9Vma//7Z9Bx+55iE5zGns2qort+lWOmckiJpG0b5qtM9GoPdaEIm85Y=
x-served-by
cache-iad-kiad7000067-IAD, cache-fra-etou8220094-FRA
last-modified
Thu, 07 Dec 2023 17:17:51 GMT
server
AmazonS3
x-timer
S1702695754.899582,VS0,VE1
etag
"545a6d2beb453c7af5ca3aa3ad0e9a88"
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
1510, 0
activeview
pagead2.googlesyndication.com/pcs/ Frame BA8F 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdhYx-q4mtpOrtNvEV-RzhY01osCyPCCFHSiq-z8eX0fSRyYfBdR-7--kV0Bv6AO6eqWKK_FBsvVFfQi4jpfTLcWLRpyqAFddS32pZ-x71bkIkFsevzw&sig=Cg0ArKJSzLuLDmNG6i0TEAE&id=lidar2&mcvt=1001&p=201,315,451,1285&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=489315719&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702695752738&rpt=170&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7EB9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0pxeSbRoUmpk-E_45SF9jbUccuuzvEx5vdwLIgwLa-rOUsZw-twKs2z5qdKiR6Uyz1b-nZWPUMlEViDi9vGP9ZHkZOE-iWJM-pml4K0-ps6DxkxLvtg&sig=Cg0ArKJSzJgU0Jsn8ZCbEAE&id=lidar2&mcvt=1001&p=954,278,1044,1006&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2772206292&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702695752931&rpt=68&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XWfr9LOK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-bA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753031&de=307795652838&cu=1702695753031&m=1225&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=130&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A195%3A195%3A527%3A291&aa=1&ad=1099&cn=80&gn=1&gk=1099&gl=80&ik=1099&ic=1099&ez=1&co=1099&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1004&cd=31&ah=1004&am=31&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016359&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=970x250&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=970x250&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=1146833704&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:34 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1004&tet=1099&fi=1&apd=1209&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016359&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=970x250&ord=1702695753031&r=307795652838&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&bedc=1&nosend&q=5&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:34 GMT
pixel.gif
px.moatads.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XWfr9LOK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-bA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753031&de=307795652838&cu=1702695753031&m=1225&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=130&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A195%3A195%3A527%3A291&aa=1&ad=1099&cn=1099&gn=1&gk=1099&gl=1099&ik=1099&ic=1099&ez=1&co=1099&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1004&cd=1004&ah=1004&am=1004&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016359&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=970x250&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=970x250&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=592828835&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:34 GMT
pixel.gif
px.moatads.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XWfr9LOK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-bA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753031&de=307795652838&cu=1702695753031&m=1226&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=130&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A195%3A195%3A527%3A291&aa=1&ad=1099&cn=1099&gn=1&gk=1099&gl=1099&ik=1099&ic=1099&ez=1&co=1099&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1004&cd=1004&ah=1004&am=1004&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016359&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=970x250&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=970x250&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=391225636&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:34 GMT
pixel.gif
px.moatads.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5tyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-NM4Tcd8kL9Bk3A%3D%3D&sc=1&os=1-dA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753104&de=197206533317&cu=1702695753104&m=1259&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=83&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A81%3A81%3A397%3A179&aa=1&ad=1133&cn=108&gn=1&gk=1133&gl=108&ik=1133&ic=1133&ez=1&co=1133&cp=1047&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1047&cd=11&ah=1047&am=11&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016358&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=260436516&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:34 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1047&tet=1133&fi=1&apd=1252&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016358&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=728x90&ord=1702695753104&r=197206533317&t=iv&os=1&fi2=0&div1=1&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&bedc=1&nosend&q=5&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:34 GMT
pixel.gif
px.moatads.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5tyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-NM4Tcd8kL9Bk3A%3D%3D&sc=1&os=1-dA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753104&de=197206533317&cu=1702695753104&m=1260&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=83&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A81%3A81%3A397%3A179&aa=1&ad=1133&cn=1133&gn=1&gk=1133&gl=1133&ik=1133&ic=1133&ez=1&co=1133&cp=1047&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1047&cd=1047&ah=1047&am=1047&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016358&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=644818629&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:34 GMT
pixel.gif
px.moatads.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5tyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-NM4Tcd8kL9Bk3A%3D%3D&sc=1&os=1-dA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753104&de=197206533317&cu=1702695753104&m=1261&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=83&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A81%3A81%3A397%3A179&aa=1&ad=1133&cn=1133&gn=1&gk=1133&gl=1133&ik=1133&ic=1133&ez=1&co=1133&cp=1047&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1047&cd=1047&ah=1047&am=1047&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016358&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=206701&na=373043130&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:34 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231214-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Sat, 16 Dec 2023 03:02:34 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
