www.nbcnews.com Open in urlscan Pro
2a02:26f0:1700:386::2506 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.sbstck.com/redirect/06915d08-4ca8-4c8e-9142-90910afb3143?j=eyJ1IjoiMml6ZW03In0.PGqbPW5xh7XYMZA0vg40E2SzHnMR...
Effective URL:
https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_sour...
Submission: On August 11 via api (August 11th 2023, 8:11:29 pm UTC) from BE — Scanned from DE

Summary HTTP 194 Redirects Links 74 Behaviour Indicators

Summary

This website contacted 76 IPs in 8 countries across 53 domains to perform 194 HTTP transactions. The main IP is 2a02:26f0:1700:386::2506, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.nbcnews.com. The Cisco Umbrella rank of the primary domain is 15655.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 8th 2022. Valid for: a year.

This is the only time www.nbcnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.84.165.30 54.84.165.30	14618 (AMAZON-AES) (AMAZON-AES)
3	2a02:26f0:170... 2a02:26f0:1700:386::2506	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.218.208.29 23.218.208.29	16625 (AKAMAI-AS) (AKAMAI-AS)
58	2a02:26f0:480... 2a02:26f0:480:a86::2506	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:480... 2a02:26f0:480:9a9::a1d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:480... 2a02:26f0:480:99e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2606:4700::68... 2606:4700::6812:a972	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	52.208.175.244 52.208.175.244	16509 (AMAZON-02) (AMAZON-02)
4	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6813:d383	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.173.187.80 18.173.187.80	16509 (AMAZON-02) (AMAZON-02)
1	108.138.34.127 108.138.34.127	16509 (AMAZON-02) (AMAZON-02)
1	18.173.154.70 18.173.154.70	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:7... 2600:1901:0:7416::1	15169 (GOOGLE) (GOOGLE)
1	108.139.243.82 108.139.243.82	() ()
2	2606:4700:20:... 2606:4700:20::681a:374	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:236... 2600:9000:236e:5800:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	18.173.187.48 18.173.187.48	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:798::d25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:20c... 2600:9000:20c3:6e00:1d:bf0a:0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	108.138.36.30 108.138.36.30	16509 (AMAZON-02) (AMAZON-02)
1	99.81.14.86 99.81.14.86	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.135 63.140.62.135	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1d26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.32.2.61 13.32.2.61	16509 (AMAZON-02) (AMAZON-02)
1	18.173.154.84 18.173.154.84	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26da:9000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:237d:4a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	52.20.122.83 52.20.122.83	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::681a:274	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
1	52.210.238.166 52.210.238.166	16509 (AMAZON-02) (AMAZON-02)
4 7	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:2248:f800:11:f728:3040:93a1	() ()
1	52.215.66.158 52.215.66.158	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:237d:5400:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.9.110 104.18.9.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.232.111.103 3.232.111.103	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
1	52.55.252.103 52.55.252.103	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
3	18.66.23.147 18.66.23.147	16509 (AMAZON-02) (AMAZON-02)
1	54.144.88.107 54.144.88.107	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.175.79 13.226.175.79	16509 (AMAZON-02) (AMAZON-02)
1	104.64.126.246 104.64.126.246	16625 (AKAMAI-AS) (AKAMAI-AS)
6	52.222.239.116 52.222.239.116	16509 (AMAZON-02) (AMAZON-02)
2	130.162.160.243 130.162.160.243	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	52.222.169.8 52.222.169.8	16509 (AMAZON-02) (AMAZON-02)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.158.87.162 18.158.87.162	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.157.222.165 18.157.222.165	16509 (AMAZON-02) (AMAZON-02)
1	64.247.193.131 64.247.193.131	11320 (LIGHTEDGE...) (LIGHTEDGE-AS-02)
1	3.73.68.108 3.73.68.108	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	18.185.141.113 18.185.141.113	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.17.87.80 52.17.87.80	16509 (AMAZON-02) (AMAZON-02)
2	23.212.89.123 23.212.89.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.11 178.250.1.11	() ()
194	76

1 54.84.165.30 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-165-30.compute-1.amazonaws.com

link.sbstck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:386::2506 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.nbcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.29 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-29.deploy.static.akamaitechnologies.com

mps.nbcuni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a02:26f0:480:a86::2506 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

nodeassets.nbcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:9a9::a1d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

media-cldnry.s-nbcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media1.s-nbcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:99e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:a972 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.175.244 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-175-244.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookiesync.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-80.muc50.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.34.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-34-127.muc50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-70.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:7416::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

nondescriptnote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.243.82 (United States)

ASN- ()
PTR: server-108-139-243-82.mxp63.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:374 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:236e:5800:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-48.muc50.r.cloudfront.net

tag.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:798::d25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

geo.cnbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:6e00:1d:bf0a:0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.36.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-30.muc50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.14.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-14-86.eu-west-1.compute.amazonaws.com

nbcuni.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-135.data.adobedc.net

aamt.nbcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1d26 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.2.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-61.vie50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-84.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:9000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:4a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net

8168974.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.122.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-122-83.compute-1.amazonaws.com

p.tvpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)

beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.238.166 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-238-166.eu-west-1.compute.amazonaws.com

nbcu.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.194 (Grosse Pointe, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2248:f800:11:f728:3040:93a1 (United States)

ASN- ()

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.66.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-66-158.eu-west-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:5400:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

odey8o7krcuep0celnfeevesimqmi1691784684.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.9.110 (None, )

ASN13335 (CLOUDFLARENET, US)

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.232.111.103 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-111-103.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.252.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-252-103.compute-1.amazonaws.com

nbcu.track.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.23.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-147.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.88.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-88-107.compute-1.amazonaws.com

usasync01.admantx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.175.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-79.mxp64.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.239.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-116.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.169.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-8.cdg52.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.87.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-87-162.eu-central-1.compute.amazonaws.com

krk2.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.157.222.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-222-165.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.247.193.131 (United States)

ASN11320 (LIGHTEDGE-AS-02, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.73.68.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-68-108.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ba23bfbabb75a7144a28ba563613a60c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.141.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-141-113.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.87.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-87-80.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.89.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-123.deploy.static.akamaitechnologies.com

nbcudisplay.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	nbcnews.com www.nbcnews.com — Cisco Umbrella Rank: 15655 nodeassets.nbcnews.com — Cisco Umbrella Rank: 16055 aamt.nbcnews.com — Cisco Umbrella Rank: 24416	1 MB
12	doubleclick.net 5 redirects 8168974.fls.doubleclick.net — Cisco Umbrella Rank: 19557 cm.g.doubleclick.net — Cisco Umbrella Rank: 239 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 206	174 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 ba23bfbabb75a7144a28ba563613a60c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 151	53 KB
9	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 aax.amazon-adsystem.com — Cisco Umbrella Rank: 441	66 KB
8	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4339	112 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 377	147 KB
6	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6250 identity.mparticle.com — Cisco Umbrella Rank: 2860 cookiesync.mparticle.com — Cisco Umbrella Rank: 15009 jssdks.mparticle.com	48 KB
6	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 212 nbcuni.demdex.net — Cisco Umbrella Rank: 9722 nbcu.demdex.net — Cisco Umbrella Rank: 10261	10 KB
5	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3182 fastlane.rubiconproject.com — Cisco Umbrella Rank: 572 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 2928	130 KB
5	imrworldwide.com cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3370 secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 3213 odey8o7krcuep0celnfeevesimqmi1691784684.nuid.imrworldwide.com	68 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 772 gum.criteo.com — Cisco Umbrella Rank: 425 mug.criteo.com	7 KB
4	moatads.com z.moatads.com — Cisco Umbrella Rank: 680 mb.moatads.com — Cisco Umbrella Rank: 724	195 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 116 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	tvpixel.com c.tvpixel.com — Cisco Umbrella Rank: 9491 p.tvpixel.com — Cisco Umbrella Rank: 1919	32 KB
3	tru.am tru.am — Cisco Umbrella Rank: 4814 beacon.tru.am — Cisco Umbrella Rank: 5822	12 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 1158 api2.branch.io — Cisco Umbrella Rank: 805	23 KB
3	nondescriptnote.com nondescriptnote.com — Cisco Umbrella Rank: 29338	25 KB
3	s-nbcnews.com media-cldnry.s-nbcnews.com — Cisco Umbrella Rank: 13509 media1.s-nbcnews.com — Cisco Umbrella Rank: 19068	568 KB
2	moatpixel.com nbcudisplay.s.moatpixel.com — Cisco Umbrella Rank: 12668	502 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 638	790 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 617	60 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3222	495 B
2	rkdms.com 1 redirects mid.rkdms.com — Cisco Umbrella Rank: 1753	234 B
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1447 ups.analytics.yahoo.com — Cisco Umbrella Rank: 320	894 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3020 p1.parsely.com — Cisco Umbrella Rank: 2210	26 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 641	569 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 155	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 781 script.hotjar.com — Cisco Umbrella Rank: 1126	59 KB
2	lightboxcdn.com www.lightboxcdn.com — Cisco Umbrella Rank: 6247	1 KB
2	nbcuni.com mps.nbcuni.com — Cisco Umbrella Rank: 13990	80 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	57 KB
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 662	552 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 592	113 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 221	615 B
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1171	366 B
1	colossusssp.com colossusssp.com — Cisco Umbrella Rank: 1408	242 B
1	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 640	542 B
1	kargo.com krk2.kargo.com — Cisco Umbrella Rank: 3259	498 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1994	607 B
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 2632	73 KB
1	admantx.com usasync01.admantx.com — Cisco Umbrella Rank: 11586	797 B
1	securedvisit.com nbcu.track.securedvisit.com — Cisco Umbrella Rank: 11319	24 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 12711	515 B
1	reson8.com ds.reson8.com — Cisco Umbrella Rank: 3652	96 B
1	app.link app.link — Cisco Umbrella Rank: 2439	630 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 644	481 B
1	cnbc.com geo.cnbc.com — Cisco Umbrella Rank: 11690	291 B
1	researchnow.com tag.researchnow.com — Cisco Umbrella Rank: 2931	442 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	63 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3326	33 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 429	200 KB
1	sbstck.com 1 redirects link.sbstck.com — Cisco Umbrella Rank: 83954	1 KB
194	53

	Domain	Requested by
58	nodeassets.nbcnews.com	www.nbcnews.com nodeassets.nbcnews.com
8	dev.visualwebsiteoptimizer.com	www.nbcnews.com dev.visualwebsiteoptimizer.com
7	cdn.cookielaw.org	www.nbcnews.com cdn.cookielaw.org
6	aax.amazon-adsystem.com	c.amazon-adsystem.com
6	securepubads.g.doubleclick.net	mps.nbcuni.com securepubads.g.doubleclick.net www.nbcnews.com www.googletagservices.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	cm.g.doubleclick.net	4 redirects
4	dpm.demdex.net	1 redirects www.nbcnews.com
3	prebid-a.rubiconproject.com	micro.rubiconproject.com
3	c.amazon-adsystem.com	mps.nbcuni.com c.amazon-adsystem.com
3	cdn-gl.imrworldwide.com	www.nbcnews.com cdn-gl.imrworldwide.com
3	nondescriptnote.com	www.nbcnews.com nondescriptnote.com
3	www.nbcnews.com	nodeassets.nbcnews.com
2	gum.criteo.com	1 redirects static.criteo.net
2	nbcudisplay.s.moatpixel.com
2	beacon.krxd.net
2	static.criteo.net	micro.rubiconproject.com static.criteo.net
2	www.google.com	tpc.googlesyndication.com securepubads.g.doubleclick.net
2	mb.moatads.com	z.moatads.com
2	z.moatads.com	mps.nbcuni.com securepubads.g.doubleclick.net
2	api.sail-personalize.com	ak.sail-horizon.com
2	mid.rkdms.com	1 redirects www.nbcnews.com
2	api2.branch.io	cdn.branch.io
2	cookiesync.mparticle.com	www.nbcnews.com
2	p.tvpixel.com	c.tvpixel.com
2	8168974.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	identity.mparticle.com	jssdkcdns.mparticle.com
2	geolocation.onetrust.com	cdn.cookielaw.org
2	aamt.nbcnews.com	www.nbcnews.com
2	sb.scorecardresearch.com	www.nbcnews.com
2	tru.am	www.nbcnews.com tru.am
2	www.lightboxcdn.com	www.nbcnews.com
2	media-cldnry.s-nbcnews.com	www.nbcnews.com
2	mps.nbcuni.com	mps.nbcuni.com
1	jssdks.mparticle.com	jssdkcdns.mparticle.com
1	mug.criteo.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	ba23bfbabb75a7144a28ba563613a60c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	htlb.casalemedia.com	micro.rubiconproject.com
1	hbopenbid.pubmatic.com	micro.rubiconproject.com
1	ib.adnxs.com	micro.rubiconproject.com
1	grid.bidswitch.net	micro.rubiconproject.com
1	colossusssp.com	micro.rubiconproject.com
1	tlx.3lift.com	micro.rubiconproject.com
1	bidder.criteo.com	micro.rubiconproject.com
1	krk2.kargo.com	micro.rubiconproject.com
1	fastlane.rubiconproject.com	micro.rubiconproject.com
1	geo.privacymanager.io	ats.rlcdn.com
1	micro.rubiconproject.com	mps.nbcuni.com
1	ats.rlcdn.com	www.nbcnews.com
1	usasync01.admantx.com	mps.nbcuni.com
1	nbcu.track.securedvisit.com	www.nbcnews.com
1	adservice.google.de	adservice.google.com
1	ds.reson8.com	www.nbcnews.com
1	adservice.google.com	8168974.fls.doubleclick.net
1	ups.analytics.yahoo.com	www.nbcnews.com
1	cms.analytics.yahoo.com	1 redirects
1	odey8o7krcuep0celnfeevesimqmi1691784684.nuid.imrworldwide.com	www.nbcnews.com
1	secure-dcr.imrworldwide.com	www.nbcnews.com
1	nbcu.demdex.net	www.nbcnews.com
1	p1.parsely.com	www.nbcnews.com
1	beacon.tru.am	tru.am
1	app.link	cdn.branch.io
1	static.adsafeprotected.com	www.nbcnews.com
1	script.hotjar.com	static.hotjar.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	nbcuni.demdex.net	www.nbcnews.com
1	media1.s-nbcnews.com	nodeassets.nbcnews.com
1	c.tvpixel.com	www.nbcnews.com
1	geo.cnbc.com	www.nbcnews.com
1	tag.researchnow.com	www.nbcnews.com
1	www.googletagmanager.com	www.nbcnews.com
1	cdn.branch.io	www.nbcnews.com
1	static.hotjar.com	www.nbcnews.com
1	d1z2jf7jlzjs58.cloudfront.net	www.nbcnews.com
1	ak.sail-horizon.com	www.nbcnews.com
1	jssdkcdns.mparticle.com	www.nbcnews.com
1	assets.adobedtm.com	www.nbcnews.com
1	link.sbstck.com	1 redirects
194	80

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
id.nbcnews.com
www.nbcsports.com
www.today.com
www.msnbc.com
story.snapchat.com
www.cnbc.com
www.nbc.com
www.nbcuacademy.com
www.youtube.com
www.peacocktv.com
veterans.nbcnews.com
www.parenttoolkit.com
nbcnews.zendesk.com
www.twitter.com
secure.nbcnews.com
api.whatsapp.com
www.reddit.com
getpocket.com
share.flipboard.com
pinterest.com
www.linkedin.com
www.csoonline.com
www.post-gazette.com
www.propublica.org
www.dllr.state.md.us
www.dol.gov
www.oig.dol.gov
www.latimes.com
www.agari.com
www.nbcunicareers.com
www.nbcuniversal.com
together.nbcuni.com
support.google.com
support.apple.com
support.mozilla.org
support.microsoft.com
policies.google.com
tools.google.com
www.adobe.com
mixpanel.com
www.aboutads.info
youradchoices.ca
www.youronlinechoices.com
www.youronlinechoices.com.au
liveramp.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.nbcnews.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-10`	a year	crt.sh
*.nbcuni.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-31` - `2024-01-03`	a year	crt.sh
*.s-nbcnews.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-14` - `2023-12-14`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2023-07-06` - `2024-07-06`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
jssdkcdns.mparticle.com Go Daddy Secure Certificate Authority - G2	`2023-05-02` - `2024-06-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-09` - `2023-11-08`	a year	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
nondescriptnote.com R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
*.branch.io Amazon RSA 2048 M01	`2023-02-21` - `2023-11-09`	9 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.researchnow.com Amazon RSA 2048 M01	`2023-03-02` - `2023-11-11`	8 months	crt.sh
*.cnbc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-26` - `2023-11-29`	a year	crt.sh
*.tvpixel.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-13`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
aamt.nbcnews.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-03` - `2024-05-03`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
appipv4.link Amazon RSA 2048 M02	`2023-04-25` - `2024-05-23`	a year	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon RSA 2048 M01	`2023-04-12` - `2024-05-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
api.sail-personalize.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh
*.track.securedvisit.com Amazon RSA 2048 M01	`2023-02-23` - `2023-10-27`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.admantx.com SSL.com RSA SSL subCA	`2023-04-18` - `2024-05-18`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M01	`2023-07-27` - `2024-08-24`	a year	crt.sh
*.dev.kargo.com Amazon RSA 2048 M01	`2023-02-13` - `2024-03-12`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2022-09-08` - `2023-10-10`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
jssdks.mparticle.com Go Daddy Secure Certificate Authority - G2	`2022-09-15` - `2023-10-17`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Frame ID: 8ABD4DB4F3637F48247DC07518CFCAD5
Requests: 165 HTTP requests in this frame

Frame: https://nbcuni.demdex.net/dest5.html?d_nsid=0
Frame ID: 7D6E0EAC14BD6B3C6568B4AD182B81D8
Requests: 5 HTTP requests in this frame

Frame: https://8168974.fls.doubleclick.net/activityi;dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail
Frame ID: 1B4ED07FA4EE81361BEDC24777549AFC
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 0BC23C5CFBA642A46A102B2A3C8819E2
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail
Frame ID: BEFD972A6D39B47628B7E46480AB97BF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail
Frame ID: F5A8365F26A9756548F99128321A4E04
Requests: 1 HTTP requests in this frame

Frame: https://ba23bfbabb75a7144a28ba563613a60c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 66227F30FCBF21088F3DCA2B80A7540F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 387BF29E6C5DDE1DE2262A7E234E5A71
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 345F1C21C7909768A999B8B143CB2E02
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv47HyZ5KxkYJmDx6E42m5wAf550486XWRVXFvvnPFz5GGlFQgofiTED1OpogfuQtsf4gHlGQXXknd0wPGBFmU2FwqqrjI1Ag2HxrZVnGMQeflymNQwCSMCcN1sKDztMjCgXfD5ufWQOf4J_WUhDWdEuD3EJ0CyjOM4njR-Iw30kxGIxcIYHqBK-pCLk3aDwnZwG1HbrBHaZEHVRlOQOysf60dTaf2Hn93JmGMRLndECReicGaIGzkp6iN5pNyYf7r-e3eJb-j07_kLkj0pC2Tm1dGfBDxFFYPyZ854_kaZMbTPpTXbAwUF7LcDlTTtPwqiAlo&sai=AMfl-YSqH0gETABDfocafcnNrsdC9r9uwhFUofowaYjrMS32u1owD5hjZUDiwaNj16_qNTFUJ-jyDhSUo_iAcSfLBryJ6XUfMtupCXspaRkNfysMIAAGbXWBHLOefsepEw&sig=Cg0ArKJSzFdQu0aLqKlKEAE&uach_m=[UACH]&adurl=
Frame ID: 83914A0CD81D963E33D284B9B94E50B3
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.nbcnews.com&us_privacy=1---
Frame ID: C2A575F1DCF9ABF1FF621BDFD2C89CC5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

'Easy money': How international scam artists pulled off an epic theft of Covid benefitsNBC News LogoWatch NowSearchSearchNBC News LogoMSNBC LogoToday LogoBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://link.sbstck.com/redirect/06915d08-4ca8-4c8e-9142-90910afb3143?j=eyJ1IjoiMml6ZW03In0.PGqbPW5x... HTTP 302
https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-cov... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lightbox (JavaScript Libraries) Expand

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

194
Requests

97 %
HTTPS

42 %
IPv6

53
Domains

80
Subdomains

76
IPs

8
Countries

3450 kB
Transfer

11752 kB
Size

64
Cookies

74 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&cid=article_share_facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%27Easy%20money%27%3A%20How%20international%20scam%20artists%20pulled%20off%20an%20epic%20theft%20of%20Covid%20benefits&via=nbcnews&url=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&original_referer=URL&cid=article_share_twitter

Search URL Search Domain Scan URL

URL: https://id.nbcnews.com/my-account?brand=nbc-news
Title: Manage Profile

Search URL Search Domain Scan URL

URL: https://id.nbcnews.com/email-preferences?brand=nbc-news
Title: Email Preferences

Search URL Search Domain Scan URL

URL: https://www.nbcsports.com/?cid=eref:nbcnews:text
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.today.com/
Title: Today

Search URL Search Domain Scan URL

URL: https://www.msnbc.com/
Title: MSNBC

Search URL Search Domain Scan URL

URL: https://story.snapchat.com/p/8bb879c7-45c0-499c-bb3c-7a3d0e229301/347654839924736
Title: Stay Tuned

Search URL Search Domain Scan URL

URL: https://www.cnbc.com/
Title: CNBC

Search URL Search Domain Scan URL

URL: https://www.nbc.com/
Title: NBC.COM

Search URL Search Domain Scan URL

URL: https://www.nbcuacademy.com/
Title: NBCU Academy

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Nbclearn/playlists
Title: NBC Learn

Search URL Search Domain Scan URL

URL: https://www.peacocktv.com/?cid=20200715takeflightoneedi027&utm_source=nbcnews&utm_medium=symphony_display_homepagetakeover_link&utm_campaign=20200715takeflight&utm_term=weblink&utm_content=navlink
Title: Peacock

Search URL Search Domain Scan URL

URL: https://veterans.nbcnews.com/
Title: NEXT STEPS FOR VETS

Search URL Search Domain Scan URL

URL: https://www.parenttoolkit.com/
Title: Parent Toolkit

Search URL Search Domain Scan URL

URL: https://nbcnews.zendesk.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: http://www.facebook.com/nbcnews

Search URL Search Domain Scan URL

URL: https://www.twitter.com/nbcnews

Search URL Search Domain Scan URL

URL: https://secure.nbcnews.com/_tps/accounts/newsletters

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=&text=%27Easy%20money%27%3A%20How%20international%20scam%20artists%20pulled%20off%20an%20epic%20theft%20of%20Covid%20benefits%20https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&cid=article_share_whatsapp
Title: Whatsapp

Search URL Search Domain Scan URL

URL: http://www.reddit.com/submit?url=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&title=%27Easy%20money%27%3A%20How%20international%20scam%20artists%20pulled%20off%20an%20epic%20theft%20of%20Covid%20benefits&cid=article_share_reddit
Title: Reddit

Search URL Search Domain Scan URL

URL: https://getpocket.com/save?url=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&title=%27Easy%20money%27%3A%20How%20international%20scam%20artists%20pulled%20off%20an%20epic%20theft%20of%20Covid%20benefits&cid=article_share_pocket
Title: Pocket

Search URL Search Domain Scan URL

URL: https://share.flipboard.com/bookmarklet/popout?v=2&title=%27Easy%20money%27%3A%20How%20international%20scam%20artists%20pulled%20off%20an%20epic%20theft%20of%20Covid%20benefits&url=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&cid=article_share_flipboard
Title: Flipboard

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/link/?url=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&cid=article_share_pinterest
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&title=%27Easy%20money%27%3A%20How%20international%20scam%20artists%20pulled%20off%20an%20epic%20theft%20of%20Covid%20benefits&cid=article_share_linkedin
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&cid=article_social_share_facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/intent/tweet?text=%27Easy%20money%27%3A%20How%20international%20scam%20artists%20pulled%20off%20an%20epic%20theft%20of%20Covid%20benefits&via=nbcnews&url=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&original_referer=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&cid=article_social_share_twitter

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/link/?url=https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&cid=article_social_share_pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.nbcnews.com/nightly-news/video/billions-stolen-in-covid-relief-funds-119201349781

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Billions%20stolen%20in%20Covid%20relief%20funds&via=nbcnews&url=https://www.nbcnews.com/nightly-news/video/billions-stolen-in-covid-relief-funds-119201349781&original_referer=https://www.nbcnews.com/nightly-news/video/billions-stolen-in-covid-relief-funds-119201349781

Search URL Search Domain Scan URL

URL: https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html
Title: huge data breaches

Search URL Search Domain Scan URL

URL: https://www.post-gazette.com/news/crime-courts/2020/08/25/Federal-state-authorities-charge-prison-inmates-COVID-benefit-fraud-pandemic-unemployment-assistance/stories/202008250121
Title: prison inmates

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/how-unemployment-insurance-fraud-exploded-during-the-pandemic
Title: ProPublica calculated

Search URL Search Domain Scan URL

URL: https://www.dllr.state.md.us/whatsnews/uifraudsixweeks.shtml
Title: detected more than half a million

Search URL Search Domain Scan URL

URL: https://www.dol.gov/newsroom/releases/eta/eta20210811
Title: allocated $2 billion

Search URL Search Domain Scan URL

URL: https://www.oig.dol.gov/public/reports/oa/2021/19-21-002-03-315.pdf
Title: memo

Search URL Search Domain Scan URL

URL: https://www.oig.dol.gov/public/reports/oa/2021/19-21-006-03-315.pdf
Title: reported

Search URL Search Domain Scan URL

URL: https://www.oig.dol.gov/public/reports/oa/2021/19-21-004-03-315.pdf
Title: the inspector general

Search URL Search Domain Scan URL

URL: https://www.latimes.com/california/story/2021-01-25/california-unemployment-fraud-11-billion-investigations
Title: after an audit in

Search URL Search Domain Scan URL

URL: https://www.agari.com/email-security-blog/covid-19-unemployment-fraud-cares-act/
Title: research

Search URL Search Domain Scan URL

URL: https://twitter.com/KenDilanianNBC

Search URL Search Domain Scan URL

URL: https://twitter.com/kitramgopal

Search URL Search Domain Scan URL

URL: https://twitter.com/chloe_aatkins

Search URL Search Domain Scan URL

URL: https://www.nbcunicareers.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies#accordionheader2
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/?intake=NBC_News
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/california-consumer-privacy-act?intake=NBC_News
Title: CA Notice

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/terms
Title: Terms of Service (Updated JULY 7, 2023)

Search URL Search Domain Scan URL

URL: https://together.nbcuni.com/advertise/?utm_source=nbc_news&utm_medium=referral&utm_campaign=property_ad_pages
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.cnbc.com/select/
Title: Select Personal Finance

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies
Title: COOKIE POLICY

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/brands
Title: its affiliates

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy
Title: here

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95647?hl=en&p=cpn_cookies
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-gb/HT201265
Title: Apple Safari

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences?redirectlocale=en-US&redirectslug=Enabling+and+disabling+cookies
Title: Mozila Firefox

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Title: Microsoft Internet Explorer

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://tools.google.com/dlpage/gaoptout
Title: Google Analytics Opt-Out

Search URL Search Domain Scan URL

URL: http://www.adobe.com/privacy/analytics.html
Title: Omniture’s Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.adobe.com/privacy/opt-out.html
Title: Omniture’s Opt-Out

Search URL Search Domain Scan URL

URL: https://mixpanel.com/privacy/
Title: Mixpanel’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://mixpanel.com/optout/
Title: Mixpanel’s Opt-Out

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices/
Title: Digital Advertising Alliance in the US

Search URL Search Domain Scan URL

URL: https://youradchoices.ca/choices/
Title: Digital Advertising Alliance of Canada

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com/
Title: European Interactive Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com.au/your-ad-choices/
Title: Australian Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/privacy/explanation
Title: Facebook Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Title: Facebook’s Opt-Out Page

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Twitter Privacy Policy

Search URL Search Domain Scan URL

URL: https://twitter.com/personalization
Title: Twitter’s Opt-Out Page

Search URL Search Domain Scan URL

URL: https://liveramp.com/privacy/
Title: Liveramp’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://liveramp.com/opt_out/
Title: Liveramp Opt-Out Page

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.sbstck.com/redirect/06915d08-4ca8-4c8e-9142-90910afb3143?j=eyJ1IjoiMml6ZW03In0.PGqbPW5xh7XYMZA0vg40E2SzHnMRWO_d0RbgZxwJJ9U HTTP 302
https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://8168974.fls.doubleclick.net/activityi;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail HTTP 302
https://8168974.fls.doubleclick.net/activityi;dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail

Request Chain 115

https://dpm.demdex.net/ibs:dpid=130884&dpuuid=3700835627480782013&redir=https%3A%2F%2Fcookiesync.mparticle.com%2Fv1%2Fsync%3Fesid%3D37590%26MPID%3D3700835627480782013%26ID%3D%24%7BDD_UUID%7D%26Key%3D65ea0b28a73c4c4abd08599774d30799%26env%3D2 HTTP 302
https://cookiesync.mparticle.com/v1/sync?esid=37590&MPID=3700835627480782013&ID=21217024386278537951428312156609241318&Key=65ea0b28a73c4c4abd08599774d30799&env=2

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=3700835627480782013&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=3700835627480782013&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_tc= HTTP 302
https://cookiesync.mparticle.com/v1/sync/?id=CAESEJEUi06jXXgrz3STXe0YG2M&MPID=3700835627480782013&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_cver=1

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjEyMTcwMjQzODYyNzg1Mzc5NTE0MjgzMTIxNTY2MDkyNDEzMTg= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjEyMTcwMjQzODYyNzg1Mzc5NTE0MjgzMTIxNTY2MDkyNDEzMTg=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELGgu_eiU_TXvPgjN482lug&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 123

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=21217024386278537951428312156609241318&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=21217024386278537951428312156609241318&gdpr=0&gdpr_consent=

Request Chain 130

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=21217024386278537951428312156609241318&_ct=img HTTP 302
https://mid.rkdms.com/restricted

Request Chain 193

https://gum.criteo.com/sid/json?origin=publishertag&domain=nbcnews.com&sn=ChromeSyncframe&so=0&topUrl=www.nbcnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ps6Vw3xmVkY0UGNPWGNnK05QbXkrMGlkSlpPbXJ1SzRwT0FlaXN2RXU5THArUFlkR1VlVFI0cUJ6NkU2Rmt0MDNVUk9rdmxQZEJCS0ZZRVNmRXpKUTl0S1Z6M2NNSlJIM1BSb1d0TWFZZURyN3h1RDJhV2c4Q1ZGcG1sM0lnOEdJWTA0Q3dycXd4VW1YTGlNTjQwR3g3WFg4ZkIya2lUSmdMUEZDSTBkM1h5cnkyUnlKVzZMYzFWKzlDNUVCVVlCang2czFDZ1Z5dStpNVBKNG9WNUNDczM4eVh3ZFVPVHNvUTk5ZVFRZjJBMlFuNng5emQ2QUV1cFRtTENEdDAvd1d4ZDVsRHkrcFVhRm9mZW90S2gwMnd0TWE2Zz09fA&cppv=2

194 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789 Show response
www.nbcnews.com/news/us-news/
Redirect Chain

https://link.sbstck.com/redirect/06915d08-4ca8-4c8e-9142-90910afb3143?j=eyJ1IjoiMml6ZW03In0.PGqbPW5xh7XYMZA0vg40E2SzHnMRWO_d0RbgZxwJJ9U
https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

309 KB
48 KB

765ms
469ms

Document
text/html

2a02:26f0:1700:386::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:386::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx / Next.js

Resource Hash

062e17133910dc59f7d4bcc379c3cc309cb5dcd99c7ca4b414b2ba9487118a52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-language: en
content-length: 48646
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Fri, 11 Aug 2023 20:11:22 GMT
etag: "4d5f2-RIhitgcBsCHyu/S0ahHGTV7ALpY"
link: <https://nodeassets.nbcnews.com>; rel=preconnect, <https://media-cldnry.s-nbcnews.com>; rel=preconnect, <https://securepubads.g.doubleclick.net>; rel=preconnect, <https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq>; as=script; rel=preload
server: nginx
strict-transport-security: max-age=2628000 ; preload
x-backend-server: green-ramen2-54756cbd8b-h7v4z
x-powered-by: Next.js

Redirect headers

cache-control: no-cache
content-length: 348
content-type: text/html; charset=utf-8
date: Fri, 11 Aug 2023 20:11:22 GMT
location: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
strict-transport-security: max-age=31536000
vary: Accept, Accept-Encoding
x-cluster: substack
x-deploy: 53de8b472f
x-frame-options: sameorigin
x-powered-by: Express
x-robots-tag: noindex, noarchive, nofollow
x-served-by: Substack

GET
H/1.1 200
OK load-nbcnews-bento.js Show response
mps.nbcuni.com/fetch/ext/ 286 KB
68 KB 171ms
45ms Script
application/javascript 23.218.208.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-29.deploy.static.akamaitechnologies.com
Software: Apache/2.4.38 (Debian) / PHP/7.1.33
Resource Hash: 88b4d4627e1e206d18640d49737db3589b7a76c88bc34f671842f685a618492e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 20:11:23 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
X-Powered-By: PHP/7.1.33
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 68719
Expires: Fri, 11 Aug 2023 20:11:23 GMT

GET
H2 200 68bcfb9e66b54c2a.css
nodeassets.nbcnews.com/_next/static/css/ 6 KB
2 KB 192ms
56ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/68bcfb9e66b54c2a.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba684c94cce5696458bc5225315ce18647eea2682ac6c0030a1ad5c8a65a6163

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: MxWjgJ9UWkYggTH6SBwLdAf8Z0jZU.Eu
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: JV4FG8PJRF9KSD3P
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683127_388391816_188448689_22_10465_38_0_255";dur=1
content-length: 1740
x-amz-id-2: p/iMjIbTJfO5r/tqUZxlfckk9116wlWPV0HpjPiF1fX5xaV8GB3bhFvY7vWzJHu16ehyehJG3B0=
last-modified: Fri, 11 Aug 2023 01:26:10 GMT
server: AmazonS3
etag: "ed51fe1b73129eb8941472a1b3f052da"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 210813-unemployment-fraud-mb-1713.JPG
media-cldnry.s-nbcnews.com/image/upload/t_fit-1240w,f_auto,q_auto:best/newscms/2021_32/3498968/ 376 KB
376 KB 345ms
131ms Image
image/webp 2a02:26f0:480:9a9::a1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cldnry.s-nbcnews.com/image/upload/t_fit-1240w,f_auto,q_auto:best/newscms/2021_32/3498968/210813-unemployment-fraud-mb-1713.JPG

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:480:9a9::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

cloudinary /

Resource Hash

9dfb30c327bc626183bcfb86a1778567f10e1c85d18c9eec88c22f84bbe9673b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 1
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
cache-tag: 421115986302154765933332025164877933645,231758659386708182331959264227182793022,7831a46e631c715519da9d0ce0a38b6b
content-disposition: inline; filename="210813-unemployment-fraud-mb-1713.webp"
content-length: 384678
x-served-by: cache-lga21954-LGA
last-modified: Sun, 15 Aug 2021 09:10:48 GMT
server: cloudinary
x-timer: S1691784683.306075,VS0,VE2
etag: "3ade2324b7925f822bf57f24a0fa8212"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, private, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
expires: Sun, 11 Aug 2024 02:11:23 GMT

GET
H2 200 fontface.css
nodeassets.nbcnews.com/assets/fonts/shared/ 4 KB
1 KB 189ms
57ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

77014622bb2b3b959cef95b4e87520f3422d0344a366b0820580b9f9201d5b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rJ0HSxqkRVpZ0gf5u3RFI_ZcC7nBQXU1
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
last-modified: Thu, 11 Jul 2019 19:07:39 GMT
server: AmazonS3
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: PS32QV1SHM3TWDXE
etag: "2b115064a98912d96b0f2df36459659e"
content-type: text/css
cache-control: private, max-age=900
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1691784683174_388391816_188448690_351_8313_38_0_255";dur=1
content-length: 686
x-amz-id-2: auH73+tsiySdeD4KPlygvAoRwGUjKmgYIylEB2X08yWG9A9ozyyFCOps8fwriEdYPuze/XHe1zQ=
expires: Fri, 11 Aug 2023 20:26:23 GMT

GET
H2 200 header.css
nodeassets.nbcnews.com/assets/header-footer/1.144.0/news/ 45 KB
8 KB 189ms
56ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/header-footer/1.144.0/news/header.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e300bb0d03ccd64b295a0cdd084fa0ffbcd0450ef22f26f0e2c0834866dbf964

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: eRVFs_LuycaY85ysCCi15mi6xGoPEgeG
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 3R8QPR81YSXHSAC9
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683174_388391816_188448691_57_8286_38_0_255";dur=1
content-length: 7240
x-amz-id-2: jlg48l0HvxeFHLyvdfHYHIIBDySumyzvFgP3k9vb4WGCauO8p3mub6d7i+ABj8apQNbpAvcLuQw=
last-modified: Wed, 09 Aug 2023 20:50:12 GMT
server: AmazonS3
etag: "a6bde2ef4620849550f3e72f201f4398"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 footer.css
nodeassets.nbcnews.com/assets/header-footer/1.144.0/news/ 6 KB
2 KB 188ms
56ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/header-footer/1.144.0/news/footer.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0d0f489c847fae1ef2bcb5e5ef1bb5a05028426b55d5b99712430d3876512d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: mziRWdA_FV57ov2LjaPsj3mo8oZZpSsS
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 3R8S62G90C0677X0
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683174_388391816_188448693_57_8286_38_0_255";dur=1
content-length: 1422
x-amz-id-2: EHhpj5vhCbtbN35Qeq5N7TbPAsKi1SFyKz8EQKeH85IskWqW8UIDxK1nroZBZ1rNl9jGlXg+oxU=
last-modified: Wed, 09 Aug 2023 20:50:12 GMT
server: AmazonS3
etag: "8bd9596fb4498ffc89266477270cd1e9"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 e8652ba1a907f69d.css
nodeassets.nbcnews.com/_next/static/css/ 7 KB
2 KB 270ms
138ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/e8652ba1a907f69d.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e6beb00e75f332564823b34aca86d7b13c4d4f5aa8f29089fd7fe23439570bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Bla3TJfCWcgzrVFIXf5NFO6UbUCWK.M.
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: P8DDYMT74Q0880E1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683209_388391816_188448706_25_6064_38_0_255";dur=1
content-length: 1870
x-amz-id-2: 2slEYBtVsE1i2QFTtpVdjBX/U993QlMo34VID3XthnyOKRh0JwtyYhGX/YnP0QDWZ3SsgWOe4XE=
last-modified: Thu, 10 Aug 2023 22:11:50 GMT
server: AmazonS3
etag: "8f7a953ee546d1a079d1a322980f1b3e"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 a5c582a69b6ac44c.css
nodeassets.nbcnews.com/_next/static/css/ 120 KB
13 KB 271ms
139ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/a5c582a69b6ac44c.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eb7d94c68fd95098d442185b5521bffa0aaef8bb2dfd847ece2e804e0603408c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 9mDkJa895o_W9j9UdDyarrILKUkU3q2a
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 5P0F04GM7JNQQTB2
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683209_388391816_188448707_29_6008_38_0_255";dur=1
content-length: 12657
x-amz-id-2: xPgB7Gzs0TJUJyZOybIWwQdPm5ageXg1sbHpcPN5JQnKj16mNKug4G3qLnHcqHD2ECX+a9ggB8k=
last-modified: Fri, 11 Aug 2023 01:26:10 GMT
server: AmazonS3
etag: "782f7c9959aeb85427a4c18f65d66268"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 86e3917d14e528b2.css
nodeassets.nbcnews.com/_next/static/css/ 42 KB
8 KB 187ms
55ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/86e3917d14e528b2.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b43976d90420b5281b8254f6078e8b0cc4fe05e09ec380c5faeaf4747937935b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: hWDo49oR0LyhMX_VcAp0gpe.3qtzFE4c
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: MTR64TZGK93MDBW7
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683174_388391816_188448695_59_8243_38_0_255";dur=1
content-length: 7192
x-amz-id-2: zcM0//efTrcRi7KsZ0W/f5s4lnqN+HfIMdLFqAPnM0L6ugGQ7WvVQZQnx508rMLV+kt5NbgB+xU=
last-modified: Thu, 10 Aug 2023 22:11:49 GMT
server: AmazonS3
etag: "e3a5a62ce4135136c1d094675899b4ae"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 912fbfedc7c560f9.css
nodeassets.nbcnews.com/_next/static/css/ 61 KB
10 KB 189ms
57ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/912fbfedc7c560f9.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b010974ffa06648b152996171e7ae8961e05fc21dca1370d357f99525cf2c324

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: m6ySJXysXGsQVHPaJ53KrcaYm7LUJFZ9
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: HHF3020Y8FR5NN0Y
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683174_388391816_188448697_56_13556_38_0_255";dur=1
content-length: 9229
x-amz-id-2: wUFEnzOCefLR3O4Tr+jwEmPJ3noVMBAakPKUpnUIb6R4dR7RgX9D658o+YwILB5TbP4iuL9MntY=
last-modified: Fri, 11 Aug 2023 01:26:10 GMT
server: AmazonS3
etag: "84082c3de12d3d3bb6a46e7ea829b7b2"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 09650da354e33f40.css
nodeassets.nbcnews.com/_next/static/css/ 113 KB
17 KB 271ms
139ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/09650da354e33f40.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