3188
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-etou8220033-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1702695755.643315,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
11
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
2182
/
pips.taboola.com/ 		4 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220028-FRA
date
Sat, 16 Dec 2023 03:02:34 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.29news.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=da532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Dec 2023 03:02:34 GMT
cache-control
no-store
server
nginx
p
sb.scorecardresearch.com/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=10477191&ns_ap_an=unknown&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1702695755997&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20120.0.6099.109&ns_ap_ver=unknown&ns_ap_sv=7.7.0%2B211006&ns_ap_bv=7.7.0%2B211006&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1702695750992&ns_ts=1702695750992&ns_ap_cfg=1110101-111-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&ns_ap_install=1702695750992&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=1600x1200&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.29news.com%2F&c8=WVIR%20%7C%20News%2C%20Weather%2C%20and%20Sports%20%7C%20Charlottesville%2C%20VA&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-53.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.29news.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 03:02:36 GMT
via
1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
y0lF1Pz2KxhIJlYeinxHQqIMhH_j1UkX8mWWcUWxWu2qacptELG7Yg==
collect
region1.google-analytics.com/g/ Frame 7878 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-794QV8SQ9L&gtm=45je3bt0v873184827&_p=1702695751614&gcs=G1-0&gcd=11l1p1l1l5&dma_cps=sypham&dma=1&cid=265917879.1702695753&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1702695752&sct=1&seg=1&dl=https%3A%2F%2Ftockify.com%2Fwvir.calendar%2Fupcoming&dr=https%3A%2F%2Fwww.29news.com%2F&dt=WVIR%20Community%20Calendar&en=scroll&ep.transport_type=beacon&epn.percent_scrolled=90&tfd=6629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-794QV8SQ9L
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tockify.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tockify.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1004&tet=4972&fi=1&apd=5082&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016359&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=970x250&ord=1702695753031&r=307795652838&t=page5&os=1&fi2=1&div1=1&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&bedc=1&nosend&q=6&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:38 GMT
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.29news.com
date
Sat, 16 Dec 2023 03:02:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
pixel.gif
px.moatads.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-5tyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-NM4Tcd8kL9Bk3A%3D%3D&sc=1&os=1-dA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753104&de=197206533317&cu=1702695753104&m=5131&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&lf=83&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A81%3A81%3A397%3A179&aa=1&ad=5005&cn=1133&gn=1&gk=5005&gl=1133&ik=5005&ic=5005&ez=1&co=1133&cp=1047&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4921&cd=1047&ah=4921&am=1047&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016358&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=728x90&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=728x90&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=5&jm=-1&tc=0&fs=206701&na=1113757574&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:38 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame BC05 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1047&tet=5005&fi=1&apd=5124&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=29news.com&L1id=30000734&L2id=50005906&L3id=60027404&L4id=70016358&S1id=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&S2id=728x90&ord=1702695753104&r=197206533317&t=page5&os=1&fi2=1&div1=1&ait=0&zMoatSubdomain=29news.com&zMoatIMPID=Skto2bvo7z5b2S3Uf7KdIzg4PLQW11OhTyF_uA&bedc=1&nosend&q=6&nu=1&ib=0&dc=1&ob=0&oh=1&lt=1&ab=1&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:38 GMT
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_8/infra/cmTagINSTREAM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.29news.com
date
Sat, 16 Dec 2023 03:02:38 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
pixel.gif
px.moatads.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XWfr9LOK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-bA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753031&de=307795652838&cu=1702695753031&m=5301&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=130&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A195%3A195%3A527%3A291&aa=1&ad=5175&cn=1099&gn=1&gk=5175&gl=1099&ik=5175&ic=5175&ez=1&co=1099&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5082&cd=1004&ah=5082&am=1004&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016359&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=970x250&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=970x250&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=206701&na=357310999&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:38 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=841&height=473&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1702695758514&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1584&pt=585617395&tz=60&viewable=true&ddast=V8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=10&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3291224&dpubid=182887&abtst=adxsub-out_vA!adxsub-out_vB!adxsub_vA!adxsub_vA!mprdct01val_vA!video-reel_vA&mPre=0&cirf=https%3A%2F%2Fwww.29news.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.5/UnitInstreamDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
58ca55054b599fe92b7206b517a6a5ac23cc2145cef1d84bc4b002783df242b9

Request headers

Referer
https://www.29news.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 16 Dec 2023 03:02:38 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1489
x-cache
MISS
x-served-by
cache-fra-etou8220033-FRA
pragma
no-cache
server
nginx
x-timer
S1702695759.517480,VS0,VE128
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.29news.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<https://secure.adnxs.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel.gif
px.moatads.com/ Frame 4E62 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=2793208590&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.K%24%3D!%5DxqxLm3M%5EI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-XWfr9LOK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-L5aj2Zz1Kg7M0g%3D%3D&sc=1&os=1-bA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=250&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.29news.com&id=0&ii=2&f=1&j=https%3A%2F%2Fdfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&lp=https%3A%2F%2Fwww.29news.com&t=1702695753031&de=307795652838&cu=1702695753031&m=5504&ar=cc84ca2002d-clean&iw=34392e3&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=130&lg=1&lh=14&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A195%3A195%3A527%3A291&aa=1&ad=5379&cn=5175&gn=1&gk=5379&gl=5175&ik=5379&ic=5379&ez=1&co=1099&cp=1004&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5285&cd=5082&ah=5285&am=5082&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=30000734%3A50005906%3A60027404%3A70016359&bo=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&bd=970x250&gw=travel198849194933&zMoatOrigSlicer1=dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com&zMoatOrigSlicer2=970x250&zMoatDomain=29news.com&zMoatSubdomain=29news.com&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=4T9YeOIhLjuSt6U6CMwip2d6CC2_2_q-tdBzdg&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jk=6&jm=-1&tc=0&fs=206701&na=271138336&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-107-55.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 03:02:38 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 16 Dec 2023 03:02:38 GMT
getmu
ioms.bfmio.com/ 		0
0
getmu
ioms.bfmio.com/ 		0
0
getmu
ioms.bfmio.com/ 		0
0
getmu
ioms.bfmio.com/ 		0
0
ptv
secure.adnxs.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tockify.com
URL
https://tockify.com/wvir.calendar
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
ioms.bfmio.com
URL
https://ioms.bfmio.com/getmu?aid=bce3140f-08da-4881-e9f1-5dd3e036a4ca&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702695758654&us_privacy=1---
Domain
ioms.bfmio.com
URL
https://ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702695758654&us_privacy=1---
Domain
ioms.bfmio.com
URL
https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=out&stream=out&playback=2&cb=R0.1702695758654&us_privacy=1---
Domain
ioms.bfmio.com
URL
https://ioms.bfmio.com/getmu?aid=0b284f28-466c-4a00-c19e-6f576cef8401&output=html5&width=841&height=473&v=1&pageurl=https%3A%2F%2Fwww.29news.com&i_type=pre&stream=in&playback=2&cb=R0.1702695758654&us_privacy=1---
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/ptv?id=16816852&size=841x473&promo_alignment=center&cb=R0.1702695758655&ext_inv_code=cm_182887-3291224_UNKNOWN&referrer=https%3A%2F%2Fwww.29news.com&pubclick=http%3A%2F%2Fclickam.zorosrv.com%2Fst%3Fcipid%3D66363455%26ttype%3D1%26crid%3D-1%26dast%3DV8PIYCLAbYx7T_i-FVKROwj2n_F8OrUi4AAABgYGDtAMksXLaFb2ZzixabmVs0WbjcCotn4xZsHLbdxGLa-JYLIyCZhcu28M1sbtFiM3OLJguXW2HxbNyCjcO2m1hMG99yYQUT1jS5_AZJy2U2CPlul-Hhc7mBBZpOh891r9f9fnfJcu7yfe4av9sOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAIDioDAfo9_usrnMJn8AAAAAAAEAAABAAkBA-awEgAwO1on__________xgD9Jk3Mv7___9vGPQAePAB8CAEAADgY8iyjHtaZ2dpNpEC2SKMAAAAAER9FawcmaQTVCyq_P__91sBuAIAEMAIN_nEk0V3UOItDAAAAMCYBXpY_H6zw67xu13m_________9_M_5l_NEJRo9dpgq5mZtT8AgIArPkFBABgM24AAN4IwAk6BK0YDFYnIGYHAAAA4M7___-_HpBZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5PSPfyBItzxx9fSasaXL5DZKWy2wQ8t0uw8Pnsp8JW4xWk8lmOZwtF5PBcDQcjfZnICaDAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDDkcG0mq91uLXHZJm7RyrFyC2cj51o3Ms6co9lssVhs1qLXx_TxzZbDjW-LBANI9iJ5WqQTic23MTlGC8NosjAthivPzDPyOFyW0ci12mxcC4tYojlZpBPZZd9ZbFYOw2ZimwxWg91yNjNsPLaNaTQceVw2h8u5Lzlcm8lqt1tLXLaJW7RyrNzC2ci51o2MM-doNlssFpu16PUxfXyz5XDj2zd2g8lsudqtFvvGbjCZLVe71WLfYTI9U5-z0bU8pj0-ZWR9lopsToPCZbB4fxLTYtqdHXybi_KpcxqTRZ3R7_f7_X6_3-_3-w1az8FsUPiG2VpVuvjJVjtp4XEwKGKJ4CKd6CwP5-n21t2elrvFY1lOxBKl6SKd6It-t8vw8Ln8FbFEcLpIJ0K_22VR_5ECLubK1Vw1F21WCQAAAAAAAADAEkwz3QQAAADAySCGk-Fwt04HM1kuJpPRcgFYeEnqAgYBAAAAAADYFVnBhxUi8p9SrLHHIM7ycJ5ub93tablbPJbllAEAFBwy2-wzglir1bIGAAAggA0AACCAm268CQiF4v7____HAQAAkJFDDwAAYG0f0BJqvfAjVwq_gtgsJ5v9A1Ah1mq1ut1Yq9UKWECb2Wg0gf____8EAQAAAAAAbMYK_v_______w8D!%26cmcv%3D${CMCV}%26tgtf%3D&GDPR_APPLIES=1&us_privacy=1---

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| documentPictureInPicture object| gdmGoogleTagManager function| admiral object| googletag function| __uspapi object| _aps boolean| apstagLOADED object| apstag object| PianoESPConfig object| ns_ object| gdmComscore object| RCdataLayer object| _sf_async_config object| _taboola object| _newsroom object| BOOMR_mq string| BOOMR_API_key object| BOOMR object| Fusion object| react object| React function| setImmediate function| clearImmediate object| ReactDOM object| PropTypes object| StyledComponents object| queryly object| _tkf boolean| _tkfReady object| sheet function| arcAdsPrerenderer function| isMobile boolean| arcBiddingReady object| apscustom object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| PWT object| OWT string| partnerName string| key function| burstEmbedFrameworkCheck function| burstEmbedGenerator function| 4dm1r11545242527 function| BOOMR_check_doc_domain object| ErrorStackParser object| UserTimingCompression number| newsroomStartsLoadingTime object| tbNewsroom object| PianoESP object| google_tag_manager object| google_tag_data function| _typeof object| TRC object| _tblConsole undefined| msg object| preloadImages object| ggeac object| google_js_reporting_queue function| $ undefined| jQuery function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| _cbm string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing boolean| _min_launcher_active