50f12dc4b62b9b5edca4a81bf47fc509402fd6a0c93ccabb6780cbbf15c2a64f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 3hcQDKjwYiLPOtfb_3s6KRXkbk8b3R5v
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0D74Q915PSGK9JN
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683215_388391816_188448704_552_5741_38_0_255";dur=1
content-length: 17063
x-amz-id-2: 3E4MTraO28IRpYaGWxjr6iX5ovmeVq50Y8j3+Hk+8r3PDM7KWan+ZLSBrcrA3lOTdicxIYhP94o=
last-modified: Fri, 11 Aug 2023 17:12:32 GMT
server: AmazonS3
etag: "00b308ba13b76bfb3b9c606a182eb4c4"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 abd4c5697fadd383.css
nodeassets.nbcnews.com/_next/static/css/ 212 KB
29 KB 187ms
56ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/abd4c5697fadd383.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

96d6583f9cbd8c69f49a4842b402c0176812aad03f216d94676e4b824d884102

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: xwm7RuKlkQYTNO.JbR17YugxG5m6h.ZB
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: AYQGDZ036ESVJGM9
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683174_388391816_188448696_61_8215_38_0_255";dur=1
content-length: 29177
x-amz-id-2: IzBR9gpDnH/1kWpK7k6JZIDvJ5WzQQA7dJ45MGbtSqtD5vV5g97L8gp2fk+uyJPGTOSlv9wIxyQ=
last-modified: Thu, 10 Aug 2023 21:36:42 GMT
server: AmazonS3
etag: "2e7e9d94799554b7712a57cae728a6fa"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 6f2d7319a16a8b5a.css
nodeassets.nbcnews.com/_next/static/css/ 46 KB
7 KB 270ms
138ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/6f2d7319a16a8b5a.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d96fc764422fb206b40473034ece6980d3a82f94151b13ea8128d9747c3e637

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: KgAU5I0Q0GO6IylypLiTvyehC6n5MI5a
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: E6HXZB9HG0NE2G1H
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683209_388391816_188448705_24_6074_38_0_255";dur=1
content-length: 6896
x-amz-id-2: P1m3eAbj1yFc0VFqgubFCdmdJqGAwqCzakVoT/Mqa0y5B3SARSTcMX1DQoFbPoKHi+lSlmSAf+o=
last-modified: Fri, 11 Aug 2023 01:26:10 GMT
server: AmazonS3
etag: "12dd7f8241a0fec8d775698c30ac0a0a"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 deea75d685ae7258.css
nodeassets.nbcnews.com/_next/static/css/ 93 KB
16 KB 186ms
55ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/deea75d685ae7258.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2dcfe30523fd22398e13c143421775064ea95c7e35774878d11332503f9a237e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 4_yxDWyy8SGcAi8PNMS2CGBNtllIHOSR
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: N6CZ4CCR7SR8ZY5Q
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683174_388391816_188448694_60_8242_38_0_255";dur=1
content-length: 16087
x-amz-id-2: NV3QbobehvvaHrNA/zLNriQN0m0y4P03bZTVqwN5yZUNlA26Krkmo6BDbBm6OatXwtYIH8633yc=
last-modified: Fri, 11 Aug 2023 01:26:11 GMT
server: AmazonS3
etag: "9b2facf46e8f9fb4ed4853b562c8ed20"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 0fab545e4051696c.css
nodeassets.nbcnews.com/_next/static/css/ 20 KB
4 KB 270ms
138ms Stylesheet
text/css 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/css/0fab545e4051696c.css

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6c371d78b8de54ae1376578042c383699753ffc0732308a83f626e534ad2cafc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: _o8M6HZkeb14pdXt01mEDm4EC1Pmrepr
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: AYQQ8Y9BZH5A0320
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683209_388391816_188448708_26_6042_38_0_255";dur=1
content-length: 3981
x-amz-id-2: KrPcaUfm80g1fehivtPQd9EAKLD7A71QpSSmz1Gka6AaMQOhYxOG7j5yP18VJC0IWG1f3am64Og=
last-modified: Fri, 11 Aug 2023 01:26:10 GMT
server: AmazonS3
etag: "d5c05085dcfac30fa40fca215a3e16f4"
content-type: text/css
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 webpack-19678777aac4c7c3.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 9 KB
5 KB 70ms
63ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/webpack-19678777aac4c7c3.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a92201fa95a7940492030e2e450a66636d725e60414bfd7f3216b567ade783b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: l1TQEJhCKZ_rkmz1LXubsHO2AoluegXM
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0DC0Q3GQ1SHXAKR
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683274_388391816_188448722_19_6312_39_0_146";dur=1
content-length: 4147
x-amz-id-2: WQpvDthyd8ZH51sQKuQmZPKEg40cfEx5FQkIh6IaKRsz8SDN4an7JMibi2IlK9UW30MSBBJDbb4=
last-modified: Fri, 11 Aug 2023 17:08:48 GMT
server: AmazonS3
etag: "6dc319d5671cef61b182ec911fe0d06b"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 framework-79bce4a3a540b080.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 127 KB
40 KB 72ms
66ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/framework-79bce4a3a540b080.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: aZimeCWZco1y0_MCt8hECJtwaafudI12
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 1S8SE85J261T83F6
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448724_113_9846_39_0_146";dur=1
content-length: 40519
x-amz-id-2: 1MBOQy9d33/HeuvAyeYbeu6GvvRD0pewQq2KHHtkI9Iyr5Ow9qiYrl1+6BbGVo8hoh44DomAvbo=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "8ceac1a0789024027e37cca07bebaad2"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 main-3626adf95c8c50d2.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 99 KB
26 KB 75ms
68ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/main-3626adf95c8c50d2.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

68179b2afb435b07725952ee0ccbea4c87220b9cd756d4f584e2867f277a7c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: bj6RMxh5aJK3i.zVWCBfO6XqFshcPATe
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: C6GJB5J97B2WM61Q
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448725_105_9861_40_0_146";dur=1
content-length: 26339
x-amz-id-2: YEpBSYUZbpa5jI+3IEsN9aW4ZwCyGHlOe/mSAfS4SeS28SrlKmn51Ooa5c41X2DYyhKh9fl480k=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "7ff83a4e2b67ba147d0270dd1637714b"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 _app-53031a841b9fbc28.js Show response
nodeassets.nbcnews.com/_next/static/chunks/pages/ 525 KB
147 KB 74ms
67ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-53031a841b9fbc28.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

84ee2584931c1134cb37441f22834730e8bcc740861c7ab9200378f5f24f60fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: lARDwPY5cyKGaL3rUOMaUI7vW_wkQJ0a
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: GN3ACP3056FMC7CM
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448726_111_9838_40_0_146";dur=1
content-length: 150182
x-amz-id-2: 5tRfmJmCm8LPnDr6OwdF83VLMoGYWmhrxHypdjPnI8Wd9Q9Y0I379JhOMjC63yuKgmYa3kJmJOo=
last-modified: Thu, 10 Aug 2023 20:55:44 GMT
server: AmazonS3
etag: "a9123bca2f45d88325302e1d82b2f72e"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 f3dea186-cb45794ed4085831.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 906 KB
30 KB 74ms
67ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/f3dea186-cb45794ed4085831.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dba8842a30a0214ed2532bc6d5be0c667506050e386c56a11be5dc80d34cbb2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: GOEjxVPy0AyiMip_.qx0OKpm4rDYIDSY
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: KV67N61GBHGWKYZZ
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448727_109_9827_39_0_146";dur=1
content-length: 30091
x-amz-id-2: 0Q3m41wjJMVEfEn9d+qJf7+AjM3g0zZBhbp3OZ9e5z4X/+nWxNtxc8OUSkm9dIjAYr4vgaPSWHo=
last-modified: Thu, 10 Aug 2023 22:11:48 GMT
server: AmazonS3
etag: "66651eb4a8b0b5346cb7f5d29ce5a183"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 2974-eed357adcd1a70ce.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 157 KB
37 KB 73ms
66ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/2974-eed357adcd1a70ce.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

16be7368c4db8f156aef05f1885b0ee2162a9e9b8b7ff16bd1579a4483ef9daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: bu4pGDq6Ygru7vQH.HUZQjvjV3J69O0T
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: QXQR4B3GQ60M3KJZ
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448728_109_9787_40_0_146";dur=1
content-length: 37057
x-amz-id-2: 6PskeN6kabRyx0IXgFFV2rZOGTjjRULcg4McrNk86AOWSBq+vnErDk2X3FbusXtOzoiHH84In48=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "da8ca8f164dfe48cfd180f5e44a99f5f"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 8254-5f7fe7bf75a6c88e.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 28 KB
9 KB 75ms
68ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/8254-5f7fe7bf75a6c88e.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1f9187f094239de8b9cfd32162b64e9e8ceb17cc55d68a1eac2b0bc85ef12e2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: pNnjB73_o0i6.4VJnW74_oD8QIS50jXX
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: MSA1WGCCGXDDM60K
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448729_113_9779_40_0_146";dur=1
content-length: 8853
x-amz-id-2: gk3QHgVOEFCY/QmT4acO5SBE3ODO9LbJLPT7swDFfrHxZf3n+zlFRrcSVYInbyxe0GR6u2WnCis=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "4292093418df3f2865099ccdfab78114"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 9933-e276882529dce11a.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 16 KB
6 KB 73ms
66ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/9933-e276882529dce11a.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb399b9ee5e0daff6b915936873c31e7405040b9e586cb02988a513ff43e55df

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: f3pi1FvOQPZFycRTbEjBx3vZ8y2N90bO
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: S2209GXKVSRQQFPG
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448730_118_9730_40_0_146";dur=1
content-length: 5662
x-amz-id-2: dzguJYa0RCn6bNn3a823OPHZbLBuIlyx24So9EDRYHo0yBNUfwaHpilsIoGlpc8eeljzt4sd6bE=
last-modified: Fri, 11 Aug 2023 17:23:45 GMT
server: AmazonS3
etag: "01b84215a2bfbdc10fd6b9dd2fbe1fc6"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 8530-de3ebe774ac73f5b.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 16 KB
6 KB 76ms
69ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/8530-de3ebe774ac73f5b.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b78ab16b972a289c3f833bb02edc358e3315ee48ccb618b57bd6e3c8a230c164

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: dOZbUfTf8Wuev.13Mvnj.AQ2GEH1Myo.
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: FY5S9NCQRPMRNDHN
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448731_120_9732_40_0_146";dur=1
content-length: 5459
x-amz-id-2: kQyIiVRiyTsEdpK13UUVdIJiB3Qx3IUkuZR0c3OzO/0ODIru7UlSTXxz2/KpIjC1O5ai4PObZbo=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "b9a538671c59c2b1a9d4494e9efdb6cf"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 6205-6a3f04e96a8435d6.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 218 KB
65 KB 73ms
67ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/6205-6a3f04e96a8435d6.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d7bce4354208897cefdc172e0023efb5070f1a6ca0058a6a0ba2142c8ed8ab03

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Q95pdAoW4zDkRvYerLIsc3BnYZY4MGp9
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 5JHZJTNZXCNPG7S5
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448732_123_9724_39_0_146";dur=1
content-length: 65967
x-amz-id-2: xpDLjLuhlOKI1uwM4Gi5Vo3iUVgyR0rqUMOEkEeb4nVmr8mJzf5pSCGkxeUzjFbAMeBP1eyzMJQ=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "b4e0c88b883ff9a0d1fc19e456f1b4e5"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 2466-0fae49dcf17d7fbf.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 25 KB
10 KB 75ms
68ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/2466-0fae49dcf17d7fbf.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6fadd70a3b68e5b50db0a1a8e8b20ee77c76ae8400a7c1df193a50822fb0fba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 04SbwCFb.9GcFzJt09ym_RSbSTvkSsiM
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: DND63VT1SVQK69F5
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448733_118_9689_40_0_146";dur=1
content-length: 9368
x-amz-id-2: aXeA+U71ybSeExGW3SS3qhN5zpVrSIUxWMgkFehgESveioXqhS4uvG19IoqC80pFP7lUPvpL/oM=
last-modified: Thu, 10 Aug 2023 22:11:47 GMT
server: AmazonS3
etag: "be350b8e19c45136e5056ce31a5dec71"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 9946-1132ce59d701cfaf.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 84 KB
25 KB 76ms
69ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/9946-1132ce59d701cfaf.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

107dd02c75777d518488a4e0b04c4de22829fbf97de4a75bff84130382732dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: pPBnH_lHhY8mAjliJ2nyRmnJ48XeVSk2
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: VHHAK741DNS3HBPX
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683293_388391816_188448734_951_5990_39_0_146";dur=1
content-length: 25299
x-amz-id-2: X+kX15Cuvf09mqNMtM6duhJXkPdRjn4OfCs+zDkVVKlFNKW6aXn8Vm8pmpPhLQ5MMBPnCOPN9Rw=
last-modified: Thu, 10 Aug 2023 22:11:48 GMT
server: AmazonS3
etag: "bf75180f85d9e0aa07e2df583caa813b"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 5519-96eccbc08f7f2023.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 15 KB
5 KB 72ms
66ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/5519-96eccbc08f7f2023.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

541b5504975cab60ee778063f29f6f9320ef309ddb0dc9ca2781f9328c90575e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: GcfW2J5Cb57xwNJdGg7QPCLlaFGMhSBC
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: KX5VJ9PPP8HB6E37
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448735_117_9661_40_0_146";dur=1
content-length: 4733
x-amz-id-2: lyW6Q/axeemXxTtmBz8A1Vb+IDhsOzIWOGiFoaC1xKrQ8MPg6JbZg7F9GPSa2Ylu6PMwW5kl0D8=
last-modified: Thu, 10 Aug 2023 22:11:47 GMT
server: AmazonS3
etag: "6bac913d27108c1c4752300395ae2863"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 1216-c996b908a5d0bba0.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 7 KB
3 KB 73ms
67ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/1216-c996b908a5d0bba0.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f536230f018214f31c7ff72a1f3720315b4892849e9390ac692d2adfad0ad917

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: paeEZEKzZfRpX0JPrbp7_72OnbXNwXLb
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: S29NVDDAE5ZS0KB0
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448736_128_9634_40_0_146";dur=1
content-length: 2449
x-amz-id-2: NVE0WNqxcG3jxt8PRY185+kBHNZwwo17mmV3CEpV3KD7X26GCzim9cM+THukq/0ecK0snTWnBso=
last-modified: Fri, 11 Aug 2023 00:31:59 GMT
server: AmazonS3
etag: "b42a0d0e5433315e5cce3fa76a7ace6b"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 3872-7cb9eaf65d75294a.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 47 KB
11 KB 74ms
68ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/3872-7cb9eaf65d75294a.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3f92f360dcd54479ca1f495c37a0a2a32b5eaf1d1028aa3cd79b4fb3977cc1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: qSW27nRBgDuoZZSBrJhKfdwS_.XOM2Oc
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 96T4XD1T3GY8C308
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448737_124_9573_40_0_146";dur=1
content-length: 11130
x-amz-id-2: wkBsaYls8kY75WozOhOoXMvedFHE5o94bc42bMP2LrX6Uuxau4qkMKGiUD4KzJn8d9ycZSusJCg=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "e592d9d6a281271d7577216397748488"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 9294-92025fafaaad2e02.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 28 KB
11 KB 74ms
67ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/9294-92025fafaaad2e02.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

837d2f960a4a5ca4b0fa92f295bb6dda0dc551274f45bda82679091e24e3ba38

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: yidjjhHStYJKDkA5hQC_iQAJ4bKhygAe
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: FV14Y2AMA6CG9C55
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448738_128_9528_39_0_146";dur=1
content-length: 11240
x-amz-id-2: +eQ0TrYvIEmRFnzcuIaYGY/UWAYty1H7frmZ9wgDdu+ohtFSV9Xm18whkJAaXMCTl0XzwFcO8Hg=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "c8133f17696df42413cd297941683103"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 7711-6bf531e620ede30a.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 11 KB
4 KB 75ms
69ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/7711-6bf531e620ede30a.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8f34ebc564ab6471bb209da166c05e6667d1f10a298e3e613f34d58402e8c689

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: HMkholwhkdXbGbLi10xCnntFGApBTtXE
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: Y2Y7MCSM73KR95AM
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448739_132_9494_40_0_146";dur=1
content-length: 3915
x-amz-id-2: 9l46nfqvhkKREaJVpYzv7B3q21n0Je9WFpvpiNZYFziX56EAB0Nw9PPO6JRQGZIIEVomr+NCFkg=
last-modified: Fri, 11 Aug 2023 15:23:32 GMT
server: AmazonS3
etag: "b059587bc789c99569795014932faeb7"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 4869-38c96646bf00ff69.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 25 KB
8 KB 75ms
69ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/4869-38c96646bf00ff69.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9dbae1c52b25e80d49ac4de0774de054ed6902db415e20f444f244d8b6f98e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: PQRsC_YXZRsQEWLKwyUSL437WocNoTfd
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: T2S4191T9GP44R9G
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683293_388391816_188448740_949_5996_39_0_146";dur=1
content-length: 7242
x-amz-id-2: QFUO9bvY/R2cB6cMXZoY7eDW4AALP6XbLYDzfFIoZpO4Kwof/51OGCXfsYeh4qUn7CQXTJcvuY0=
last-modified: Fri, 11 Aug 2023 17:12:30 GMT
server: AmazonS3
etag: "b5f72ce5a503a8b028820fdb6f6e691a"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 4010-f423ac2f721d1403.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 44 KB
12 KB 76ms
69ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/4010-f423ac2f721d1403.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4ed7db0ede77c257549059f0fd4e06bfd9d2daa94979e2af5b9043607062fc91

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: ssSO9tyHIbqkewEXRiUKfX2j_g2pnq9t
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0D108EF6BXKM6GQ
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683293_388391816_188448741_951_6120_39_0_146";dur=1
content-length: 11417
x-amz-id-2: oxcCocU6iqLBbnozl3sskQJBlgalX0cpeHxRNX/gTl0kJHaevqRWjompgTZGtDUaTwFxXltDxK4=
last-modified: Fri, 11 Aug 2023 17:12:30 GMT
server: AmazonS3
etag: "74346763a98c8b69c2e1fc9470bc97ad"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 4215-95a8b73acbd5734b.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 151 KB
43 KB 74ms
68ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/4215-95a8b73acbd5734b.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

66d0d266cae0989bb6bba49c65b8452c01b9176d5828d304e49d339c2c49f28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: dDMqtOHhQvO7ZiMStTkoGBKZEMuGPP3k
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0D05B879S7R6P36
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683283_388391816_188448742_132_9459_39_0_146";dur=1
content-length: 43466
x-amz-id-2: eb/rmD28uORnz+icXoEoBuPQGr9zkC9vr/k3hB+Iik3Bji/HIo94LLaYXMLsGRj+STxREG5vin8=
last-modified: Fri, 11 Aug 2023 17:12:30 GMT
server: AmazonS3
etag: "0114e763118434b65b68c3dfbc05d290"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 7778-ec0787a4773a183e.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 42 KB
11 KB 155ms
149ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/7778-ec0787a4773a183e.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

37bfb97c7a47fd0d3800e89b3edc8f4fdbbc92ea29bf58f9723d3fdd6343a84a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 2p2NNyagABxpq7zegDF9cHrsL9O5FIKv
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 6D26D31FQJ5CX2VV
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448749_58_10152_38_0_146";dur=1
content-length: 10415
x-amz-id-2: 5wZ1/1PRAtN398qKD5JigyRzE34WLkvRCwvk+r9smsbw9b3zif89Fbb8tAm+H5UPCltVCYwccJQ=
last-modified: Thu, 10 Aug 2023 23:42:19 GMT
server: AmazonS3
etag: "d8aedacd4ec18ee96ad2cb57e8357c9a"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 5279-73c91d248227f043.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 11 KB
4 KB 154ms
148ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/5279-73c91d248227f043.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fdb34b1ef3887ed0b7291072c13b7e97f1e9c1b8a467fcbd48b61ffffb422fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Lmocg9pezry1NiUpH2VnT5cg.Wy_0zN4
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: DZ5W9YQGFXT85YNJ
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448750_58_10123_38_0_146";dur=1
content-length: 3999
x-amz-id-2: uAauNOHvhjTqkxDOgKqsCP72PnJatTt81eJaBF04egctE2dcWXvF7CmwSU0C91fey9KblD2aWcY=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "36e0ce8b33098147a2abe417a22c756a"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 1733-6c3c49821af7f911.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 15 KB
6 KB 152ms
146ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/1733-6c3c49821af7f911.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