object| _minUnifiedSessionToken10 object| _min_tv object| _tvp boolean| _editor_tv_loaded object| _min object| scriptSrcSplitted object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady boolean| _minAlreadyLoaded number| BOOMR_onload function| gaPianoESP number| google_unique_id object| StateMachine function| iFrameResize object| GoogleGcLKhOms object| google_image_requests string| nam object| placementData function| _get function| _superPropBase function| _inherits function| _setPrototypeOf function| _createSuper function| _possibleConstructorReturn function| _assertThisInitialized function| _isNativeReflectConstruct function| _getPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles object| minutelyTaboolaAPI object| cmTag object| webpackChunktop_video function| createSliderPlayer function| startMinTopVideo object| msgData object| _cm_wfCounters string| lastWfUrl object| webpackChunkadUnits function| Zepto object| Backbone function| startCMTagMain string| category function| OvaMediaPlayer object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog

64 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChAKBgiiARDfFgoGCIsBEN8W
.piano.io/ Name: __cf_bm
Value: wWlPeZr0PQOzS.2Nj8SBNjwbDlt53UuWoQaDvoHu83Y-1702695751-1-Aeh4WEvnhhI7CRVD2ap9jT2PiCDv2icgjoREtG2GMFwLSgSUELY+VC0fA8mWmrxN6xjn1BkmA+2pACSHcpKH78k=
.29news.com/ Name: _cb
Value: CmL1XKDi-gxQDkCY4n
.29news.com/ Name: _chartbeat2
Value: .1702695751235.1702695751235.1.BGg0SvCsWoXLD8WgjbD4F58bDWFJpD.1
.29news.com/ Name: _cb_svref
Value: external
www.29news.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.29news.com/ Name: _pubcid
Value: b0124681-c993-4a0e-872c-b45a7b03282c
.29news.com/ Name: usprivacy
Value: 1---
apv-launcher.minute.ly/ Name: AWSALBCORS
Value: 3qI39EFe0iXrODNAbuZSeopboIOu/Rr4Z8Tk1GTTWTsQ3tJgt2b53/iK4pA3uL+HcRAzTLKFWxMI/CX8BoHp0wPKS/UyD0RCDy0QCFI6Pb+JiYBaPmhF3Hpfp3Zq
.29news.com/ Name: minUnifiedSessionToken10
Value: %7B%22sessionId%22%3A%220184299ccd-1416ade65d-efb58b27b1-a3377e292d-17598d0d5d%22%2C%22uid%22%3A%226abb1f4e42-1669046786-fe16e3800d-995cdacb90-fe11881cf4%22%2C%22__sidts__%22%3A1702695751484%2C%22__uidts__%22%3A1702695751484%7D
www.29news.com/ Name: minVersion
Value: {"experiment":853304102,"minFlavor":"Gray Groupmi-scraper-1.17.0.32.js100"}
.29news.com/ Name: _gid
Value: GA1.2.1115491348.1702695751
.29news.com/ Name: _gat_RMD
Value: 1
.29news.com/ Name: _ga_LQ23MJC9WT
Value: GS1.1.1702695751.1.0.1702695751.60.0.0
www.29news.com/ Name: pnespsdk_ssn
Value: %7B%22%24s%22%3A1702695751706%2C%22visitNumber%22%3A1%7D
www.29news.com/ Name: pnespsdk_visitor
Value: tdywcltknpim9hqt
.29news.com/ Name: _ga
Value: GA1.2.671840452.1702695751
.29news.com/ Name: _gat
Value: 1
.adnxs.com/ Name: uuid2
Value: 5103725905310767132
.casalemedia.com/ Name: CMPS
Value: 3212
.casalemedia.com/ Name: CMID
Value: ZX0TR3RFexcWRhqkK9aNbwAA
.casalemedia.com/ Name: CMPRO
Value: 3163
.29news.com/ Name: _awl
Value: 2.1702695752.5-4965307e241537042e4b7c3e8827c46f-6763652d6575726f70652d7765737431-0
.simpli.fi/ Name: suid
Value: E0EEF2CC2B8B48299D75C6DFFDF5E619
.w55c.net/ Name: wfivefivec
Value: EDxbl0H21RekWI5
.creativecdn.com/ Name: u
Value: HNHSm0Rw4PWImbdTyZhy
.creativecdn.com/ Name: g
Value: HNHSm0Rw4PWImbdTyZhy_1702695752027
.creativecdn.com/ Name: ts
Value: 1702695752
.w55c.net/ Name: matchcasale
Value: 5
.ads.stickyadstv.com/ Name: UID
Value: 105f87f61b951d4a921714612b8820
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZX0TR3RFexcWRhqkK9aNbwAADFsAAAIB
.doubleclick.net/ Name: IDE
Value: AHWqTUlnGuM2wZbcu3_EfJFLznkQFk9nNM13DxFxh2qtG7k0ZCZHLoHv-JmxKvqoAa8
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1c8710ad-a55e-5a8e-5f74-4ea2bc57caa2.HnEigzpQi5ijHMNPx7JsYl06Lvh0gV2kXvCr4Mi1nx8
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1c8710ad-a55e-5a8e-5f74-4ea2bc57caa2.HnEigzpQi5ijHMNPx7JsYl06Lvh0gV2kXvCr4Mi1nx8
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHIcQraVeWo5fdE6ivFfKolFfBSs.JHOapiy6ujUcLMaBbF6aUgqSJ%2FHudBDR8Tf6eCgDF2E
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHIcQraVeWo5fdE6ivFfKolFfBSs.JHOapiy6ujUcLMaBbF6aUgqSJ%2FHudBDR8Tf6eCgDF2E
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIE-vapGYgPugXba7gjqVx4RpD4bmOtMKPKaBAeVor7fxEHwYBCDIpvSrBjABOgQ8w7t9QgS0i92w.VXqT9vKFNSzC%2FxN3011LrdVt7H411Cf4pM3jOhdpFjo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIE-vapGYgPugXba7gjqVx4RpD4bmOtMKPKaBAeVor7fxEHwYBCDIpvSrBjABOgQ8w7t9QgS0i92w.VXqT9vKFNSzC%2FxN3011LrdVt7H411Cf4pM3jOhdpFjo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: A8gqR0JP2EpasE-T5hpvJo8
.liadm.com/ Name: lidid
Value: 8cad3cbe-fcb8-4cf5-864e-688023537674
.rezync.com/ Name: zync-uuid
Value: d49ebdf9-e4a2-4b04-a2fb-e23a30abbc53:1702695752.552832
www.29news.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dda532577-be6b-4e1e-86d9-7d8f94661113-tuctc7698c7
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjA0MzY0NDMytBTiM9TNDirLSvYpjDRyMc0HAFujI9YlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MjE2MjI2NjA0MzY0NDMytBTiM9TNDirLSvYpjDRyMc0HAFujI9YlAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4ODBJWI3YEghVu7ud4zl0bV2SHtCvNQlsUsalqZZ9dKeaypGcBInidvwAwsbwTI5AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XIuxWAMAgF0AmsMgce8oDEuA3kM5ClpZNaeizvvVIZ2maM1WiqgzRYybGCJsSFPaKbnLkySrNq2M1wCO60fVczP3_nF30YZGRZAAAA
.turn.com/ Name: uid
Value: 7277780670113784995
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FsW2lIcXMaA1IRsskX0Z8a7z8-XvBOmr25ratp2iPt26ADzu97qEE_o9bfqCyIIkmMiZoueET1hgGuArr3XT5tquU9xQXNZglGXyLhsnUm0ZKPEiW3KeRaOOFryQUahhwg9meD6A6dQJik.ZX0TSA.COVamLSWS9mF1LCw2hJK09ixgVk
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%2229344569-727E-425D-9B9F-2880676D01B7%22%7D
.29news.com/ Name: __gads
Value: ID=23ea379224c09edf:T=1702695751:RT=1702695751:S=ALNI_Maa1d8dVNeYQg3TN09FfygH0udfeQ
.29news.com/ Name: __gpi
Value: UID=00000d1c9fcdf702:T=1702695751:RT=1702695751:S=ALNI_MabCGhvrJyC0cln1HSXZAiT75mZQA
rtb.ads.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%2229344569-727E-425D-9B9F-2880676D01B7%22%7D
.addthis.com/ Name: na_id
Value: 2023121603023300013252387415
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 657d1349f29abb88
.addthis.com/ Name: ouid
Value: 657d134900012ad80864d4d6d1ef15fd01c284cc256a2e77dbea
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2C'!r$43q!]tbP6j2F-XstGt!@Dhk$r>81
.adnxs.com/ Name: icu
Value: ChgIktBcEAoYASABKAEwyab0qwY4AUABSAEQyab0qwYYAA..