36a66171502a5081bfe6245a2cfaf78b7d45ecdf3fbd1e842afc174519644052

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: CccoSt3Z8fHy7RalzzHPPRGQXLnOipC0
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: Q5GV0RM6SXW2YW5Z
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448751_59_10119_38_0_146";dur=1
content-length: 5544
x-amz-id-2: SZESODwo+l0e8vypNiUv4goEwRGgQpH/yhJ5/NpyQ+JauCmXQR/bpGwSLuu3XgOAd+8dVubSNeM=
last-modified: Fri, 11 Aug 2023 01:26:08 GMT
server: AmazonS3
etag: "d57cf91f384b24509744f2c0571f63fc"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 7444-ee6d1e8ed6983246.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 12 KB
5 KB 154ms
148ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/7444-ee6d1e8ed6983246.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8709cecb4b98dd2089aa830e3b2c23461580f352cb97ef3fadd9cbec6b5e14cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: h59xY.dejxUk690NNYTfVqwOJjf3k0Jb
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 7G3J1S9V6WTRXF5E
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448752_66_10075_38_0_146";dur=1
content-length: 4358
x-amz-id-2: s51jgRfYmEP4rLum83OTvQf3S9BVGiTnUXmnxQVMGNKsieLlghWDQO5L9/g6wuJsUan6sABGogQ=
last-modified: Fri, 11 Aug 2023 17:12:31 GMT
server: AmazonS3
etag: "69bbf4d33453709a0d0629d76f948d47"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 6970-82dc4ab3cca6134e.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 69 KB
18 KB 152ms
146ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/6970-82dc4ab3cca6134e.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

82e99be5296a64d1cde35ec1d74aca80e44aca5eba2098c93076c7e86667b683

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: he.KcwHT9SXXQ4zfWUkuoWT9EKvc2DC6
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: B2V25JSXDM14DVX1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683317_388391816_188448753_109_9490_38_0_146";dur=1
content-length: 17575
x-amz-id-2: Av8fqE/SVN8HPHO6ySgNcd2t99fTRzbHUDmfQGNRO/89lynB52ixUKTCAMo4tAa/KKtzCAlHzXA=
last-modified: Thu, 10 Aug 2023 20:45:16 GMT
server: AmazonS3
etag: "969d21912f864451980b8a4c2d4f2d9e"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 129-e4fd3a03f923ba54.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 54 KB
15 KB 152ms
146ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/129-e4fd3a03f923ba54.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

23336abd9d1bb27d14a7f3b3d45e8a9132446ac04d5365823f07856bf996ceb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: WdCEKCvOcZ36n77xehLe34VRTdT4OSza
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: MFVETDDPVQX5V5FV
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448754_57_10140_38_0_146";dur=1
content-length: 14356
x-amz-id-2: zfWmpvC3OCc7FGUu7DT6cpKUMfhXBvsiY0a5R5btzZC/ENLbpGsZf/AWXlrNk3tspE3VxvKL/ds=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "bcffa770f4858d473fb8b20363113a3d"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 2617-af82ae9f457f27b5.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 28 KB
7 KB 155ms
149ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/2617-af82ae9f457f27b5.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8553b1c5d9a0629a8d1f82874918f5e203267cdb5ca1d14a5c224fc9afa7ba8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 7uoBay8kZwPlvkKtZlHbH2zDqJHNoElD
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: GD9HNG09D6MRBVNW
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448755_65_10060_38_0_146";dur=1
content-length: 7068
x-amz-id-2: frOsD5ywaxOeTs0yNeftFqig4lrtZWaFjvFNkiCWq4m2L6M3hX+4CoRnM/Yc2RZaVb3Tl12NE0I=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "c250241bf6059ab04c097c32e3771e3c"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 3891-741a909ce7ac78ac.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 138 KB
37 KB 156ms
150ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/3891-741a909ce7ac78ac.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d5dff8cb0971d056c1a8f3e22e096eb18006e00a4ad48d2eb9308b149172adbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: TUreRTf2rQ2RlVbmOwwarJFBsKD7V0HL
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0DBNRMPHGW773N4
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683327_388391816_188448756_935_5888_38_0_146";dur=1
content-length: 36998
x-amz-id-2: A1Yg2rPuDTN9R/BN3k2MKRgpfvdARMF5PvBd+t9y2UfBHvi3Torj+WBvqHaJXhCQWfQicEVzaRs=
last-modified: Fri, 11 Aug 2023 17:08:47 GMT
server: AmazonS3
etag: "fd75fdac634100cb14aa17171ed773b8"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 1320-4adb03af31883e11.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 144 KB
32 KB 154ms
148ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/1320-4adb03af31883e11.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b5abb7a38b973f2afb7a5db345e6e3af00e0c7f0d25c054797f78cb2653fd301

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: vFriRThl8TIzroN8BZPmPhn.y.Z0s13L
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0DCBWT5K7X76AXS
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448757_64_10034_38_0_146";dur=1
content-length: 31807
x-amz-id-2: szOZu6d3aGj3ysMW1Y7C49JLWzzLw7vHLrydxl+Yu3yLkMQtK6ziy2xN9udkNGCNyyYb+Mr/1Q4=
last-modified: Fri, 11 Aug 2023 17:12:30 GMT
server: AmazonS3
etag: "032323e88344f2e3b8e0ae13abb428a5"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 9590-49619d161f64b42a.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 37 KB
7 KB 153ms
147ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/9590-49619d161f64b42a.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bc0940918f4137bbbcd28d2b192976c761bb965001ee850e0200547c801fb2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: EeznDp9WL.._uxrKWC7Y0y5wG_7ghGwr
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: SGFC0XD4S56N8BFH
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448758_64_10031_38_0_146";dur=1
content-length: 6875
x-amz-id-2: IWBvzamwIXdMd7TllXUdMs10bPld+T1qmf6lAWGuwp8QEYBXVwgnZ8ucNolfiBsEIHaiCfXf80A=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "e4c96e9cb24ed5d0932a0fbfe4f72c53"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 7975-28df849e44c21d07.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 52 KB
18 KB 151ms
145ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/7975-28df849e44c21d07.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3fcf11828806eb582564209cdd3a2d7122be445ae1bca8ed97abf96a86dce4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: xXM0jSzEUcQrPYvw5mQx9f5MQNxjmXFd
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0DEAX1C1FAWB7P0
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448759_67_9998_38_0_146";dur=1
content-length: 18142
x-amz-id-2: dqsVrR96eF3FlZPAdPTX52qI31gTm+98goGES8O051SrHCWOFAhp0mhf8cO4wQR7FCaLMm/qhxM=
last-modified: Fri, 11 Aug 2023 17:12:31 GMT
server: AmazonS3
etag: "a73ad3ddf27441e6e2ba054d5177cacc"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 6562-689675a647e548dd.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 35 KB
10 KB 154ms
148ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/6562-689675a647e548dd.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9656696ac112c4857545329ec7d475e6a5f4072c7aa4b7beeca4810f73cb05dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: FjscAev1SoXauEf0.vqa0rfIS4C1Giy7
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 5P08WG44F6QDG1D7
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448760_68_9983_38_0_146";dur=1
content-length: 9567
x-amz-id-2: AGIJNDTkTU1hgwa02mA0QSI3q0dIXk2gCc0Kft1ViMpo1mARJG5u0WpWwUylbrbhMFzY+bUv7zM=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "64cdfcec36275763da3038e8797d9295"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 7980-0d8ebbc3b6fd7b16.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 82 KB
22 KB 152ms
147ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/7980-0d8ebbc3b6fd7b16.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bf3a6b83617a590dcdabc93f3170e2418ea6825b728612041b09377d5058535f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: KOQW5ZCd7OQdVL3zI1zfkFgImCvHWM_F
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0DF23T5PVF63M03
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448761_67_9974_38_0_146";dur=1
content-length: 21958
x-amz-id-2: s6WUpGVvxsx4IbHqR0Zkco/Yao7wIOObfT8wmkMjLtyxVkMwr8T1jEv1HgtGnsEl+AQQvqakalg=
last-modified: Fri, 11 Aug 2023 17:08:47 GMT
server: AmazonS3
etag: "b6aa4631fbf6f621c8c9c7f0ba4468f8"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 9643-4186f9126ecf24b0.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 33 KB
12 KB 153ms
147ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/9643-4186f9126ecf24b0.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c0d3362277f35f91e37f2b4569754cde92620fa20a333c49655ef43b80cce37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: V83YymfPlGMKtfErsbl0KLJuyjqI3_EM
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 250ZDWACK0XEP4WN
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683317_388391816_188448762_102_9549_38_0_146";dur=1
content-length: 11961
x-amz-id-2: SryqZ764taO4Q6Zxvwb1Xc6FrmoBPJwv3pyMuIuqJgowRsMS0MoeygKKcrPH16reoFHHf3MoR8g=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "1b6d8c6855f0633ec5c72e75f5545b2c"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 article-6a540b4187e0c46a.js Show response
nodeassets.nbcnews.com/_next/static/chunks/pages/ 23 KB
8 KB 153ms
147ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/pages/article-6a540b4187e0c46a.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a5f2bbb60e7c7e8763481edcd2334d6770f57e463209cfae3d63473b90c4f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: c6gurRuckBNcBukhRJaTZpDfwrsh2_ui
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0DDJ40B9QJC5DC0
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683317_388391816_188448763_106_9515_38_0_146";dur=1
content-length: 8083
x-amz-id-2: GHcCw+3PC2i5ARgVX3wYaU9Eb+UpbyOXdGtA6mYAeFDKS4DcVYROILVnONYp/ph8pEhYXKBVc0g=
last-modified: Fri, 11 Aug 2023 17:12:31 GMT
server: AmazonS3
etag: "a985b43f6ca38cc0f12ad555fc0b6ca5"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 _buildManifest.js Show response
nodeassets.nbcnews.com/_next/static/751e67fde1007e41043b3321b25b5b61bc65355a/ 25 KB
6 KB 154ms
148ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/751e67fde1007e41043b3321b25b5b61bc65355a/_buildManifest.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f4b789a94b43b21f595fc45c22051acd05c2f653a39d2daf2685303c45e33d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: qbahnr1_hUh0lN7iGxnhXHPXfdCnLYKJ
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0D9NSBEXZSSDC96
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448764_72_9938_38_0_146";dur=1
content-length: 5914
x-amz-id-2: Ig9X+cD5EQtwUt+NKpatNtsDeL+rC7Zx2Rh8TP3pO7x7lse+ABIaCc0VKTegkSLmBanB0ddRGeI=
last-modified: Fri, 11 Aug 2023 17:08:46 GMT
server: AmazonS3
etag: "b54c4d2cc5178286553e208e36a130a6"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 _ssgManifest.js Show response
nodeassets.nbcnews.com/_next/static/751e67fde1007e41043b3321b25b5b61bc65355a/ 77 B
570 B 155ms
149ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/751e67fde1007e41043b3321b25b5b61bc65355a/_ssgManifest.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 1qy3IindRljGgrR6yB29EeCArAJQ2YO0
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: G0D3SH3AFA973F5W
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683327_388391816_188448765_928_5903_38_0_146";dur=1
content-length: 51
x-amz-id-2: iSAo63ZyQ3kH00Y7GxPmwqZqw86c+Mq8DlVFdVoH1yKVJX75IqwrDgMEadpq6+5POGL+kJVVDt0=
last-modified: Fri, 11 Aug 2023 17:08:46 GMT
server: AmazonS3
etag: "b6652df95db52feb4daf4eca35380933"
content-type: application/javascript
cache-control: private, max-age=86400
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 _middlewareManifest.js Show response
nodeassets.nbcnews.com/_next/static/751e67fde1007e41043b3321b25b5b61bc65355a/ 92 B
574 B 155ms
150ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/751e67fde1007e41043b3321b25b5b61bc65355a/_middlewareManifest.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: UKcjMu_hSWiTeCcKOL1eMGo0IBzkVx2K
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: S2GSJ468AFMZ0ZMP
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683327_388391816_188448766_927_5907_38_0_146";dur=1
content-length: 56
x-amz-id-2: Ng96imhG5w3E7LNUnmMwjEI+so8rHnVmf6vWB/cGajpdXCQd7rNLWd05wFNdXhtqJIcaAP3DQf8=
last-modified: Fri, 11 Aug 2023 17:08:47 GMT
server: AmazonS3
etag: "7c3f7e060745668041278118c0bb3d6d"
content-type: application/javascript
cache-control: private, max-age=86400
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 launch-EN03682f66064449c8b87d78eae3e2fc57.min.js Show response
assets.adobedtm.com/ 799 KB
200 KB 158ms
40ms Script
application/x-javascript 2a02:26f0:480:99e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN03682f66064449c8b87d78eae3e2fc57.min.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:99e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: da998083f78c40ddec935cd325eea7ba92723ece5c90cef2104ddd4245c96f1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 00:30:52 GMT
server: AkamaiNetStorage
etag: "159955d373af268623bf534d064eb673:1691022652.016096"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.nbcnews.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 204913
expires: Fri, 11 Aug 2023 21:11:23 GMT

GET
H2 200 ads.b1f2c549.js Show response
nodeassets.nbcnews.com/_next/static/chunks/ 37 KB
10 KB 155ms
149ms Script
application/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/chunks/ads.b1f2c549.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b6e635a7e1ab8ea1671505d940b05de3652d8fc5fa4aca94da773152deff70c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 0WNZimEDDLAxQGXJNtNvogSguq3.FJ14
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: GHBRMX463Z4ESDNV
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683316_388391816_188448767_75_9886_38_0_146";dur=1
content-length: 9824
x-amz-id-2: rO5t0rbIbc3T8EP6vmrbqeYoj+d7Vq5Eld1/znKegdtlYQpgrW9W+RXCrCryrZX/OeRR1AIYvB0=
last-modified: Fri, 11 Aug 2023 01:26:09 GMT
server: AmazonS3
etag: "65a76c3601b468306d2dd5e40e23eed5"
content-type: application/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
DATA 200
OK truncated
/ 758 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 781e5d64e355ea883008a5a84253f2193e16eeee976577427b5d9008180bdede

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 FoundersGroteskCondensedWeb-Semibold.6797c94d7e9d7972e1dda6ed5248e1f4.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 39 KB
40 KB 138ms
52ms Font
font/woff2 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskCondensedWeb-Semibold.6797c94d7e9d7972e1dda6ed5248e1f4.woff2

Requested by

Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1eaf39da4a7bc521968553ccb045aaae4c3609d0f714197db1855e4b47bf31d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin: https://www.nbcnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: UvqxF5yqAakw56cN4C1xb.YQdPhVCBLy
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: PD5C0R1M31H0HK2X
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683426_388391816_188448794_23_6148_41_0_255";dur=1
content-length: 40106
x-amz-id-2: XPFUqA3B32vqAA7cPNjFiJBHCPt034UMRxYL8w4bum4RO++d4LQmmq7BAa+RZI1/SSAOT1tjeHI=
last-modified: Thu, 11 Jul 2019 19:07:44 GMT
server: AmazonS3
etag: "6797c94d7e9d7972e1dda6ed5248e1f4"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 20:11:23 GMT

GET
H2 200 iconfont.47713e24c2.woff2
nodeassets.nbcnews.com/_next/static/assets/fonts/ 14 KB
15 KB 139ms
53ms Font
binary/octet-stream 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/_next/static/assets/fonts/iconfont.47713e24c2.woff2

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b8b6a13b6b9ac5a178e20d5d77f13fbf2b68e91906eef2851211db57f2e35dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: ksM18y4T7VXEAZIQ4qMpLgHG2igK7ZPH
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: EG7ZKYYCA4520P64
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683476_388391816_188448796_554_5879_41_0_255";dur=1
content-length: 14468
x-amz-id-2: dOdrluF8LP5tqFBA/rbmNdYDQ8SsAvXcB7Jzrzz3O5ziu+5DOhvQUfX3bv5ovDMjZgHJWYHJU4M=
last-modified: Fri, 11 Aug 2023 01:26:08 GMT
server: AmazonS3
etag: "336007df682349f50f75ecff33ed6798"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 FoundersGroteskMonoWeb-Regular.861757adb72039160d3707fc6508e252.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 29 KB
30 KB 138ms
53ms Font
font/woff2 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskMonoWeb-Regular.861757adb72039160d3707fc6508e252.woff2

Requested by

Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

547bfe45786020d5e9de262b053fecc7e9031cac23695f136d411b67e604c90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin: https://www.nbcnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: smxq6MLYc1aZNAPU82awTXjGoqcFeVuG
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: PD56GE2C5ZE8QQ0B
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683469_388391816_188448795_22_6091_41_0_255";dur=1
content-length: 30163
x-amz-id-2: EeYX62hwFmi4a2jPXND4rVjZHIboZQeGC+jdoTmP55Hjwd2snMlef5ZkLo+y7QJfoZjj+bXeMFc=
last-modified: Tue, 11 Oct 2022 22:23:57 GMT
server: AmazonS3
etag: "861757adb72039160d3707fc6508e252"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 20:11:23 GMT

GET
H2 200 PublicoText-Roman-Web.752edd6cce510289581b5e8ecea31abd.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 51 KB
52 KB 138ms
52ms Font
font/woff2 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoText-Roman-Web.752edd6cce510289581b5e8ecea31abd.woff2

Requested by

Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

83340911733e4ae3c55fc3763d089fa38e427248ac4833ee3209c5c5f7f385dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin: https://www.nbcnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: 2MTzNwxTqVPRbYrJTYk1GvQbxM9fvhUo
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: TCG7MFPC7J33PJ9V
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683469_388391816_188448797_21_6106_41_0_255";dur=1
content-length: 52393
x-amz-id-2: ytXxPjdRFzZw3P/z/VND1O6FGguPyCDlvjK0Kx3DD3UWpUe5g3JL2BPkP85hseBnOAbcrJNP5w0=
last-modified: Tue, 11 Oct 2022 19:53:40 GMT
server: AmazonS3
etag: "752edd6cce510289581b5e8ecea31abd"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 20:11:23 GMT

GET
H2 200 1629586729560_nn_kdi_unemployment_fraud_extremes_210821_1920x1080-3d2cdn.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-860x484,f_auto,q_auto:best/mpx/2704722219/2021_08/ 38 KB
39 KB 137ms
137ms Image
image/webp 2a02:26f0:480:9a9::a1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cldnry.s-nbcnews.com/image/upload/t_focal-860x484,f_auto,q_auto:best/mpx/2704722219/2021_08/1629586729560_nn_kdi_unemployment_fraud_extremes_210821_1920x1080-3d2cdn.jpg

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:480:9a9::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

cloudinary /

Resource Hash

1c4f25c2e1d66e2374847514126f278fd61baf1e95f6ee48f5e7ee6f1b699df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 1
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
cache-tag: 339319057095284013489988615874194246446,214677783314802856843520142156836606120,7831a46e631c715519da9d0ce0a38b6b
content-disposition: inline; filename="1629586729560_nn_kdi_unemployment_fraud_extremes_210821_1920x1080-3d2cdn.webp"
content-length: 38956
x-served-by: cache-iad-kjyo7100098-IAD
last-modified: Sat, 21 Aug 2021 23:00:01 GMT
server: cloudinary
x-timer: S1691784683.486367,VS0,VE1
etag: "6fd9321d8d3ad76af5e393e9c2108e1b"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, private, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
expires: Sun, 11 Aug 2024 02:11:23 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/ 17 KB
6 KB 142ms
59ms Script
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/otSDKStub.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39f5566a98c2a7d3aad7e6c7518c206d3065713e22c98583c9f686e48e9e7f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35272
content-md5: Zq5CSd3MANpmGmojoJnzWA==
content-length: 5815
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 21:45:34 GMT
server: cloudflare
etag: 0x8DB151E20DF1D13
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 65a0d015-401e-0073-54e1-5aa825000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f5320a06c502c3f-FRA
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 133ms
50ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 5206
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 84ed10d5-601e-00ec-3ce1-5ad09f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7f5320a0691e1c07-FRA

GET
H2 200 609617.js Show response
dev.visualwebsiteoptimizer.com/lib/ 263 KB
67 KB 168ms
73ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 2a038f3dbc1531491fdbbeb65b3b4e25a2da9f180d1394e53161656559bce3f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-computed: true
date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1691769085"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: no-cache,max-age=0, public, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptime: 0.010621999999785

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 988 B
1 KB 239ms
57ms XHR
application/json 52.208.175.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A8AB776A5245B4220A490D44%40AdobeOrg&d_nsid=0&ts=1691784683509

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.175.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-175-244.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8c4a3ac0fed73766716288c51bf3801a42c28431b7b369fb50140e176099791b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v050-09ffa1c7c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: T7BcAP+WSwE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.nbcnews.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 552
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/65ea0b28a73c4c4abd08599774d30799/ 181 KB
47 KB 158ms
44ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/65ea0b28a73c4c4abd08599774d30799/mparticle.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: dbe1b49a9ffc00eeaa6c698480c3cb3c171ca9570fe1989d35fafd29fafd32da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000109-IAD, cache-fra-eddf8230106-FRA
date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 22
x-timer: S1691784684.653020,VS0,VE1
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000109_IAD
x-cache: HIT, HIT
content-type: application/javascript
vary: Accept, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 48031
x-cache-hits: 38, 1