.dlx.addthis.com/ Name: na_sc_x
Value: 1
www.29news.com/ Name: _lr_retry_request
Value: true
www.29news.com/ Name: _lr_env_src_ats
Value: false
www.29news.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-12-16T03%3A02%3A33%22%7D

9 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=ee8159bb-2ffc-4052-b613-eb86ee531ef1%3A1702695752.551941&_=1702695752.555066
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=63e3242a-ef28-4c7c-99f5-b0561a7898c2%3A1702695752.5522416&_=1702695752.5547507
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=d49ebdf9-e4a2-4b04-a2fb-e23a30abbc53%3A1702695752.552832&_=1702695752.556358
Message:
Failed to load resource: the server responded with a status of 451 ()
violation error URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139)
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
violation error URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139)
Message:
Permissions policy violation: accelerometer is not allowed in this document.
javascript warning URL: https://z.moatads.com/travel198849194933/moatad.js(Line 139)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript error URL: https://www.29news.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://www.29news.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217991e.akstat.io
aax.amazon-adsystem.com
acdn.adnxs.com
ad4m.at
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api-esp.piano.io
api.rlcdn.com
apv-launcher.minute.ly
apv-static.tldw.me
c.amazon-adsystem.com
c.go-mpulse.net
c2.taboola.com
casale-match.dotomi.com
cdn.indexww.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
config.aps.amazon-adsystem.com
counter.snackly.co
counter.tldw.me
creativecdn.com
d.adroll.com
d.turn.com
d2csfia1ogd5wa.cloudfront.net
d3v5317qx0o9g1.cloudfront.net
dfa096bc148740de7655f78151ab487d.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gray-wvir-prod.cdn.arcpublishing.com
gum.criteo.com
hbopenbid.pubmatic.com
hp.taboola.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ioms.bfmio.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
live.rezync.com
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
mb.moatads.com
nr-events.taboola.com
operationchicken.com
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
public.tockify.com
px.moatads.com
reconditerespect.com
region1.analytics.google.com
region1.google-analytics.com
rtb.ads.travelaudience.com
s.amazon-adsystem.com
s.go-mpulse.net
s3.amazonaws.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
snippet.minute.ly
snippet.tldw.me
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.travelaudience.com
stats.g.doubleclick.net
sync.srv.stackadapt.com
t.pubmatic.com
tockify.com
token.rubiconproject.com
tpc.googlesyndication.com
travel198849194933.s.moatpixel.com
trc-events.taboola.com
trc.taboola.com
ugc.zeam.com
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
webpubcontent.raycommedia.com
wf.taboola.com
www.29news.com
www.burst.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.queryly.com
x.bidswitch.net
x.dlx.addthis.com
z.moatads.com
api.rlcdn.com
ioms.bfmio.com
secure.adnxs.com
tockify.com
104.18.36.155
104.18.38.76
108.138.1.25
13.32.119.77
141.147.81.223
141.226.224.32
141.226.228.48
141.95.33.120
151.101.1.44
151.101.129.44
151.101.65.108
151.101.65.44
162.19.138.117
164.132.25.180
172.217.23.98
18.245.60.53
18.66.97.63
185.184.8.90
185.64.189.112
185.64.189.226
193.0.160.130
198.47.127.19
199.232.211.52
2.19.107.55
2.19.217.60
2.19.217.66
2001:4860:4802:32::36
209.54.182.161
23.212.89.123
23.32.184.192
2600:1901:0:4277::1
2600:1901:0:636d::1
2600:9000:2127:1c00:1:4e32:7440:21
2600:9000:2127:4000:18:1fcd:353:c61
2600:9000:223f:2200:8:48e:53c0:93a1
2600:9000:223f:ba00:12:3f97:c680:21
2606:4700:10::6816:49ae
2606:4700:10::ac43:b0e
2606:4700:20::681a:bd1
2606:4700:20::681a:bda
2606:4700:20::ac43:497c
2606:4700::6811:190e
2606:4700::6811:c376
2607:ae80:4::25
2a00:1450:4001:801::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9d
2a02:2638:3::c
2a02:26f0:480:184::11a6
2a02:26f0:480:9a4::11a6
2a02:26f0:480:c::210:f18b
2a02:26f0:480:f::213:7ec9
2a02:26f0:480:f::213:7ecc
2a02:fa8:8806:13::1370
2a04:4e42:400::649
2a04:4e42::282
2a04:4e42::714
2a05:d018:cc3:fe04:3014:5030:a5b6:caa6
2a05:d018:d29:3605:b770:182f:d3e9:1c89
3.208.135.151
3.212.66.31
3.33.220.150
3.69.190.202
3.71.149.231
34.203.54.235
34.252.177.198
34.91.62.186
35.187.184.108
35.190.0.66
35.244.170.237
35.244.174.68
35.244.193.51
37.252.171.53
46.228.164.13
52.217.196.136
52.23.84.206
52.58.114.78
54.152.252.123
63.32.253.3
65.9.66.15
65.9.66.84
65.9.95.83
65.9.95.96
69.173.144.165
72.251.241.206
98.98.134.242
01b83ab9dd12f79d5f3ec8b655c274567e016aacc9f3341ba33947bc269ce41a
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
051075840ffed7b4bb4d4f182e3347891f08cd06be65df91682ad2bcb021df30
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0726038a625f5d70b7ddda9d1a20d9cd0925e03c035b1bee62fa5df4696e0216
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08dc3f38277219e7dd10b05f6fc2c074cef04ce11a9b50cbe447bbca7e50b9bc
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0a54de782d1556267f87bb81e079f0fb3565df90b407f756952f346d1f9198ea
0be9ea3282b9037d764f4c4b12ee0da74f6613310f3ff39bd9236b0c7f8e0d36
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d39bbdcae43253b7e0d7a69841e70d8781ac7aaca5cd9a20fc9edbf5c643e76
0dc3395f1ebb5b9a3540c4f66c1137e123f0559efe4ffe7394a036951e8f2150
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
1028d4cb1b58d40ac786525eff481970ddb7a9caf5baefdd9fae01f816c13254
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10dd53cda6250293f701db966c62cbe46c5e77674f83149d9fa1e5fe1642485c
1377bf6a9b52fac83a53ac810c19760056e167c9e4937a601b79f5d200c1847a
13fc33bfd71d1428a6594249042832c3847377cf3a370581971c1f948d054c33
189995ab190fef7a72165b5d6698eec9caf524712683f6ccf63b49556b63e74a
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18ea6813f582d678ee930081c6be14d8cb3129e168157d02ad06e9dc4619a6b1
19b6c13986b65975fa61d31548f48901452f87ef9c8be9ac932397d939a94883
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1da07ed1bd458c8d42566be19ff3b339aa8797b2920415f9b11497fca8e0ce54
1eb12c64933bfb56ae7bb304b7fb3bc74a834099b9120c6cec15cbae47e5bea2
21e01ea2581ed70b9baa7c8e316fdbf3d9ee0e6fc8a7429e9012f205cd9e91e2
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
224a5b8eaaf3653d627299347111991d79dc40bd42ec6b61c55921da4a3e40ea
225b77feaa899de27aa763f13d892125303a3188e951f24cf60b0d0a7a6a084d
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
265cde21a31bf5129655195869debc3e9fb2983a2c830d400768108fd21ed344
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
274364e6ccc017a98a341aa67bb0f7908fbe3fbe976237383a4d7ade10125aea
276b5244682738d09b1f2ea556faf7d6d967c844fa95c762c121a0957ebe4503
276c9c8782e2df160320707ffc394a08d3ab24563ed56a7d6bba2bc90e0c503f
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
29cf8c7bc1c0e3373f0b2d9634a35a1f9658c72a1e4d7ce6b6c178c2bf2e7a4a
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1169102bcab99877aa3dd5627eae90c37acac92a12519bc44a5d917f383c92
301d2ba6f3bf360754f6f02be8408c5f9201892f9f6725bf48303626bca61cc6
3084a495bd132318b7c2399889654e5a8ff35cd1f0f345586ed8f0c988fec767
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33459a46d0456447c25713d7950d6a1e376b4cb1ec1b6323b27e56d71922ae1e
34efd323a297e252675d549c5196e4236681cecc8b183c1e39dc684efa5bb111
358884e55e082cf7b225de21f9421034731e8439b45236dd5a357b3846f53144
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
37ee47a1f3a46dde6ec81adb5935bcf2fc99176172f67ab0069e6fb8ee2d5bf5
3883c637af0f0fd6d799b25accf959d4d828d93856c225ebf3eadbd421c0a7a0
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3aa0fe7bfa14cc45a5b9b0c5eee68844d87dd5c8bf88eab7f416065a54e2dde9
3cd4f09783b623a2493a3c93b3a48c3fc81c1f27a888221a7c54c7a4c8b2c02e
3cf78ad3bcd1324e10a4acdc34bfc4a159f9a045b30edbe3738a9d1b9f807a39
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e87f20ae81a3468381e43429f8473e8f298c338d1b8e3c1f2a87da7c48e13ad
3f1e2aff8baeea2cb4962805e9a8f098013c38cae12af54691cfed60a31b9da3
3fa3d3aac092c8453ede9ae0397911dfbc0add561679d1faa196320ed4863fac
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42963e20b8df6dff7886465257fe87c44a0e83d6b91cb2ef458f4129d71d0e41
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4347045cbe6553f9321a2f82203a5791cacbc30fbeb19f2a60d9c1ccc3c3925d
4356c765f0c9b65dc260114c2fb9b0e7e62880bcc80abde18a364c790e097f69
439237d245f719e8c126a456f603d209037bffb7bb9c21a8923e4d64bae44e46
43c3c98f73e5795e627d8e3872c83dcfd3329cffa3b0cfcbce49c0ebce8c4c1c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44948fce039263b30389aba4b5d19d5723382b84cc9a7a56887324c650d61a48
455bd1275b5bddcccaa77f139eb30ef9bcb6abb87e1f8802fbdd0b73436df2eb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46be8ce52fecfdee4715f55f764c2de0bc4ca0903c75c9e08f0bd86e1f37e419
46fca6dc6e672a29d25c9bf87c1402e9ba22990aa214ab0d8c848fdc40862df6
4710dce6e41f2e1551ed4127aa8c5f0caf1f42805c5671d34b2b0a2abf13f9f7
48439d30a395942dbd65f27b159f84245dd81b9e72472cb572aee029cbe40b23
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b3c9773a97bd00a751c09a47e3606a5eddd6f6fd64cb203b61c6c95ca46143
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
49dcb1818dc579ca070b0d8ba0e1c6e0a602bfe2d440f8e0e34c457a1864ce11
4bd0b039a1ab966889e5df5946799add86c82b348316216b22e2dd62856944f1
4bd9ac56934d76ebef4caeb9c0eb9880378b0fd9e46f098d34e1399c18cc0bc5
4c5c0bc71684c76f23a93ac17442562dea496037bf43d0bd892e82904ba7b4a7
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4e8bd226cdf91c81d69a90eec8ded92138adf203d05cbab1f09f68d85bc6baf4
4ef54920cf0c52bc49c149f8378cc6bf1667ea9e653b5725cd1983c21dc8ca40
4fba43ad5f10c9d96048aa40b02a8e6b419b015060f8c28dc60bc28e368dfc37
4fdbceb89e5935d469bbd06461e0d4a8ea77fbb676a3c70370afd6a3abb66b86
50d9594f0c84c61608f60a47071b4051c9052407eb928afb38f5b82686b98885