GET
H2 200 lightbox_speed.js Show response
www.lightboxcdn.com/vendor/cfbf6814-ef53-427e-b99a-f3ba72e8a366/ 3 KB
1 KB 151ms
58ms Script
application/javascript 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/cfbf6814-ef53-427e-b99a-f3ba72e8a366/lightbox_speed.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3faec294fbd9c381d61b3a559bfb7e3fb2899c3535106dc981956ef0abeca48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: AuhxcsvQhyUSrFwAPnNBtA==
age: 190
cf-polished: origSize=4971
x-ms-lease-status: unlocked
cf-bgj: minify
last-modified: Fri, 11 Aug 2023 14:04:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 3c4c0f9c-601e-0074-2d5c-cc9e76000000
cache-control: public, max-age=60
x-ms-version: 2009-09-19
cf-ray: 7f5320a0bbe39be0-FRA
expires: Fri, 11 Aug 2023 20:12:23 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 98 KB
33 KB 179ms
49ms Script
application/javascript 18.173.187.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-80.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:02:51 GMT
content-encoding: gzip
via: 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 16:11:15 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 513
x-amz-server-side-encryption: AES256
etag: W/"6f6b3838a24066fc24338c58c675bb27"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: W5byGVrEU4x0yX3l01NLbScTcya6zet3SIOloZWfi489J6Px2pv-Tg==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 156ms
43ms Script
application/javascript 108.138.34.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.34.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-34-127.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 03:21:25 GMT
Via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P2
Age: 60598
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: B_jlBlqxeUNMyTZr2lFfmFKfUZoiwzPgnxz3SJ3EWTygU3ly08z1Qg==
Expires: Sat, 12 Aug 2023 03:21:25 GMT

GET
H2 200 hotjar-309218.js Show response
static.hotjar.com/c/ 10 KB
4 KB 169ms
52ms Script
application/javascript 18.173.154.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-309218.js?sv=6

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.70 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-70.muc50.r.cloudfront.net

Software

Resource Hash

4c9e9ddb9afbbab5cf5fe68f9b01b8fee252002ebb916d7c3be66f72d3090f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 11 Aug 2023 20:11:23 GMT
via: 1.1 306e1cc20ffb597e5d6d7d7cc23384f4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 31
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/9ae52efdfa9945bbd156df6055e9eb20
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: 1yXIRp0fOH_iekDBjmLSFXBfmn2G8mUMssh2moJxxXAAkoocd-NWQQ==

GET
H2 200 v2qusgr7btBRRO-emBbA5sWkxcsQu-_-U-QHahIG_Xx3zkKDa6rxAGEW90kNpubn_3Q Show response
nondescriptnote.com/ 68 KB
24 KB 159ms
55ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://nondescriptnote.com/v2qusgr7btBRRO-emBbA5sWkxcsQu-_-U-QHahIG_Xx3zkKDa6rxAGEW90kNpubn_3Q

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

b106d53657dc2442668fad4558fb7d48f00c2e61a77783373c1a91f1152031d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 11 Aug 2023 20:11:23 GMT
x-datacenter: gce-europe-west1
etag: "5a9c0731d1804952ff06ac21dd3c1901657f6efce5587576a83055b666083c67"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-f5xl
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 960914163
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 73 KB
22 KB 172ms
55ms Script
text/javascript 108.139.243.82

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.243.82 , United States, ASN (),
Reverse DNS: server-108-139-243-82.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15f03b2320cab03d418c6c52dcefd8a89eb884c8ee1011584c8f5d96d892fb48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: nEO3z1Mr9ocedkcEGmFNEKJLWNG7G3Aq
content-encoding: gzip
via: 1.1 d757ebfa3fb61c7bd39e85fd6a07cbb8.cloudfront.net (CloudFront)
date: Fri, 11 Aug 2023 20:10:22 GMT
last-modified: Tue, 08 Aug 2023 21:36:41 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P3
age: 62
etag: "63725fe6398b64e10fb03dc7bde0ee59"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 22394
x-amz-cf-id: 8gwJWv_DIkPTjfXMSKAocp_gG1k7FAJA_4XgnZmRcui4AIJVindKIA==

GET
H2 200 nbcuniversal.js Show response
tru.am/scripts/custom/ 933 B
1 KB 150ms
49ms Script
application/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/nbcuniversal.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb6e90286e342d1bea68c7ec47b85c49137854353f243a253ee202d4ce723b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1052567
x-guploader-uploadid: ADPycds3u0XMLjELonBUcM_y_16nvL_l1XIaswUkL2YkKJPP9EOyQUuXQjmoMT32atVuQ-cNOYoRNitkTUShLC26pQtaGg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 29 Jun 2023 15:47:04 GMT
server: cloudflare
etag: W/"8eb302212d06a1a7c386dcb109a61101"
vary: Accept-Encoding
x-goog-hash: crc32c=DkB2IA==, md5=jrMCIS0GoafDhtyxCaYRAQ==
x-goog-generation: 1688053623999062
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cp7TBPGS63yTrlwXrHimHZaYQDeYXhZ0Nofq094IeKJIyjwqbODPKyUxktiDH1pt4bGgmyK6dKR3Kpw8hpVAinkajrp8wQYpfveLaDjgJMptOem4p32UtD0u3KEwcLzECrs8Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
x-goog-stored-content-length: 933
cf-ray: 7f5320a15b382bbc-FRA
expires: Mon, 29 Jul 2024 15:48:36 GMT

GET
H2 200 P35C41790-24D9-4BCD-9873-48B547719D85.js Show response
cdn-gl.imrworldwide.com/conf/ 41 KB
8 KB 160ms
41ms Script
application/javascript 2600:9000:236e:5800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P35C41790-24D9-4BCD-9873-48B547719D85.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 595b8a4a261b601cd3663e2c81488b0e2ae777b592f33b1da6fa9717ba8edeed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Vyr7UxFbQRcu4fIc6NKzwUFJB5YzSwGC
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
date: Fri, 11 Aug 2023 19:12:21 GMT
last-modified: Fri, 11 Aug 2023 09:16:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3543
x-amz-server-side-encryption: AES256
etag: W/"da8f83da9d1889a8fe65590a51e9c925"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-id: UZaHzEn2y2mU5hinCHlorGK7hUFpYtSdLGWBDEUURdc8SWf3VaIBBQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 169 KB
63 KB 140ms
48ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8168974

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

197d986313b3d067c7570256f24e204b03305989c76f4a0df86c1e972bf90109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63899
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Aug 2023 20:11:23 GMT

GET
H2 200 beacon
tag.researchnow.com/t/ 42 B
442 B 157ms
40ms Image
image/gif 18.173.187.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?adn=13&pl=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&pr=284801&si=NBCNEWS
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-48.muc50.r.cloudfront.net
Software: Apache/2.4.57 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 19:27:37 GMT
via: 1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
server: Apache/2.4.57 ()
x-amz-cf-pop: MUC50-P4
age: 2626
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: GqBh9f_Af3mfIe6FLGuiMtwzpoVeWKrt1N3op2VteaaoVm-I57iY0Q==
expires: 0

GET
H2 200 / Show response
geo.cnbc.com/info/ 132 B
291 B 310ms
141ms Fetch
application/json 2a02:26f0:3500:798::d25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.cnbc.com/info/
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:798::d25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache/2.4.6 (CentOS) PHP/7.0.33 / PHP/7.0.33
Resource Hash: 8a061eb906851bbccbd3de3aa4062df1a9c23efba1399adbcaef8d5d3aa60181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 20:11:23 GMT
server: Apache/2.4.6 (CentOS) PHP/7.0.33
x-powered-by: PHP/7.0.33
content-length: 132
x-aicache-os: xxx.31.5.0:80
content-type: application/json

GET
H2 200 dpm_pixel_min.js Show response
c.tvpixel.com/js/current/ 103 KB
32 KB 171ms
44ms Script
application/javascript 2600:9000:20c3:6e00:1d:bf0a:0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=nbcu-3dcc5105-25e1-45bf-9fba-c85842909d0d
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:6e00:1d:bf0a:0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: oMk5SFqHXboEDRm2.vDWImtx_4ARYxEl
content-encoding: gzip
via: 1.1 48c20cb247b267a59a8191c4d3bd787c.cloudfront.net (CloudFront)
date: Fri, 11 Aug 2023 14:38:34 GMT
last-modified: Thu, 16 Sep 2021 18:14:59 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
age: 31085
etag: W/"08e770c8a17bf087d50cec01af0892c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: iCXg3bm4KuadtJyWGfggb2wivJbHYWnaS--3MxSdCs5MIaIlyWzbnQ==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 128ms
39ms Script
application/javascript 108.138.36.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-30.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 10 Aug 2023 22:24:05 GMT
content-encoding: gzip
via: 1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2023 22:21:17 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 78439
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: KKZGJX9_m1dM823KXqqhFt4LkA815XH2ZPua3uypMxr54awVx7HHbQ==

GET
H2 200 hfs-header.js Show response
nodeassets.nbcnews.com/assets/header-footer/1.144.0/ 24 KB
7 KB 45ms
45ms Script
text/javascript 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/header-footer/1.144.0/hfs-header.js

Requested by

Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-53031a841b9fbc28.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

277c96a26dc80ba572e829af3c50f52388176511bdeaeb30fdb0a134a5b8efcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: xMiY.kejBQlakuSVzT14285pXKjWtRUR
content-encoding: br
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 1S2WP5BJGJ9J126W
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683770_388391816_188448851_20_6308_40_0_146";dur=1
content-length: 7123
x-amz-id-2: 4a1MVGnP6qPP3yD0TSL8ik+lkxgT1vtCdNcQ0YkQE8rdaWy7PUbBicauVxTXd2/sc/77PBRFeSA=
last-modified: Wed, 09 Aug 2023 20:50:12 GMT
server: AmazonS3
etag: "6d25b39898c7460a32eca77bff908178"
content-type: text/javascript
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 ndp-hls.js Show response
media1.s-nbcnews.com/i/videoassets/ndp/latest/ 582 KB
154 KB 63ms
46ms Script
application/javascript 2a02:26f0:480:9a9::a1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media1.s-nbcnews.com/i/videoassets/ndp/latest/ndp-hls.js
Requested by: Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-53031a841b9fbc28.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:9a9::a1d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef4bd2366fe9f01a0cef765ac8f0a77d2805e64ba0168a24e1777e4d583a53e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
last-modified: Thu, 27 Feb 2020 18:18:48 GMT
server: AmazonS3
x-amz-request-id: 88DEE851C9B84133
etag: "dc39b12c7e04fd3161eb2956d7e3a8a4"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 156860
x-amz-id-2: Qqu02dO35xheg35eggWIbBzMAH+z2Kvv+fOSbDVsX30Tr/i3UMCcPggNEOccpocdyt5JKXYQj9A=

GET
H2 200 newsletter Show response
www.nbcnews.com/services/ 7 KB
2 KB 69ms
69ms Fetch
application/json 2a02:26f0:1700:386::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcnews.com/services/newsletter

Requested by

Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-53031a841b9fbc28.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:386::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx / Express

Resource Hash

c352a6b6f42a01002824f53be7054d9b81e5811b32bc44ba8c05727aaa739f0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
x-original-correlation-id: undefined
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: br
strict-transport-security: max-age=2628000 ; preload
server: nginx
content-security-policy: upgrade-insecure-requests;
x-powered-by: Express
etag: W/"1dfc-aN0XtI2x5zxnqnzKFSQYfZFwM0k"
content-type: application/json; charset=utf-8
content-language: en
x-backend-server: green-ramen2-56c7b6dc89-txgfl
content-length: 1888

GET
H2 200 PublicoHeadline-Light-Web.558b657c534cf850fc1e341ff9df48b9.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 43 KB
44 KB 45ms
45ms Font
font/woff2 2a02:26f0:480:a86::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoHeadline-Light-Web.558b657c534cf850fc1e341ff9df48b9.woff2

Requested by

Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:480:a86::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e9b3dc41928550a6a5f2294cb7bb92ba7e4ae20198486ce269415ee43543420

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://nodeassets.nbcnews.com/assets/fonts/shared/fontface.css
Origin: https://www.nbcnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: ul1EPurdSowB7PVZime6PQkFWexC7YJJ
date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: PD541N40CVFJPA1W
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1691784683781_388391816_188448854_17_5807_38_0_255";dur=1
content-length: 44305
x-amz-id-2: WQCjpncg3rtjIeCHThWLYtu+TaggeLZIJMy5LVgYHMOhrlS/IzNKX3ZosqjrrtZBgNkKy4U3HS4=
last-modified: Thu, 11 Jul 2019 19:07:44 GMT
server: AmazonS3
etag: "558b657c534cf850fc1e341ff9df48b9"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 20:11:23 GMT

GET
H/1.1 200
OK dest5.html Show response
nbcuni.demdex.net/ Frame 7D6E 7 KB
3 KB 250ms
57ms Document
text/html 99.81.14.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcuni.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.14.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-14-86.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v050-0f5aebd0f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hmEDHUJgSUc=
content-encoding: gzip
date: Fri, 11 Aug 2023 20:11:24 GMT
last-modified: Wed, 28 Jun 2023 13:20:50 GMT
vary: accept-encoding

GET
H2 200 id Show response
aamt.nbcnews.com/ 89 B
607 B 177ms
54ms XHR
application/x-javascript 63.140.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aamt.nbcnews.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=A8AB776A5245B4220A490D44%40AdobeOrg&mid=21025901978960732491409144907016107300&ts=1691784683799

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

3da379679b7d724d7b2664535e1838d0a9f5fa63b696194babebb60c29ac621d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.nbcnews.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 89
x-xss-protection: 1; mode=block

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 81 B
250 B 163ms
60ms Script
text/javascript 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8518882d24d5c83caa6bb6ae8f88b2f89524037f9bebc83d2f0741c5d6d1c7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 7f5320a2bab16901-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 digibox.gif
www.lightboxcdn.com/z9g/ 35 B
274 B 50ms
48ms Image
image/gif 2606:4700::6813:d383
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/digibox.gif?c=1691784683832&h=www.nbcnews.com&e=p&u=44095
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 20:11:23 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 942209
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Fri, 02 Dec 2022 00:02:02 GMT
content-length: 35
x-ms-lease-status: unlocked
cf-bgj: imgq:85,h2pri
last-modified: Fri, 02 Dec 2022 00:02:38 GMT
server: cloudflare
etag: 0x8DAD3F8864E2F29
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: 960e7826-401e-0005-6cd5-31ec4f000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f5320a21d939be0-FRA

GET
H2 200 bf1dbc48-bdff-47f8-8677-c0917978a891.json Show response
cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/ 4 KB
2 KB 59ms
58ms XHR
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/bf1dbc48-bdff-47f8-8677-c0917978a891.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9c07824d0967d30b5ca738d650cd92f1dc38082939be19f4507d9f7c9bee5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 40516
content-md5: CzYtEdbgC6xtQYCpmvh2QA==
content-length: 1530
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 21:45:33 GMT
server: cloudflare
etag: 0x8DB151E1FE578A7
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8fbd418b-001e-00b3-53e1-5a2261000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f5320a21ea22c3f-FRA
expires: Sat, 12 Aug 2023 20:11:23 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/nbcnews.com/ 73 KB
26 KB 176ms
56ms Script
application/javascript 13.32.2.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/nbcnews.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-61.vie50.r.cloudfront.net
Software: nginx /
Resource Hash: fedca269c46d16ef7bbb050acc9bbb9fe51a8bb77a3a8d31627d82fce4ce124a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: public
date: Fri, 11 Aug 2023 03:38:31 GMT
content-encoding: gzip
via: 1.1 444dde5644fa29b8d8dfac109693e2a2.cloudfront.net (CloudFront)
last-modified: Mon, 22 May 2023 14:02:18 GMT
server: nginx
x-amz-cf-pop: VIE50-C2
age: 59586
etag: W/"646b75ea-122c6"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: 5XPnk_ELhwYSvzM8liHvynywMCOZX-ozc4VXlIk4tVm2MerkvJHlLQ==
expires: Sat, 12 Aug 2023 03:38:17 GMT

GET
H2 200 modules.5b778dfa5bf83cc4cad1.js Show response
script.hotjar.com/ 223 KB
55 KB 136ms
44ms Script
application/javascript 18.173.154.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5b778dfa5bf83cc4cad1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-309218.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-84.muc50.r.cloudfront.net

Software

Resource Hash

0e003b169bf76bfe6b71c69c6a01cbd962ea9189c223ccd3d0c1c0a39b053fe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:45:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 129b4a1f09d5313624ec15fced944d6e.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 26777
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55520
last-modified: Fri, 11 Aug 2023 12:44:17 GMT
etag: "9a87f94f5bf940f93cf870fa9a112900"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 1yvHmLwta9elN_zdqTRHvgiE5n3GMc7_LY3Bokmk_YJ-vKsFtGbMNg==

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 134ms
39ms Image
image/gif 2600:9000:26da:9000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?bannnerid=6922349_advertisement_
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:9000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 04:12:26 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 1871938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: bQgGm3byQe98mR7QHn2iq6fm1qNnxRV6JdHSze4jf0tmJ7tPrTl7Sg==

GET
H2 200 _r Show response
app.link/ 91 B
630 B 318ms
218ms Script
text/javascript 2600:9000:237d:4a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.78.0&branch_key=key_live_bmS4ym2cDBm2ge4BjKwILcjeCvnyQ3v3&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:4a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

68506f19805cece4d33c339667dbda1a1ee71f27166fb170e27dafac0ced52f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 a79cccd642ddc0038c3b0c4a9e7fcd6c.cloudfront.net (CloudFront)
server: openresty
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop: MUC50-P2
etag: W/"5b-hbeI1/Jc/CGa7S6IUINtncIYWWk"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: ChsPZ9vQWD1QZ2KlFVYDuYeyBVsvZsJuPgZ-Z_Nip80RiKuOa1a_nA==

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 141ms
40ms Preflight 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://www.nbcnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 1639
date: Fri, 11 Aug 2023 20:11:23 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 579
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-fra-etou8220109-FRA
x-timer: S1691784684.972336,VS0,VE0

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 176 B
322 B 158ms
157ms XHR
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/65ea0b28a73c4c4abd08599774d30799/mparticle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

78dd5cab8f034e39a17997a27f38feed6e2e32b405372ad59b442ad7fec0e72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: 65ea0b28a73c4c4abd08599774d30799
Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-fra-etou8220109-FRA
date: Fri, 11 Aug 2023 20:11:24 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=900
server: Kestrel
x-timer: S1691784684.013892,VS0,VE112
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-mp-rate-limit-percentage-used: 11.9
vary: Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 gv.gif Show response
dev.visualwebsiteoptimizer.com/ 783 B
601 B 44ms
43ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/gv.gif?a=609617&u=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: fc3bc4cb0c90c349b25357e6ec52534251db4d796efe8f4da0e98fb3cef4491e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=UTF-8

GET
H2 200 dyn Show response
dev.visualwebsiteoptimizer.com/ 260 B
265 B 49ms
48ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/dyn
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 0ae3eaae5c56f946160b19d8b0f1363c48f6ca4c9de858dbaf8e4881c8bb1d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=UTF-8

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 52ms
51ms Script
text/javascript 2606:4700:20::681a:374
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/nbcuniversal.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:374 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 268598
x-guploader-uploadid: ADPycdsrsW55gbVDL64lmMq_z8h_LNZaMMWk-SB8uXkLLxdB2gzZJVWwXF2W-iE8kZCGtXmpvqHPrqHHQN0q1st2cm0VoA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 07:45:14 GMT
server: cloudflare
etag: W/"2925c8da90d1d29f7899fa52629fe37d"
vary: Accept-Encoding
x-goog-hash: crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
x-goog-generation: 1658389514760491
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlBZTlUIykGZiVq00I%2BwbPOmq%2BSHpQaoBHOTJYTXBiMFVqE5mX3C4VyD8ryJ%2BuLhfelJhfcmRi8SebkO6F0974JFMGU4XqjQebWaty9HC%2B%2FR%2BjFH%2FJOW%2BBeblbMnNpucAXktEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
x-goog-stored-content-length: 27860
cf-ray: 7f5320a27d442bbc-FRA
expires: Tue, 08 Aug 2023 17:34:55 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 44ms
44ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=609617&settings_type=2&vn=7.0&u=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&exc=191|192|201|203|204|217|218|223|224|225|226|227|228|229|230|231|286|325|326|338|378|408|412|475
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 12a44958e8169688e595ad2fa2e69278a931a64de1561180bb05bfb7e9c40ccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
via: 1.1 google
server: gfra1
etag: W/"1691769085"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 199 KB
56 KB 46ms
45ms Script
application/javascript 2600:9000:236e:5800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P35C41790-24D9-4BCD-9873-48B547719D85.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: Q5MDLoP5K3xFBtVyePaeQTJE.ZmI4Roy
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
date: Fri, 11 Aug 2023 19:31:37 GMT
x-amz-cf-pop: FRA60-P1
age: 2387
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Tue, 01 Aug 2023 15:37:58 GMT
server: AmazonS3
etag: W/"f43d226b4110956140ab2e00da92026d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: qnz-JxHZDxRO3Mz4BbagkhPgfeS4Nm3xyHQne6ji7BUkan2X4YXQgQ==

GET
H2 200 news Show response
www.nbcnews.com/services/miniPlayerTease/ 825 B
872 B 47ms
47ms Fetch
application/json 2a02:26f0:1700:386::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcnews.com/services/miniPlayerTease/news

Requested by

Host: nodeassets.nbcnews.com
URL: https://nodeassets.nbcnews.com/_next/static/chunks/pages/_app-53031a841b9fbc28.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:1700:386::2506 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx / Express

Resource Hash

a5c65030006e06d79944399be8c88dfdf03187eabfc05dbbfbed49eea7c13dc4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
x-original-correlation-id: undefined
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
content-encoding: gzip
strict-transport-security: max-age=2628000 ; preload
server: nginx
content-security-policy: upgrade-insecure-requests;
x-powered-by: Express
etag: W/"339-aZgadXBn5sdr2WOQ3C4y56BrarU"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-language: en
x-backend-server: green-ramen2-56c7b6dc89-29wgm
content-length: 509

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 72 B
319 B 139ms
58ms XHR
application/json 2606:4700::6812:1d26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7f5320a36d861a86-FRA
access-control-allow-headers: Content-Type

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 47ms
47ms Image
text/plain 108.138.36.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035083&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1691784683968&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&c8=%27Easy%20money%27%3A%20How%20international%20scam%20artists%20pulled%20off%20an%20epic%20theft%20of%20Covid%20benefits&c9=
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-30.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:23 GMT
via: 1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MUC50-P2
x-amz-cf-id: Wv4IlU6ih4_bTkngy8jPLJZ_JYMWdjLLoQLefnx_3Y1R3cfYcwsrnQ==
x-cache: Miss from cloudfront

GET
H2

200

activityi;dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=... Show response
8168974.fls.doubleclick.net/ Frame 1B4E
Redirect Chain

https://8168974.fls.doubleclick.net/activityi;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~ore...
https://8168974.fls.doubleclick.net/activityi;dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;...