51d5a3c37bd0e20bfa9856f24fff86386a7fe173f244ee3836c8f6cc34a436a9
53b988c3d873cd2c0c14d099834524858337e92c5a0a69884f102468a3d469a9
541e8db6db0acedc0e1f13283ee78037d879c820e38dc0ab62f6573f6bda96c1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562c711b1304ad9a0a5ba5767014784ffdae0b94462d14e0d85972eeed1bf3c2
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
58153f389afa34682fbba702f009986890698173497a1cb5582d8c15a71cba72
58ca55054b599fe92b7206b517a6a5ac23cc2145cef1d84bc4b002783df242b9
593feb16e7310f6ec96f40794a8f32efeed162b216d20ab61a4cc6178da5f261
59c9a98fdce832840396257575b4ee4230d78cdd2a3ec2a631cd56f2ce3b6bab
5aec68c8b080515c3ca98f7465a63204af99556ae6f2b8f33f73c08da2cdb12b
5b4f9cffdd7f6ac1d0d615f65024064a9f261e21e448e110f279aea148e6da39
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5d041c661446642f590751b8bd02658fdd3c508d195817ba4deb6bd500a0114d
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5fb1750807cbcd188c9507dc9d1c01a1c9477cd9b54316a333fe0c4b77985e56
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
605dfd61899ff82d10a6ce26b06f1ae451b990928a7ed0fe87769be6e0ea87a4
6063e91e9d9d53e4251784c15ba4b1791ef0fa94b86f853f6cc44c8fd489ea5a
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63414c077003319f186a974d9be8a8a09a07a178e6bbe29181d93b6cd8dccff9
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
656985ea1d2b50a2585a1099dcd80a31348e6e45760c0d96947a17ff234dab65
661d4b208656c006e7aab58acf7784857963123675de2302279fbe6c05313547
66d7b2344b1aef077bbf6359f32faa055b4cba8d9f2d873a6b9cc04330f01749
66f807b4adc100789cbaea28bdd4b71ca60a1999d35d6d675a56f588c97b7e12
67b19d5a8e3620dd80340deaf30329741993c27ec8255f356e43f28cb9e53d32
69c9c7972745e942e10c40a8342e85ca9e3dcf5af2689d3f7a37d536cd635b17
6a302b34ce783fda0c1a493fe5161d2222b71d2409accaa88d454b866ba807ff
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6c7dbd8857d0324015e701c7c4752d0e2f09d378ec5cb5887f1e2cb07a2ee11b
6c8314cdf7ef3aa2bafb572d3fdf0c7f358d52fc869818769c0f1e107328938d
6d14db5aa3a9a0f4c0196782e2f038cf75c37c41b3dee5770c9c73b5f79b5b63
6eab9c5940faf4875ba74f76ea909581bc577fad943041e12196621445175fd3
6ead0a41d475bf406165e279a52870f7800a053d1b3738c3ab301b1f928ae2e4
6edc41fd18de693f46454d25aa8dc40be58276c2357292c0eb691c117648d241
706743694960fca164dfe7fb4ed7d2dc76f97936ef1dbbc17e738b5ba5a14327
73c48a750a107c5809e5b332e74b0f1b32ddd1c24b98f1d9e8febf73322fbb84
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7593d17bca70a7d70dd9981789a56d5297efde96f356f6cce2429b397c899fd2
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
76c009cddf9e13e03f1c6ab8f56e2a0472c57ae0123bf4ad8ff383f61e45c382
7833516acca930521def5b1e9586064f95aad52f9da5133effff8fe7cc623268
7887a70ac97003619e3480788c7bc28698c950c49441f3d530b17c3eeb657cc2
790e90d45636000ad24f407cb54e878f2a793a795fbf95497396074aa0d39ddb
7a4da18e8baeea4d9b2f6efa2cf38b32db7d139feb7a5b6d1a2045278f44d425
7b1062f7c6bf4d592608c3aa18abcff0344e66e98dd4bc89b3db5b8d36e85aba
7cde68d471eec3a69b9a095a5f01014ffe4773e01afeee9196fb40ab17348434
7cfff10d1716acbf183fef47552add779d67b323e3d8ad6f5c788b0d3fcd0cb1
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7fdda67d00191af2bcd55d18c53a93e4b280ffe83ba4f30456725918137abfe0
818a88731cded6e9c7f0cb4856405af8802a151bd607f26020aac79242ec2759
81a6ef2ad173cb2d69b77a1bb4535e3516028db69c45dbbbecd87eb0c34c6952
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8257e3f3a5939a2a8e1ea470645bc40d9e2f626c59ec06307d0ed5f3f00b8ab0
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8379f23b888e0346ef6623d8913a391c73c7d326745539b6f0bc267fabef8420
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
84157b3c3cf25c981bab623c8b4b182148f3ea55bc87a33722bb6ab5c6cb49e3
86781b16003bc88f6f5631458304b27000b4aff24a259fdda870f52afab762c8
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
8714ca9660a9693b36fab864a7ccda1ace5b522489133209acfe5eb5f5740552
88004917adbd7b6b060b06f46d6b7cffb33406df9e017f5d52a506de5dc7ab1d
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd30a683c4179f1cba9bf85ef3231bac1ed1ffde80ba7321fa154cb34967ef4
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
90d13728cbca7742b466476a33b15c0ae2c27299b921b64ca9acd9e8320f2016
92427a29faa36f4f720dbf7a95bd6841ec8d41b98277ab3cd025febbe02ca5fc
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
96d090de54134f1dc64d8b2c3dadb3d541f72794b45089c95daf68fa343148f4
970dad4102b0f0a1c8b3e84ecc0ed974492db999d232a5e8544861ccdfbdb7db
97c6e39d8c46da7b453e7868e62a6ea4636be8a402098565012c2d915a7c7bc3
985e21298ee9f5e3c80214000d34a1827d8032d57422934f2feef400fa591f74
992bed67acbd5174ae1d6609291b0309c7e5391fe302f4d7b6468c5a2787847f
9a2d0412e9b0994b8da9848e591eee9ba4c5f05e68ef0d1a42aebb9bfb522edc
9a64421605751d54fb234f9074079b0e65a9c976c8dbdffdbaa633a4d7dfd28a
9b34aab60bc8c097636dd38398590e81d458bdda50b06bf250eb6f3bb2ddfb37
9dc0571019f0847eeb755ad6ffc8bcebe2d09af91fd1348e0f69d246facadf14
9eef2e70d312f387dd3b582baf494c966675d76e206a89e55ce04fc1d2280b4b