670 B
559 B

80ms
79ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8168974.fls.doubleclick.net/activityi;dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8168974

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

8887f033ae4631ad48fbf4521ba40794325a25b9c24e01c55c972e4d5af595a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 383
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 20:11:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 20:11:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8168974.fls.doubleclick.net/activityi;dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 tp2
p.tvpixel.com/com.snowplowanalytics.snowplow/ Frame 0
0 389ms
120ms Preflight 52.20.122.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.122.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-122-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.nbcnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.nbcnews.com
access-control-max-age: 600
content-length: 0
date: Fri, 11 Aug 2023 20:11:24 GMT
server: nginx

POST
H2 200 tp2 Show response
p.tvpixel.com/com.snowplowanalytics.snowplow/ 2 B
327 B 351ms
117ms XHR
text/plain 52.20.122.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p.tvpixel.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: c.tvpixel.com
URL: https://c.tvpixel.com/js/current/dpm_pixel_min.js?aid=nbcu-3dcc5105-25e1-45bf-9fba-c85842909d0d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.122.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-122-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.nbcnews.com
date: Fri, 11 Aug 2023 20:11:24 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 129ms
128ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=609617&d=nbcnews.com&u=DECDA35C583F946D790B20B6874AC2CE6&h=c7d924f4c720e73a27b825c0b4e20b56&r=0.7791642092464499

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:23 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 988 B
1 KB 59ms
58ms XHR
application/json 52.208.175.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A8AB776A5245B4220A490D44%40AdobeOrg&d_nsid=0&d_mid=21025901978960732491409144907016107300&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%01326B4AF5FA8D29F4-40001532C48DE04D&ts=1691784684034

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.175.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-175-244.eu-west-1.compute.amazonaws.com

Software

Resource Hash

292439547ecf4b8c21a611701a42f0a6f0e03b3f2df48f6be5ff8863d357baf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v050-08bfea1d2.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: BgzviF9xQ/I=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.nbcnews.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 551
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 tag-8aa60200b3996bb8afa8c6621afe94c1.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdHI6Ny4w/ 13 KB
4 KB 93ms
51ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdHI6Ny4w/tag-8aa60200b3996bb8afa8c6621afe94c1.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: ad7734c2b30945038ff9873a2c8bc72ecf73ef40ba26c30a8012b13c0d250e95

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 11 Aug 2023 15:51:01 GMT
server: gfra1
etag: "64d658e5-fd7"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4055

GET
H3 200 tag-efd80035376d1afd7c815a9d054237de.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/ 101 KB
25 KB 109ms
67ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnk=/tag-efd80035376d1afd7c815a9d054237de.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 5b9cad64bd676904eff85c57f84f0c76d3a1938333fc5c620b9860810ab67f6b

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 11 Aug 2023 15:51:02 GMT
server: gfra1
etag: "64d658e6-64c1"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25793

POST
H2 204 beacon
beacon.tru.am/ 0
0 267ms
167ms Fetch 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
surrogate-control: no-store
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNT4fWZPAAEwOsUgOwyT0idvxjajlFjVUOs5Slp4RrzfaSe%2FRIEWc%2FPQYvnuAdnBfKd9t9ALhzxVRGks6sBYXTJWu1xXXF%2BxDdqz2o%2BWfl3ynIY4KMRkbQXPlsg2mveyzWASyrByb8%2B17Q0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7f5320a44d78382e-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 0BC2 12 KB
4 KB 40ms
39ms Document
text/html 2600:9000:236e:5800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:5800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 438
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Fri, 11 Aug 2023 20:04:07 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Tue, 01 Aug 2023 15:37:57 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
x-amz-cf-id: fDwBqaLo7zerHThcE42mzSjaQKad7MxRMYCMrEOAljXWMYT8MFcfvw==
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: Au7fEiQYXrwp6aCgYjEnL0zIkXNw87j8
x-cache: Hit from cloudfront

GET
H/1.1 200
OK /
p1.parsely.com/px/ 43 B
229 B 243ms
58ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/px/?rand=1691784684136&plid=efc17f73-f5c3-4eb0-b924-dcf368972242&idsite=nbcnews.com&url=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&sref=&sts=1691784684133&slts=0&title=%27Easy+money%27%3A+How+international+scam+artists+pulled+off+an+epic+theft+of+Covid+benefits&date=Fri+Aug+11+2023+22%3A11%3A24+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=87d501c9-b89c-45f8-a9d2-4083177b3bd9&u=pid%3Dd4e3089d-c810-4d5c-9567-ba4129b6746d
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Fri, 11 Aug 2023 20:11:24 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 200 s67664573240858 Show response
aamt.nbcnews.com/b/ss/msnbcnbcnewscomprod/1/JS-2.17.0/ 43 B
437 B 55ms
55ms XHR
image/gif 63.140.62.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aamt.nbcnews.com/b/ss/msnbcnbcnewscomprod/1/JS-2.17.0/s67664573240858

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-135.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 12 Aug 2023 20:11:24 GMT
server: jag
etag: 3633079945064972288-4619656983483222621
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.nbcnews.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Thu, 10 Aug 2023 20:11:24 GMT

POST
H/1.1 200
OK event Show response
nbcu.demdex.net/ 3 KB
2 KB 249ms
60ms XHR
application/json 52.210.238.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcu.demdex.net/event?d_dil_ver=9.3&_ts=1691784684158

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.238.166 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-238-166.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7f5db94edf7ef0c4f1d241e3d297b4151a9825137b5819cf5f20306d30b510ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v050-00c5a57fc.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: qQ/TXQBoS44=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.nbcnews.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 974
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.17.0/ 377 KB
84 KB 51ms
50ms Script
application/javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 20:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 66Z8bY5FXXAAikIS37tpYA==
age: 35265
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 85833
x-ms-lease-status: unlocked
last-modified: Thu, 29 Apr 2021 01:57:14 GMT
server: cloudflare
etag: 0x8D90AB21C520644
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c0290052-f01e-012a-2ae1-5aebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f5320a429342c3f-FRA

GET
H2

204

sync
cookiesync.mparticle.com/v1/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=130884&dpuuid=3700835627480782013&redir=https%3A%2F%2Fcookiesync.mparticle.com%2Fv1%2Fsync%3Fesid%3D37590%26MPID%3D3700835627480782013%26ID%3D%24%7BDD_UUID%7D%26Key%...
https://cookiesync.mparticle.com/v1/sync?esid=37590&MPID=3700835627480782013&ID=21217024386278537951428312156609241318&Key=65ea0b28a73c4c4abd08599774d30799&env=2

0
191 B

415ms
312ms

Image
text/plain

2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookiesync.mparticle.com/v1/sync?esid=37590&MPID=3700835627480782013&ID=21217024386278537951428312156609241318&Key=65ea0b28a73c4c4abd08599774d30799&env=2
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 11 Aug 2023 20:11:24 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1691784684.364784,VS0,VE270
x-origin-name: 6pOFtq5qpnIJ0Pt8WbH5c2--F_us1_origin
x-cache: MISS
accept-ranges: bytes
x-served-by: cache-fra-eddf8230130-FRA

Redirect headers

DCS: dcs-prod-irl1-2-v050-078f26fe1.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 8jN9TrRmSKE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://cookiesync.mparticle.com/v1/sync?esid=37590&MPID=3700835627480782013&ID=21217024386278537951428312156609241318&Key=65ea0b28a73c4c4abd08599774d30799&env=2
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

/
cookiesync.mparticle.com/v1/sync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm&MPID=3700835627480782013&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2
https://cm.g.doubleclick.net/pixel?google_nid=mparticle_dmp&google_cm=&MPID=3700835627480782013&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_tc=
https://cookiesync.mparticle.com/v1/sync/?id=CAESEJEUi06jXXgrz3STXe0YG2M&MPID=3700835627480782013&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_cver=1

0
51 B

348ms
348ms

Image
text/plain

2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cookiesync.mparticle.com/v1/sync/?id=CAESEJEUi06jXXgrz3STXe0YG2M&MPID=3700835627480782013&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_cver=1
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 11 Aug 2023 20:11:24 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1691784684.426329,VS0,VE289
x-origin-name: 6pOFtq5qpnIJ0Pt8WbH5c2--F_us1_origin
x-cache: MISS
accept-ranges: bytes
x-served-by: cache-fra-eddf8230130-FRA

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cookiesync.mparticle.com/v1/sync/?id=CAESEJEUi06jXXgrz3STXe0YG2M&MPID=3700835627480782013&esid=37591&Key=65ea0b28a73c4c4abd08599774d30799&env=2&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESELGgu_eiU_TXvPgjN482lug&google_cver=1
dpm.demdex.net/ Frame 7D6E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjEyMTcwMjQzODYyNzg1Mzc5NTE0MjgzMTIxNTY2MDkyNDEzMTg=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjEyMTcwMjQzODYyNzg1Mzc5NTE0MjgzMTIxNTY2MDkyNDEzMTg=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELGgu_eiU_TXvPgjN482lug&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

57ms
56ms

Image
image/gif

52.208.175.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELGgu_eiU_TXvPgjN482lug&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

HTTP/1.1

Server

52.208.175.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-175-244.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nbcuni.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-0f8dcfc1c.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: R2cKdyoUQAU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELGgu_eiU_TXvPgjN482lug&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 open Show response
api2.branch.io/v1/ 273 B
649 B 332ms
214ms XHR
application/json 2600:9000:2248:f800:11:f728:3040:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2248:f800:11:f728:3040:93a1 , United States, ASN (),

Reverse DNS

Software

Resource Hash

7fc0f1f5c86727a5dffe2ffad4353ed890a4c2dc0c80c264338cd3a950a6c1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f0c44fcb623b0b5d0059f8c13f9793b0.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 91c72e16-38d5-4b15-8ef4-dee9e720fcd2-2023081120
content-length: 273
x-amz-cf-id: 3lwuXMWSg16dVLqb4TXSxQz0ylMBNXVgTr0uUZou9gmJlRZJFa5yOg==

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 0BC2 44 B
548 B 308ms
56ms Image
image/gif 52.215.66.158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P35C41790-24D9-4BCD-9873-48B547719D85&sessionId=odey8o7krcuep0celnfeevesimqmi1691784684&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.663&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.66.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-66-158.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:24 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
odey8o7krcuep0celnfeevesimqmi1691784684.nuid.imrworldwide.com/ Frame 0BC2 35 B
350 B 182ms
38ms Image
image/gif 2600:9000:237d:5400:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odey8o7krcuep0celnfeevesimqmi1691784684.nuid.imrworldwide.com/
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:5400:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 03:34:20 GMT
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 59825
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: DRa1z-lYZPTu1nuzoy5Rf7L-f2L-_Xx5uS1toC6Zv1anz0HETPdtMw==

GET
H3 200 worker.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 42ms
41ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/609617.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 11 Aug 2023 15:50:59 GMT
server: gfra1
etag: "64d658e3-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13599

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/13505bbe-b4dc-4c67-9740-215884852bd7/ 175 KB
34 KB 65ms
65ms Fetch
application/x-javascript 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bf1dbc48-bdff-47f8-8677-c0917978a891/13505bbe-b4dc-4c67-9740-215884852bd7/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be5ddda8e669c59313302ddb6cb53e56c0d33c30fb6d288779723b81cfa9221b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 20:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 31337
content-md5: c97vEfDRYOzjXGUnDT46bg==
content-length: 34876
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 21:45:42 GMT
server: cloudflare
etag: 0x8DB151E252FF99B
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e841c01d-b01e-00aa-03e1-5a0e09000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f5320a4da262c3f-FRA
expires: Sat, 12 Aug 2023 20:11:24 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58782/ Frame 7D6E
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=21217024386278537951428312156609241318&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=21217024386278537951428312156609241318&gdpr=0&gdpr_consent=

0
125 B

175ms
44ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=21217024386278537951428312156609241318&gdpr=0&gdpr_consent=

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nbcuni.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Fri, 11 Aug 2023 20:11:24 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=21217024386278537951428312156609241318&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: no-store
content-length: 415

POST
H3 200 50f007982267ba140c3edf30f3c57f775c657b12a2cb3f977fa0 Show response
nondescriptnote.com/post/ 206 B
233 B 109ms
60ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://nondescriptnote.com/post/50f007982267ba140c3edf30f3c57f775c657b12a2cb3f977fa0

Requested by

Host: nondescriptnote.com
URL: https://nondescriptnote.com/v2qusgr7btBRRO-emBbA5sWkxcsQu-_-U-QHahIG_Xx3zkKDa6rxAGEW90kNpubn_3Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

7644dddfc917eaf75a112e43241acbcece1ab57af00af0477c0adc7cc74c3574

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 11 Aug 2023 20:11:24 GMT
via: 1.1 google
x-buildnumber: 960914163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nbcnews.com
x-hostname: fen-hoothoot-europe-west1-f5xl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 11 Aug 2023 20:11:23 GMT

GET
H2 200 dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2... Show response
adservice.google.com/ddm/fls/i/ Frame BEFD 669 B
760 B 183ms
82ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail

Requested by

Host: 8168974.fls.doubleclick.net
URL: https://8168974.fls.doubleclick.net/activityi;dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba3b0f3b0561b53b98321116b5fa0cb5a937c99d9a4b8012f0cfb46a050e0d63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8168974.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 385
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 20:11:24 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ 12 KB
3 KB 56ms
56ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 20:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: iBHq0PTHfG30UZUmEXHGnw==
age: 71353
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2938
x-ms-lease-status: unlocked
last-modified: Thu, 29 Apr 2021 01:57:06 GMT
server: cloudflare
etag: 0x8D90AB2173E15E6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6c2c2626-801e-00c4-0ce1-5aa720000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f5320a56ad62c3f-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.17.0/assets/v2/ 47 KB
11 KB 53ms
52ms Fetch
application/json 2606:4700::6812:a972
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a972 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 11 Aug 2023 20:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QWpbT1Wg29aBRjQ2r7+nDQ==
age: 37765
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11495
x-ms-lease-status: unlocked
last-modified: Thu, 29 Apr 2021 01:57:08 GMT
server: cloudflare
etag: 0x8D90AB218BD0ED7
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 09a86463-c01e-0166-16e1-5a2ce9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7f5320a56ad82c3f-FRA

GET
H2 204 adb-ext.gif
ds.reson8.com/ Frame 7D6E 0
96 B 210ms
46ms Image
text/plain 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/adb-ext.gif?puid=21217024386278537951428312156609241318

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nbcuni.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 7f5320a6aba73654-FRA
vary: Accept-Encoding

POST
H3 200 87238bdcb3f46334e0677d7d1db6226afc69ad680d9 Show response
nondescriptnote.com/a727f700d/ 3 KB
987 B 60ms
60ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://nondescriptnote.com/a727f700d/87238bdcb3f46334e0677d7d1db6226afc69ad680d9

Requested by

Host: nondescriptnote.com
URL: https://nondescriptnote.com/v2qusgr7btBRRO-emBbA5sWkxcsQu-_-U-QHahIG_Xx3zkKDa6rxAGEW90kNpubn_3Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

9a08be7476bd1b5c312ce519a5bec743a19bcb3bd4a06031af22fb8efe08e759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
via: 1.1 google
date: Fri, 11 Aug 2023 20:11:24 GMT
x-buildnumber: 960914163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 961
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nbcnews.com
x-hostname: fen-hoothoot-europe-west1-f5xl
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2

200

restricted
mid.rkdms.com/ Frame 7D6E
Redirect Chain

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=21217024386278537951428312156609241318&_ct=img
https://mid.rkdms.com/restricted

0
0

117ms
117ms

Image
text/html

3.232.111.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Server: 3.232.111.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-232-111-103.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nbcuni.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:24 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
server: nginx
location: /restricted
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2... Show response
adservice.google.de/ddm/fls/i/ Frame F5A8 194 B
515 B 188ms
76ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKG4jIm11YADFWcJogMdk9sBtg;src=8168974;type=nbcvi0;cat=nbcne0;ord=8535553488859;auiddc=26219123.1691784684;gtm=45fe3890;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 20:11:24 GMT
expires: Fri, 11 Aug 2023 20:11:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
495 B 136ms
135ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_source%3Dsubstack&page=utm_medium%3Demail
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 69a7f118e29bd9cafaba6c69bfbaeeea23e2b8afabdf9130f4144202d52fb3a6

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer a839e8824b3cdd864a9ba3052205d70b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://www.nbcnews.com/
x-referring-url: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:25 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 194
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 413ms
133ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_source%3Dsubstack&page=utm_medium%3Demail
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://www.nbcnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://www.nbcnews.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Fri, 11 Aug 2023 20:11:24 GMT

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
435 B 253ms
253ms XHR
application/json 2600:9000:2248:f800:11:f728:3040:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2248:f800:11:f728:3040:93a1 , United States, ASN (),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 11 Aug 2023 20:11:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 f0c44fcb623b0b5d0059f8c13f9793b0.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P3
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: d44c96d4d0a248a495ac43ae9afb2090-2023081120
content-length: 28
x-amz-cf-id: 5pCHXIDUvdUDarZYEGte8tyesFxy9OzmgAi3LHmNFG63qvfHy7UH0w==

GET
H2 200 sv.js Show response
nbcu.track.securedvisit.com/js/ 59 KB
24 KB 484ms
234ms Script
application/javascript 52.55.252.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nbcu.track.securedvisit.com/js/sv.js?sv_cid=5998_04679&sv_origin=nbcnews.com
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.252.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-252-103.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: f9df1da2e337cc44e3d87a5dc93f8271933b5ee914c7046ef02e281014b6cda0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:24 GMT
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 20:11:24 GMT
server: nginx/1.22.0
etag: W/"273cf9801333aefc61a4f311b0692f6a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, private
expires: Fri, 11 Aug 2023 20:11:24 GMT

GET
H/1.1 200
OK / Show response
mps.nbcuni.com/request/page/json/params/ 43 KB
13 KB 472ms
277ms XHR
application/json 23.218.208.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mps.nbcuni.com/request/page/json/params/?CALLBACK=mpsCallback&cat=usnews&cag%5Bplatform%5D=ramen&cag%5Btargeting%5D=news%7Clateststories%7Cinvestigations%7Cusnews&adunit=%2F2620%2Fnbcnews%2Fusnews&type=bentoarticle&content_id=ncna1276789&site=nbcnews-bento&path=%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&cag%5Badunit1%5D=2620&cag%5Badunit2%5D=nbcnews&cag%5Badunit3%5D=usnews&title=Easy%20money%3A%20How%20international%20scam%20artists%20pulled%20off%20an%20epic%20theft%20of%20Covid%20benefits&ismobile=false&NOLOAD=mpstools&USE_OVERLAY=0&IRSOURCE=false&ASYNC=1
Requested by: Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-29.deploy.static.akamaitechnologies.com
Software: Apache/2.4.38 (Debian) / PHP/7.1.33
Resource Hash: af4c700289815bbc20a737e4df4e9f78a7244e6927f8e52e13ef93ace2278ccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Aug 2023 20:11:25 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
X-Powered-By: PHP/7.1.33
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 11693
Expires: Fri, 11 Aug 2023 20:11:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 324ms
130ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3830b637357b9a79589bc2166749af7c75285392e5003444081b378a10ee354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28081
x-xss-protection: 0
server: cafe
etag: 197 / 19580 / 31076935 / config-hash: 10670762813517737706
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 20:11:25 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/ 400 KB
127 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 15:57:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15247
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129487
x-xss-protection: 0
server: cafe
etag: 4885750571797100496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 10 Aug 2024 15:57:18 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/nbcuyieldheader7581548001/ 226 KB
80 KB 153ms
41ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js
Requested by: Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 327ffc1a01ed70669c5ab82d39bfa2fba480057c642132494fbc2f260e6a78de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:25 GMT
content-encoding: gzip
last-modified: Tue, 01 Aug 2023 08:21:46 GMT
server: AmazonS3
x-amz-request-id: S7SAQYD2QXWRPSGR
etag: "f6604f8f3ace2c7d5d988590606cb101"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15109
accept-ranges: bytes
content-length: 81301
x-amz-id-2: Idhfwns0v9n+xv7eUv9zT5I3leq7kA5rKyKy+NRjVYiQpYS7bbsBd/FeghlO2mQ40iBl475ccZc=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 246 KB
60 KB 179ms
51ms Script
application/javascript 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:49:32 GMT
content-encoding: gzip
via: 1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 21:28:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 1314
x-amz-server-side-encryption: AES256
etag: W/"a7247ead77dd201b1e56acf0e565194b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 0csHt_Age-g-VrAWTUPHlBTdbXmOXEbyDRNXfvXHOtemMg2b9tcF6A==

GET
H2 200 service Show response
usasync01.admantx.com/admantx/ 2 KB
797 B 407ms
129ms Script
text/plain 54.144.88.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usasync01.admantx.com/admantx/service?request=%7B%22decorator%22%3A%22template.nbc_template%22%2C%22key%22%3A%2262263fff3cc1d07f85c7f8261a0c8f7dc096b35f59c82a713f20a9db8d562ff2%22%2C%22method%22%3A%22descriptor%22%2C%22filter%22%3A%22default%22%2C%22mode%22%3A%22async%22%2C%22type%22%3A%22URL%22%2C%22body%22%3A%22https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail%22%7D

Requested by

Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.144.88.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-144-88-107.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d5cc7bf36f04b6976c44a9dfd8c2231918fcaadc7215f4b778dda14da9c06bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 20:11:26 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
content-type: text/plain; charset=UTF-8

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 236 KB
73 KB 198ms
54ms Script
text/javascript 13.226.175.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.175.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-175-79.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 08:48:02 GMT
x-amz-version-id: L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding: br
last-modified: Thu, 08 Jun 2023 08:56:13 GMT
server: AmazonS3
via: 1.1 3a0e1d5f608bda83df3702e1cc449b6a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
etag: W/"a23e5e8674928ef24c6825d63b8d2927"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
age: 41004
x-amz-cf-id: QIxx8v5_nZBk7s7R0ii2KsABP2ljoyte2SHDBCvbQxQaXsOt5M3fBQ==

GET
H2 200 24610.js Show response
micro.rubiconproject.com/prebid/dynamic/ 455 KB
129 KB 197ms
78ms Script
text/javascript 104.64.126.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Requested by: Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-nbcnews-bento.js?nowrite=jq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.126.246 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-126-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0d7fd1fb6c00dc9b4e43a4151a860e2bc8fc06befa0f7d3eb4c4bcfc62dad378

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:26 GMT
content-encoding: gzip
server: Apache
vary: accept-encoding, referer
edge-cache-tag: prod-prebid-24610_NBCNews.js
content-type: text/javascript
cache-control: public, must-revalidate, max-age=14400
content-length: 131894
expires: Sat, 12 Aug 2023 07:00:16 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 46ms
46ms XHR
text/plain 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3219&u=https%3A%2F%2Fwww.nbcnews.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 17:13:26 GMT
via: 1.1 452b7761b1eb87a22cbc4ec546224f1a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
age: 10678
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.nbcnews.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 83AZ6CUYKs4RPsq5-nKgpGpPWNV6lggUtiNjFrA_IH_iu_VEaoXMxA==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223219%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
415 B 198ms
74ms Fetch
image/gif 52.222.239.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223219%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.nbcnews.com%252Fnews%252Fus-news%252Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%253Futm_source%253Dsubstack%2526utm_medium%253Demail%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: JXD3B401Y4EXRFQKKRNP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: fOVkFAeM3G0rlHZvE_ptOwYKwthGhgZzXenAwAlE1cxI-iN9ZQAI2g==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
464 B 199ms
80ms XHR
text/javascript 52.222.239.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3219&u=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&pid=KAa8Y7kCuCUGX&cb=0&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-topbanner-2027071417%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22970x66%22%2C%22728x90%22%2C%221400x600%22%5D%2C%22sn%22%3A%22topbanner%22%7D%2C%7B%22sd%22%3A%22div-gpt-boxrail-2027071417%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22boxrail%22%7D%2C%7B%22sd%22%3A%22div-gpt-boxflex-2027071417%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22boxflex%22%7D%5D&pj=%7B%22si_section%22%3A%22nbcnews-bento%7Cusnews%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: VVPBXT5ETDV98BAXDWHT
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: uIYkTMNT-2deWN6gW2v_5KDkCxBMeXhDizRJ-WYiV1_OWIs4909kFA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 135ms
44ms XHR
application/javascript 18.66.23.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-147.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
date: Fri, 11 Aug 2023 04:30:48 GMT
x-amz-cf-pop: VIE50-P1
age: 56439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: CXtNMDEamImoitlKCS7pX1E3vcrp8iEXAIqysw7vfENwfe_nuegDNQ==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223219%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals%252Fdefine%22%2C%22feat%22%3A%2... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
416 B 186ms
68ms Fetch
image/gif 52.222.239.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223219%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals%252Fdefine%22%2C%22feat%22%3A%22completed%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.nbcnews.com%252Fnews%252Fus-news%252Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%253Futm_source%253Dsubstack%2526utm_medium%253Demail%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: X6G65041TJF8TWEHDYDD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: m85RIgMM-JCP_hf3RRuyXmfbpiJ57JQH1g31SWQedpLX1uCAiYtxhA==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223219%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
414 B 232ms
114ms Fetch
image/gif 52.222.239.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223219%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.nbcnews.com%252Fnews%252Fus-news%252Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%253Futm_source%253Dsubstack%2526utm_medium%253Demail%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: 7DTHAYWHKDAYWKW66KJG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: rU1R-96TVI4EAuGB-RdTpG6q0Sky0G2DWvi-kHVitaF1O8P2i7Wjig==

GET
H2 200 %7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223219%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat... Show response
aax.amazon-adsystem.com/x/px/p/PH/ 43 B
414 B 189ms
73ms Fetch
image/gif 52.222.239.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223219%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.nbcnews.com%252Fnews%252Fus-news%252Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%253Futm_source%253Dsubstack%2526utm_medium%253Demail%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: RX0M4ZVSSN1JQD4BDF9C
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: p39acQU5MWLQM088ya1EwAPoI5qC9sFl-h_b3ogkBsdpTat62nX0Rw==

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223219%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.nbcnews.com%252Fnews%252Fus-news%252Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%253Futm_source%253Dsubstack%2526utm_medium%253Demail%22%2C%22lv%22%3A%2223.725.1446%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.239.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-239-116.fra56.r.cloudfront.net

Software

Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:26 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P4
x-amz-rid: F7RD7GT6PHR5MT9THNGF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-cache
content-length: 43
x-amz-cf-id: wtHRA3D4pHx1iJPeakrGscDwSGDbDG11UDAt3bGGbY2AFqJuuNNxJA==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 557 B
736 B 211ms
64ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8j3MOfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Xm7eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-MlEldYv6BziEcg%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRKBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&pcode=nbcuyieldheader7581548001&rx=927902517398&callback=MoatNadoAllJsonpRequest_67993658
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2137720bd975aacc3e543ba605ac0835d441b0c777a98f0eb5799cd761b5dc68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:26 GMT
server: istio-envoy
etag: "3f3a677bdbaefb04e40783488a9e48ab0db25a14"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 17
timing-allow-origin: *
content-length: 557

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
607 B 159ms
48ms Fetch
application/json 52.222.169.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-8.cdg52.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 01:27:25 GMT
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 8c91fcc64b7a86489661ea1249599ca2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, CDG52-P2
age: 67441
x-amzn-requestid: 7d827e6f-6ead-4577-9d8f-8733f593a96f
x-amzn-trace-id: Root=1-64d58e7d-4ca4e039621436237d3477f9;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: JeMzmEK1joEFRHA=
content-length: 28
x-amz-cf-id: 27SgX85HDbX0MrxE0jE2QoMywAFloUam2iFVlwAHbhKki4r7d0gdvQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 562 B
1 KB 1215ms
1051ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24610&site_id=426440&zone_id=2423128&size_id=2&alt_size_ids=57&p_pos=atf&us_privacy=1---&rf=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&tg_i.domain=nbcnews.com&tg_i.page=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&tg_i.aupname=nbcnews%2Fusnews%26div-gpt-topbanner&tg_i.pbadslot=%2F2620%2Fnbcnews%2Fusnews%23div-gpt-topbanner-2027071417&tk_flint=dmpbjs_v7.54.0&x_source.tid=8d10c189-81ef-44ae-80d5-44803d7be468&l_pb_bid_id=2a3b21fa0b49e9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8d10c189-81ef-44ae-80d5-44803d7be468&rp_maxbids=1&p_gpid=%2F2620%2Fnbcnews%2Fusnews%23div-gpt-topbanner-2027071417&slots=1&rand=0.5903342262993367
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7ff4381f6f2ad9d6186a47b2654e2e3cf0fd2d3c62063271db1c4764137e3a20

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nbcnews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 562
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 prebid Show response
krk2.kargo.com/api/v1/ 0
498 B 205ms
44ms XHR
text/plain 18.158.87.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://krk2.kargo.com/api/v1/prebid
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.87.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-87-162.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:26 GMT
content-encoding: gzip
x-accel-expires: 0
accept-ch: Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
nbr: 508
vary: Accept-Encoding
access-control-allow-origin: https://www.nbcnews.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
krk-no-bid-reason: consent
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
194 B 232ms
73ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=45656563347&lsavail=1

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nbcnews.com
date: Fri, 11 Aug 2023 20:11:25 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
542 B 192ms
41ms XHR
application/json 18.157.222.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.0&referrer=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&tmax=1500&us_privacy=1---

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.157.222.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-157-222-165.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:26 GMT
accept-ch: sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nbcnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
242 B 491ms
169ms XHR
application/json 64.247.193.131
LIGHTEDGE-AS-02

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.247.193.131 , United States, ASN11320 (LIGHTEDGE-AS-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.nbcnews.com
Date: Fri, 11 Aug 2023 20:11:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
366 B 490ms
76ms XHR
application/json 3.73.68.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.73.68.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-68-108.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5b69168a30fd5fa709abaeb2bc5cd006cea136f5216f177df40b970ae8fc09b4

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 11 Aug 2023 20:11:26 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.nbcnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
615 B 193ms
40ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:26 GMT
an-x-request-uuid: 59ab074f-46e8-4347-84ad-3f6de986e3c9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nbcnews.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 223ms
72ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nbcnews.com
date: Fri, 11 Aug 2023 20:11:25 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
552 B 351ms
202ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=849189
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbf3fbacbbbd5450d461202dec467b8f56a0a085cfdae026e1887976600ea77b

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yk4F8gqhtypBMWXUzaMN7fonX0cbIu7al2pN2uiqcJBDdebx6IwZaTgbUukHOws%2B98dk3RjPovKjLCagKuhH%2F%2B%2BHuygS2gWp%2BmeA0Xgj%2Ff2BgOYpJzWsFDExaduZO%2BH9c%2FVnf5hf"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.nbcnews.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7f5320b31c283a85-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 841 B
495 B 93ms
92ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=593289136578648&correlator=2454435841171154&eid=31076923%2C31076935&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fif&us_privacy=1---&npa=1&iu_parts=2620%2Cnbcnews%2Cusnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=88x31&ifi=1&didk=9043911&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1691784686484&lmt=1691777486&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&frm=20&vis=1&psz=0x0&msz=0x0&fws=644&ohw=1600&ga_vid=1170456199.1691784686&ga_sid=1691784686&ga_hid=951653450&ga_fc=false&dlt=1691784683020&idt=2803&prev_scp=nohb%3Da9%26pageid%3Dncna1276789%26cont%3Dbentoarticle%26sect%3Dusnews%26brand%3Dnbcnews%26tag%3Dramen%26targeting%3Dinvestigations%2Clateststories%2Cnews%2Cusnews%26vertical%3Dusnews%26pos%3Dsponsorlogo_bentoarticle_bento%26slot%3Dsponsorlogo%26loadset%3D0%26tile%3D3%26sz%3D88x31%26cat%3Dusnews%26cag%255Bplatform%255D%3Dramen%26cag%255Btargeting%255D%3Dnews%257Clateststories%257Cinvestigations%257Cusnews%26adunit%3D%252F2620%252Fnbcnews%252Fusnews%26type%3Dbentoarticle%26content_id%3Dncna1276789%26site%3Dnbcnews-bento%26path%3D%252Fnews%252Fus-news%252Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%26cag%255Badunit1%255D%3D2620%26cag%255Badunit2%255D%3Dnbcnews%26cag%255Badunit3%255D%3Dusnews%26title%3DEasy%2520money%253A%2520How%2520international%2520scam%2520artists%2520pulled%2520off%2520an%2520epic%2520theft%2520of%2520Covid%2520benefits%26ismobile%3Dfalse%26NOLOAD%3Dmpstools%26USE_OVERLAY%3D0%26IRSOURCE%3Dfalse%26ASYNC%3D1%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26excl_cat%3Dusnews%2Cheaderbid&cust_params=pm%3D1%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26adg%3DApple_NBC%252CS_10017%252CS_10391%252CS_10392%252CS_10609%252CS_10618%252CS_10713%252CS_11084%252CS_11098%252CS_11183%252CS_11650%252CS_12806%252CS_1373%252CS_1379%252CS_1384%252CS_1389%252CS_1413%252CS_1416%252CS_1420%252CS_1441%252CS_1443%252CS_1444%252CS_1450%252CS_1452%252CS_1458%252CS_1460%252CS_1488%252CS_1490%252CS_1492%252CS_1510%252CS_1519%252CS_1520%252CS_1522%252CS_1527%252CS_1530%252CS_1531%252CS_1533%252CS_1542%252CS_1549%252CS_1553%252CS_1559%252CS_1561%252CS_1562%252CS_1580%252CS_1582%252CS_1589%252CS_1592%252CS_1596%252CS_1610%252CS_1613%252CS_1614%252CS_1617%252CS_1642%252CS_1644%252CS_1645%252CS_1646%252CS_1647%252CS_1649%252CS_1650%252CS_1658%252CS_1660%252CS_1673%252CS_1693%252CS_1695%252CS_1709%252CS_1710%252CS_1713%252CS_1719%252CS_1721%252CS_1722%252CS_1734%252CS_1755%252CS_1756%252CS_1758%252CS_1762%252CS_1768%252CS_1771%252CS_1773%252CS_1774%252CS_1776%252CS_1786%252CS_1789%252CS_1801%252CS_1810%252CS_1811%252CS_1821%252CS_1822%252CS_1825%252CS_1829%252CS_1837%252CS_1839%252CS_1847%252CS_1859%252CS_1869%252CS_1872%252CS_1874%252CS_1877%252CS_1879%252CS_1893%252CS_1933%252CS_1944%252CS_1948%252CS_1951%252CS_1993%252CS_2446%252CS_2471%252CS_2474%252CS_2478%252CS_2479%252CS_2484%252CS_2485%252CS_2489%252CS_2496%252CS_2511%252CS_2512%252CS_2513%252CS_2552%252CS_2569%252CS_2911%252CS_3102%252CS_3105%252CS_3124%252CS_3128%252CS_3131%252CS_3149%252CS_3150%252CS_3181%252CS_3188%252CS_3191%252CS_3206%252CS_3213%252CS_3252%252CS_3259%252CS_3270%252CS_3280%252CS_3283%252CS_3362%252CS_3363%252CS_3364%252CS_3369%252CS_3375%252CS_3377%252CS_3917%252CS_3977%252CS_4091%252CS_4111%252CS_4122%252CS_4140%252CS_4141%252CS_4321%252CS_4485%252CS_4782%252CS_4819%252CS_5014%252CS_5958%252CS_5960%252CS_5962%252CS_6157%252CS_6214%252CS_6463%252CS_6495%252CS_6552%252CS_6734%252CS_6796%252CS_6934%252CS_7037%252CS_7113%252CS_7122%252CS_7417%252CS_7541%252CS_7542%252CS_7552%252CS_7553%252CS_7555%252CS_7611%252CS_7680%252CS_7683%252CS_7770%252CS_7837%252CS_7897%252CS_7986%252CS_8200%252CS_8362%252CS_8417%252CS_8463%252CS_8692%252CS_8757%252CS_8856%252CS_8912%252CS_9040%252CS_9086%252CS_9098%252CS_9099%252CS_9165%252CS_9228%252CS_9295%252CS_9330%252CS_9401%252CS_9794&adks=1168332310

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bd9f4c0d9bb1a4dc31a3521b0676750041e592ac8f4d4b65826555e71b3a20d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 466
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 190ms
97ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308030102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a4f13f2f53631fe201946e00d86223ba47a42f981701a5a36713aae551f987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11846
x-xss-protection: 0

GET
H2 200 container.html Show response
ba23bfbabb75a7144a28ba563613a60c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6622 6 KB
3 KB 204ms
47ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ba23bfbabb75a7144a28ba563613a60c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 20:11:26 GMT
expires: Sat, 10 Aug 2024 20:11:26 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 151ms
63ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 20:11:26 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 387B 13 KB
5 KB 42ms
40ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 17:35:18 GMT
expires: Sat, 10 Aug 2024 17:35:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 345F 831 B
1 KB 141ms
50ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9abab9b3b812c2c7ca46d5f8976228df8c2a5bd9272228ec2556a5d547c23920