9fd57fcaa8ad308df1294bec4cac27c6d3de96d4ddd8c9ccc0e64bbf53405c1b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1319c4c43a4607a471af204b9044d622064b0782011d751bca6dc2ca10e0f41
a1ce2ebc5559dd55f9d1b9aeb0df3d567623fb2ab8c25358d5c47eaaebfc7642
a3525aa71e87b50d7a7d289c60539fa25ae854f6e20063ccfe3c4e8fb011af05
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a5832e7b1161d4c5d7a4d9321474f0e5b60978981e266d4254d4731d90e76c4a
a790c4426c39f8a3c6d8fbc63bb0921a1679f6e994bc96b14ac212d5f8de1e5a
a80283a2a54ea158b37690f2c26663c329737910163b122fed2c5766c9b95962
a8cae91460a7edc608e6f397fad2e02bdfc361a3984caabd5c49bb3f82b2b104
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa36ae562963a93b1181f56d0079c422d85ce9969f1e0f391cf46f5478f752ea
ac2385054d54aaaaa1ab1a74929b654508aee4c06726ace247a020b318e2a904
ac515577acf89c9c6ef7fc765b43e7d88ea45b69265717b40fe39344439d3468
adbdec081c0418ecbc29a92f8a1e5fd8847e2245f7c51bb774f218148547d64c
ae0209ee3efe384229f3d84d12fef6c514e26548e24dfb28b2a614f616b23860
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b19ac4e57f2a56639eebd1c35319e5a7124be70d3fa155b63d878886520154fa
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b33e910ec4484710548384d4fdf7bed5bc864ba8af1b818086c530c371a58d17
b4967dbde82b36ba483fcd5315203b1648a86c192ccd826865a634aaa8853208
b5be35c4730e85c556511d6d2576c8e73c92906ba75804dece48c79857ff5c01
b6147484cea0eb3e2073fb3508961c8ea0cc55e7b50a51d1f45cf8e99f7cb795
b7e10533caffc00d83700fab907042028dc53d4f049400d82a3b0a353d0e6989
b8d70459db62c246981231f38d44f2fc338a9394dc18720e0fe66577fa87d029
b92db80a97d8d0ad40fce8b79e49105b5751dc2b9fa561900786dc7266b85b2d
b9382551ba72ed5110b0e585dd23fe4ac0876ca1ab53f70ec36f8bb22af3aeba
ba9fcbdebf4a1a9135a4f2335e84147f8f1ec9a9dbd4557670ab607fa1d74260
bb401a02cbbd4e277a3b73f94423e52594bbba14871f61b7e40aaa06701e1e2a
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bbaf73b17df4502b13e2338b607ffe9e05eeaff41c340977be65aa9d4682420b
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bfbe54b8cccdae69aca8b2da4cdcbc0f61a4e142ccdcbe72d65fb767cd46eb4f
c038356f5dd062dc662f8b140c3fe86b5f1726ccc4c83edfc2022c02f6adc356
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c3d9fa4b41ab500d0edb279e71568c7a3a141c34d879da27d3a60baed756e475
c44b9bedbeec84c99876e563796ef513218c0730a2b608e8b7bfa5464e6883ae
c46f164c88960571a92fc5e442ec198e261ab73ee89583e9c8f7030b4a48a32d
c509be37bdfb00f2faa69c9a8e6e9c0cbfd021d24f23e109bb3ebfe1bb929e60
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
ca06184323d2a559876459d5e99b018c2fc6a0808fc159b3525fc640555c037a
ca35e3abb3afcec275310b5589450e260806e43e84e316579ec204c37ca17da4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab7bcbdfef94745cc2c5851337771fad3b46f6f0b000a1661a9a258a927a35a
cc58826d3966fe75cc6ed22cd69628730355a8ee892ea226449d21e9593ed2f4
cc6050bbd2c01a71b42fc8ee334617ff6d3d23129fce22c33855f14749a810a7
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
cd3b3b005de17695241145f67bced934475b65402c0fdc93aac191059d6b40e0
cd623a181d7067e8732e06a3e47430ca66602d9d604ebd821e3390be94852fce
ceec13d8c655e8054fdb414719c64ba880b50a4f9059026a4f1eaecd2ee05c86
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d247a0ee3081c2f2ccba6be6b27788bf7dc1aea91e6751095ca0f0305bf17809
d5644b46d5d663155f02502683f9d4ed7d7b3885cb2b04fbc9f1ac9da0d0eff9
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4c7284a8b5070e088af3644022231b96cc7dd4da8f59f49bb56dc03a8158c6
def5bbfa0e81a2fbcd2fb6c1d587f96658c1d7a2e97e63f046f67d4a25a626f1
e30ec904e766c18de889b9a327a04d38e3f6296424da512e2cc7a815d25a1ad7
e338fdc82f4e04414debc95cd1301db99aa1a0ce9d49dc505396a06344f2da66
e3561c9de219c6c970eee73fe84ad5bf1cabc27795b956a798c9b3c7856e88a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0803a6eba7048114dccc119a564f44b3a1d5b4978ff3d7b6cdfb35098983d
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e69b75877807cbc3c8a90b55b7607df6ea93978cb1ab8f0ada09e00307c16794
e6d9cfc441d6a59c4f39e6bd1f10784799e90ee4e962ff1d2acb39541480ea88
eb2710427c2031d48de9c32501d3fc6fc701322523c3a801657f6a7d3f6ece36
ec68d354d9a0a52652b5ebff1116a1f3d73b48d5bfc6a8ba2b131f6a2c6dc1e5
ec7679d6d29b15719ee656bd5e67fe006ae97e5c0704f8d6ddd245ed361436a5
ec7bbd80a20739e0e95342a018f055bb6d7104aa9f21a123485520070664e150
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d34d9360bf7b20b2bc7f617e311fc00e2701790c89ddcbb1a8b9492ee19fba
f2ab2eb5e18f1394730f256ff96ce7df0d13a1a475f801ea8a81aa7fe933962f
f3996eb66cb853fa453b95aaa992fcbed2ff3f176fe8bea6c19429edaa177525
f3c65d582ca2d913ae347ba7833a21c28a04f00d9897032ffb9d9668cb05a5ee
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6112f8de193029610ea7c5dc67a5722dd27f45f328edeca066f42db08aa8e88
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f6d7b54989fe886d8bbff8c71594aeef8941e034fe439e6d5d1cd4ea308e4da3
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbff9b65ef8723e80ceca2e6e427a2ab2504dc2ded26428e63b031271efb1567
fffb035db62e063210afdd8bda00411ec40554b17909505f571febf6a9a77164