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HDrItXaz8W1n0bHK1ywqkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 533
content-security-policy: script-src 'report-sample' 'nonce-HDrItXaz8W1n0bHK1ywqkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 20:11:26 GMT
expires: Fri, 11 Aug 2023 20:11:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js Show response
pagead2.googlesyndication.com/bg/ Frame 387B 37 KB
14 KB 40ms
40ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jV9FxWrWuOZCJw0aisMe6ECIXrejCp7-1an5KoHTGso.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 19:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14662
x-xss-protection: 0
last-modified: Mon, 07 Aug 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 10 Aug 2024 19:29:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 345F 0
0 136ms
136ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308030102&jk=593289136578648&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 387B 0
10 B 42ms
42ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?eTp2kQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 141ms
141ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308030102&jk=593289136578648&bg=!DwylDFjNAAaiGN5Pghg7ADkAdvg8WuXvUcE8SQ5mplG7xpya0xsx39bt-kTuC5jcJj2LIKR_lDKDhnUBqPXdA_ubWLCmbj0kBGsCAAAAZFIAAAALaAEHmQK7aX88Zxcf4SlIOX9EWNP52CKGGmqwyMm-E7DI_QjF9ZGS11vU0ycGU8UXdyquuMeCbtGX3S4LJ86Sv8sC2tYFaOGve75DRpAxFF0PKOSImnyED5MzloLjDG8-Zp983-a35n_eO8ErRBwm97l8bDPX1NeVXn3MX0TtWMXHvckIt09d9kGM7xemhSS3Prk53bd3eDKUIMkrDLOGgewle56Knh4hY8NahohRlge4SBqhBh2C4hneYAorDz8DPrI8nlonFeVH0XGgxG2-F_oKZQRuDhQ_xzwY6doOjUsc9r2eynuRJuKGr3K3mFSVhPXp-F6Ij7bdhfGhoCEOlVnZVMXFHCKucjUm6zp6Q2DxwJ_qrrA1nhOatOgUmTlcw_iN3bt1TUmIq-gE2E_OWDsqBggWWrQr-ufTJZDfxszxXUZc5U7zHW5LVdJHN97_XhJ7hnr17P4c3jSsvDyeiVL2sgiUYxh1hMBMscrrRoOFKB3EvKJoLOicWJOcC4OvSzNG0RuFlLvAIN2QTcscyooV8I7a1Zereh8Y4SuZxf_J4LuEH2Mzxr3lNgg3VxBQ-ITShXMnXFgFFUB7TfhoTcdS3GTHrVjcQKdKVEVWidRqy8NlacUv7dlpWlhS8kP4Eyz9oO3o3WdyeQqF0ENrwPzAmuTL9jN66cwPtmh3xy3qhH_IPCsmYwHJUm6j0nMoI7iRE3iWejyPEVvYb36GRTiFhNKEm43ymffhcaafWowY5TmRiyLjGUFZIXfu3Zt3o6PaZhemURKusV9e1YFg3e3RvURVvEEiVlSm_lr7X805-e4PeSHNn8oLzj9e1LhReHDLmYLVSwkuJYj0E2XqnuEN9Do0I19QH2RC0eTbYlQLMpD9zlhJp8aqeIB7u3mrOjis88Qsa0ZXgh9D6JE2LcM6P6WeMeSIi8HwAJlb5iia
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H2 204 event
prebid-a.rubiconproject.com/ 0
126 B 326ms
40ms Ping
text/plain 18.185.141.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.141.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-141-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 20:11:27 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
16 KB 94ms
93ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=593289136578648&correlator=2193214663220018&eid=31076923%2C31076935&output=ldjh&gdfp_req=1&vrg=202308030102&ptt=17&impl=fif&us_privacy=1---&npa=1&iu_parts=2620%2Cnbcnews%2Cusnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C970x250%7C970x66%7C728x90%7C1400x600&ifi=2&didk=3129465555&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D28b3e11497a441c9%3AT%3D1691784686%3ART%3D1691784686%3AS%3DALNI_MZDH8AMuxn_IwfONyfq93ftBwfzZg&gpic=UID%3D00000c5f77159baf%3AT%3D1691784686%3ART%3D1691784686%3AS%3DALNI_MaTegoTpyo40Dx1qfvV44jSdOVZZQ&abxe=1&dt=1691784687618&lmt=1691777487&adxs=315&adys=141&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&frm=20&vis=1&psz=0x0&msz=970x0&fws=644&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1170456199.1691784686&ga_sid=1691784686&ga_hid=951653450&ga_fc=false&dlt=1691784683020&idt=2803&prev_scp=pageid%3Dncna1276789%26cont%3Dbentoarticle%26sect%3Dusnews%26brand%3Dnbcnews%26tag%3Dramen%26targeting%3Dinvestigations%2Clateststories%2Cnews%2Cusnews%26vertical%3Dusnews%26pos%3Dtopbanner_bentoarticle_bento%26slot%3Dtopbanner%26loadset%3D0%26tile%3D1%26sz%3D970x90%252C970x250%252C970x66%252C728x90%252C320x50%252C300x50%26cat%3Dusnews%26cag%255Bplatform%255D%3Dramen%26cag%255Btargeting%255D%3Dnews%257Clateststories%257Cinvestigations%257Cusnews%26adunit%3D%252F2620%252Fnbcnews%252Fusnews%26type%3Dbentoarticle%26content_id%3Dncna1276789%26site%3Dnbcnews-bento%26path%3D%252Fnews%252Fus-news%252Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%26cag%255Badunit1%255D%3D2620%26cag%255Badunit2%255D%3Dnbcnews%26cag%255Badunit3%255D%3Dusnews%26title%3DEasy%2520money%253A%2520How%2520international%2520scam%2520artists%2520pulled%2520off%2520an%2520epic%2520theft%2520of%2520Covid%2520benefits%26ismobile%3Dfalse%26NOLOAD%3Dmpstools%26USE_OVERLAY%3D0%26IRSOURCE%3Dfalse%26ASYNC%3D1%26amznbid%3D2%26amznp%3D2%26m_mv%3DslotNoSlotData%26m_gv%3DslotNoSlotData%26excl_cat%3Dusnews&cust_params=pm%3D1%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable%26adg%3DApple_NBC%252CS_10017%252CS_10391%252CS_10392%252CS_10609%252CS_10618%252CS_10713%252CS_11084%252CS_11098%252CS_11183%252CS_11650%252CS_12806%252CS_1373%252CS_1379%252CS_1384%252CS_1389%252CS_1413%252CS_1416%252CS_1420%252CS_1441%252CS_1443%252CS_1444%252CS_1450%252CS_1452%252CS_1458%252CS_1460%252CS_1488%252CS_1490%252CS_1492%252CS_1510%252CS_1519%252CS_1520%252CS_1522%252CS_1527%252CS_1530%252CS_1531%252CS_1533%252CS_1542%252CS_1549%252CS_1553%252CS_1559%252CS_1561%252CS_1562%252CS_1580%252CS_1582%252CS_1589%252CS_1592%252CS_1596%252CS_1610%252CS_1613%252CS_1614%252CS_1617%252CS_1642%252CS_1644%252CS_1645%252CS_1646%252CS_1647%252CS_1649%252CS_1650%252CS_1658%252CS_1660%252CS_1673%252CS_1693%252CS_1695%252CS_1709%252CS_1710%252CS_1713%252CS_1719%252CS_1721%252CS_1722%252CS_1734%252CS_1755%252CS_1756%252CS_1758%252CS_1762%252CS_1768%252CS_1771%252CS_1773%252CS_1774%252CS_1776%252CS_1786%252CS_1789%252CS_1801%252CS_1810%252CS_1811%252CS_1821%252CS_1822%252CS_1825%252CS_1829%252CS_1837%252CS_1839%252CS_1847%252CS_1859%252CS_1869%252CS_1872%252CS_1874%252CS_1877%252CS_1879%252CS_1893%252CS_1933%252CS_1944%252CS_1948%252CS_1951%252CS_1993%252CS_2446%252CS_2471%252CS_2474%252CS_2478%252CS_2479%252CS_2484%252CS_2485%252CS_2489%252CS_2496%252CS_2511%252CS_2512%252CS_2513%252CS_2552%252CS_2569%252CS_2911%252CS_3102%252CS_3105%252CS_3124%252CS_3128%252CS_3131%252CS_3149%252CS_3150%252CS_3181%252CS_3188%252CS_3191%252CS_3206%252CS_3213%252CS_3252%252CS_3259%252CS_3270%252CS_3280%252CS_3283%252CS_3362%252CS_3363%252CS_3364%252CS_3369%252CS_3375%252CS_3377%252CS_3917%252CS_3977%252CS_4091%252CS_4111%252CS_4122%252CS_4140%252CS_4141%252CS_4321%252CS_4485%252CS_4782%252CS_4819%252CS_5014%252CS_5958%252CS_5960%252CS_5962%252CS_6157%252CS_6214%252CS_6463%252CS_6495%252CS_6552%252CS_6734%252CS_6796%252CS_6934%252CS_7037%252CS_7113%252CS_7122%252CS_7417%252CS_7541%252CS_7542%252CS_7552%252CS_7553%252CS_7555%252CS_7611%252CS_7680%252CS_7683%252CS_7770%252CS_7837%252CS_7897%252CS_7986%252CS_8200%252CS_8362%252CS_8417%252CS_8463%252CS_8692%252CS_8757%252CS_8856%252CS_8912%252CS_9040%252CS_9086%252CS_9098%252CS_9099%252CS_9165%252CS_9228%252CS_9295%252CS_9330%252CS_9401%252CS_9794&adks=348620712

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f526755512b464228c5af13374012e3b145ea22242659c2b7ad5cc62ddf6ca10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16306
x-xss-protection: 0
google-lineitem-id: 4860685866
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138250188443
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8391 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv47HyZ5KxkYJmDx6E42m5wAf550486XWRVXFvvnPFz5GGlFQgofiTED1OpogfuQtsf4gHlGQXXknd0wPGBFmU2FwqqrjI1Ag2HxrZVnGMQeflymNQwCSMCcN1sKDztMjCgXfD5ufWQOf4J_WUhDWdEuD3EJ0CyjOM4njR-Iw30kxGIxcIYHqBK-pCLk3aDwnZwG1HbrBHaZEHVRlOQOysf60dTaf2Hn93JmGMRLndECReicGaIGzkp6iN5pNyYf7r-e3eJb-j07_kLkj0pC2Tm1dGfBDxFFYPyZ854_kaZMbTPpTXbAwUF7LcDlTTtPwqiAlo&sai=AMfl-YSqH0gETABDfocafcnNrsdC9r9uwhFUofowaYjrMS32u1owD5hjZUDiwaNj16_qNTFUJ-jyDhSUo_iAcSfLBryJ6XUfMtupCXspaRkNfysMIAAGbXWBHLOefsepEw&sig=Cg0ArKJSzFdQu0aLqKlKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/ Frame 8391 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230809/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 12:52:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 12:52:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8391 179 KB
57 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57470
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691580806885528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Aug 2023 20:11:27 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame 8391 336 KB
114 KB 40ms
39ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8d53ae07794a4985ec6ade2ce02349bc42c50c5b1b12ad44ae816561039a8d35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:27 GMT
content-encoding: gzip
last-modified: Tue, 01 Aug 2023 08:21:46 GMT
server: AmazonS3
x-amz-request-id: XB5QT8PX64CP5Z19
etag: "2749e162d74013e4f0db02d4a9758f36"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=12602
accept-ranges: bytes
content-length: 116789
x-amz-id-2: dTDX6FL+axO4V74E+FGrbWoRdjyjZ9oK86exvMUl7fL5lqBth7Bf/7QWfCXLgO+Zyz8WAAsYJSQ=

GET
H3 200 15087753483871036520
tpc.googlesyndication.com/simgad/ Frame 8391 10 KB
10 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15087753483871036520

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:08:39 GMT
x-content-type-options: nosniff
age: 572568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10627
x-xss-protection: 0
last-modified: Tue, 13 Nov 2018 17:33:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 04 Aug 2024 05:08:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8391 0
0 48ms
47ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNRShLKdRcnCk2KAoC8dUIFtxoClSLvG2wOoeh51vU9wMAsp8b95qJp8l3RBWksgOGynxU
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030102/pubads_impl.js?cb=31076935
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 8391 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d32fab7fdbf206c43c8f41a9938a0a18631aac27188da5b02fe81d839a75ae56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 178ms
84ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Aug 2023 20:11:28 GMT

GET
H2 200 n.js Show response
mb.moatads.com/ 84 B
184 B 61ms
61ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8j3MOfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Xm7eZQwprWHiKYvbY%2BOEbHHfl7P4J7uhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-MlEldYv6BziEcg%3D%3D&sc=1&os=1-sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRKBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=NBCUV2&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=25&cm=16&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1691784687993&de=294554372746&m=0&ar=0b3cbf49745-clean&iw=ba89a2d&q=3&cb=0&ym=0&cu=1691784687993&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4650777348%3A2428627361%3A4860685866%3A138250188443&zGSRC=1&zMoatPS=topbanner_bentoarticle_bento&zMoatST=nbcnews-bento&zMoatDomain=nbcnews.com&zMoatSubdomain=nbcnews.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=slotNoSlotData&zMoatMSafety=unsafe&zMoatMGV_MAX=slotNoSlotData&zMoatMMV=slotNoSlotData&zMoatMGV=slotNoSlotData&zMoatMData=1&zMoatTag=ramen&zMoatSZ=1x1&zMoatCURL=nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&id=1&ii=4&bo=57191058&bd=141257418&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=141257418&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=1%3A1644%3A1644%3A3242%3A1777&tz=topbanner_bentoarticle_bento&iq=slotNoSlotData&tt=slotNoSlotData&tu=1&tp=unsafe&jk=-1&jm=-1&fs=204893&na=1789182144&cs=0&ord=1691784687993&jv=1981542403&callback=DOMlessLLDcallback_48692954
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 1d24a4866fb08ed13a374977fc2680e9276c07811a4080e81b78d6183e5dc9c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:28 GMT
server: istio-envoy
etag: "2f054d67d65e0f25b77fac1d8a09005754d21e5d"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 15
timing-allow-origin: *
content-length: 84

GET
H2 204 event.gif
beacon.krxd.net/ 0
454 B 194ms
56ms Image
text/plain 52.17.87.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=JnqJS_Pa&event_type=rtg&ord=1691784687993
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.87.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-87-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: beacon-n013-dub-prod.krxd.net
date: Fri, 11 Aug 2023 20:11:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=120 t=1691784688
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8391 0
0 156ms
76ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuykU6tn4fNIEPkgqWvjLOjJealB2JbpHZKDAP5z_pfEdJ7KP0YNoH8kWwTjEPdkNRmNwNmRdtYWwDNJS4TNiY0Q6F7DFMqyNe5FyDrqfIylqK976fCfDFFiMrmSCs4TwrIAPFI-cgOiwiMoIkkNv5f8pXnA76WMsz0rcalZE5PSubhsP_EwS7h7v5JhEUT15CBQmwW6_3GNrM_V-rg2-GVFnbKiMqAsHv1EQ3KO-G3o7q6tgRoIstdPzgOESTXQXJkOb5SEGZ8tHCvorX0TGVp5Xg_9l2Mx5TDH_CygcXbE2tTTObCcAvbPgMklxFts8xoX2chyQ&sai=AMfl-YRFZSJjbghiYv9F4d6afLrGFkqNVwSm0o53e5lm0BBFAEhDS52naf2yK0Ffhkgh9LdUhG12Mn6SEabz2pgmKnQxlKJ2LRf0vhbVnAKCUkZlHxx8jR9NVw5uSejcWw&sig=Cg0ArKJSzHPLdrIK-QleEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Aug 2023 20:11:28 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
251 B 158ms
41ms Image
image/gif 23.212.89.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcnews.com&L1id=4650777348&L2id=2428627361&L3id=4860685866&L4id=138250188443&S1id=57191058&S2id=141257418&ord=1691784687993&r=294554372746&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Aug 2023 20:11:28 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C2A5 15 KB
6 KB 154ms
50ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.nbcnews.com&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 11 Aug 2023 20:11:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 304998
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 93 KB
30 KB 169ms
84ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 11 Aug 2023 20:11:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 19 May 2023 17:15:21 GMT
server: nginx
etag: W/"6467aea9-175c4"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Aug 2023 20:11:28 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
251 B 40ms
39ms Image
image/gif 23.212.89.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=196&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcnews.com&L1id=4650777348&L2id=2428627361&L3id=4860685866&L4id=138250188443&S1id=57191058&S2id=141257418&ord=1691784687993&r=294554372746&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-123.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Aug 2023 20:11:28 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
336 B 55ms
55ms Image
text/plain 52.17.87.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.87.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-87-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: beacon-n002-dub-prod.krxd.net
date: Fri, 11 Aug 2023 20:11:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1691784688
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 40ms
40ms XHR
text/plain 18.185.141.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.141.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-141-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 11 Aug 2023 20:11:28 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 119ms
39ms Preflight 18.185.141.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.141.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-141-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.nbcnews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 11 Aug 2023 20:11:28 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame C2A5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=nbcnews.com&sn=ChromeSyncframe&so=0&topUrl=www.nbcnews.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ps6Vw3xmVkY0UGNPWGNnK05QbXkrMGlkSlpPbXJ1SzRwT0FlaXN2RXU5THArUFlkR1VlVFI0cUJ6NkU2Rmt0MDNVUk9rdmxQZEJCS0ZZRVNmRXpKUTl0S1Z6M2NNSlJIM1BSb1d0TWFZZURyN3h1RDJhV2c4Q1ZGcG1sM0...

433 B
655 B

154ms
40ms

Fetch
application/json

178.250.1.11

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ps6Vw3xmVkY0UGNPWGNnK05QbXkrMGlkSlpPbXJ1SzRwT0FlaXN2RXU5THArUFlkR1VlVFI0cUJ6NkU2Rmt0MDNVUk9rdmxQZEJCS0ZZRVNmRXpKUTl0S1Z6M2NNSlJIM1BSb1d0TWFZZURyN3h1RDJhV2c4Q1ZGcG1sM0lnOEdJWTA0Q3dycXd4VW1YTGlNTjQwR3g3WFg4ZkIya2lUSmdMUEZDSTBkM1h5cnkyUnlKVzZMYzFWKzlDNUVCVVlCang2czFDZ1Z5dStpNVBKNG9WNUNDczM4eVh3ZFVPVHNvUTk5ZVFRZjJBMlFuNng5emQ2QUV1cFRtTENEdDAvd1d4ZDVsRHkrcFVhRm9mZW90S2gwMnd0TWE2Zz09fA&cppv=2

Protocol

Server

178.250.1.11 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

5ed43e4886fd1492b20c3be788a4127e3a1d671cde6354aebb26938727abcc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1018409
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Aug 2023 20:11:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ps6Vw3xmVkY0UGNPWGNnK05QbXkrMGlkSlpPbXJ1SzRwT0FlaXN2RXU5THArUFlkR1VlVFI0cUJ6NkU2Rmt0MDNVUk9rdmxQZEJCS0ZZRVNmRXpKUTl0S1Z6M2NNSlJIM1BSb1d0TWFZZURyN3h1RDJhV2c4Q1ZGcG1sM0lnOEdJWTA0Q3dycXd4VW1YTGlNTjQwR3g3WFg4ZkIya2lUSmdMUEZDSTBkM1h5cnkyUnlKVzZMYzFWKzlDNUVCVVlCang2czFDZ1Z5dStpNVBKNG9WNUNDczM4eVh3ZFVPVHNvUTk5ZVFRZjJBMlFuNng5emQ2QUV1cFRtTENEdDAvd1d4ZDVsRHkrcFVhRm9mZW90S2gwMnd0TWE2Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 258854
content-length: 0
expires: 0

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/65ea0b28a73c4c4abd08599774d30799/ 41 B
299 B 154ms
50ms Fetch
application/json 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/65ea0b28a73c4c4abd08599774d30799/events
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/65ea0b28a73c4c4abd08599774d30799/mparticle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: a90a0b0dc00b1192406e000a453417ff0c366134ab9c713f5fe1671617d6e2b3

Request headers

Accept: text/plain;charset=UTF-8
Referer: https://www.nbcnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-fra-eddf8230078-FRA
date: Fri, 11 Aug 2023 20:11:29 GMT
content-encoding: gzip
via: 1.1 varnish
server: Kestrel
x-timer: S1691784689.303337,VS0,VE3
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

248 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mps.nbcuni.com/fetch/ext	1970-01-20 13:57:51	Name: adEdition Value: DE
mps.nbcuni.com/fetch/ext	1970-01-20 13:57:51	Name: geoEdition Value: de
link.sbstck.com/	1970-01-20 14:06:29	Name: AWSALBTG Value: 7f/WAWvRrEY9vLgiXDx3vbxnzb6qKj5OyyeuPDrj3QbnSeHOMhSZ712oBCeZXOMadovSfjx4b7+g7J1dOjxTTExrKL13fF+QaOB6nRNDNTLfdyB6aSMFYa2XKviuGU7r6EyCXBD2dHfWEy0bmezwqqBpcoZSx1odGs0SDuUKu+1V
link.sbstck.com/	1970-01-20 14:06:29	Name: AWSALBTGCORS Value: 7f/WAWvRrEY9vLgiXDx3vbxnzb6qKj5OyyeuPDrj3QbnSeHOMhSZ712oBCeZXOMadovSfjx4b7+g7J1dOjxTTExrKL13fF+QaOB6nRNDNTLfdyB6aSMFYa2XKviuGU7r6EyCXBD2dHfWEy0bmezwqqBpcoZSx1odGs0SDuUKu+1V
.link.sbstck.com/	1970-01-20 22:42:00	Name: ajs_anonymous_id Value: %2243542019-aded-416f-b27e-d9bce69db20d%22
.link.sbstck.com/	1970-01-20 13:56:26	Name: visit_id Value: %7B%22id%22%3A%22631e8e9d-397b-40f2-af62-9fb1dc6fdd0e%22%2C%22timestamp%22%3A%222023-08-11T20%3A11%3A22.165Z%22%7D
.link.sbstck.com/	1970-01-20 22:42:00	Name: ab_testing_id Value: %222c58ecc4-54b2-4a97-9877-b65f66d88c95%22
.nbcnews.com/	1969-12-31 23:59:59	Name: ng_geolocation Value: DE
www.nbcnews.com/	1970-01-20 13:56:26	Name: BI_UI_previousPage Value: direct
www.nbcnews.com/	1970-01-20 13:56:26	Name: BI_UI_referrer Value: direct
.demdex.net/	1970-01-20 18:15:36	Name: demdex Value: 21217024386278537951428312156609241318
www.nbcnews.com/	1970-01-20 14:39:36	Name: fw_vcid2 Value: 266c8e95-831d-4fab-80c8-9156faaacee8
.nbcnews.com/	1969-12-31 23:59:59	Name: AMCVS_A8AB776A5245B4220A490D44%40AdobeOrg Value: 1
www.nbcnews.com/	1970-01-20 14:10:48	Name: akaas_NBCNews Value: 1692648683~rv=6~id=f723ed14e731362a75b37bfb2f36167a~rn=
.nbcnews.com/	1970-01-20 16:20:24	Name: _vis_opt_s Value: 1%7C
.nbcnews.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.nbcnews.com/	1970-01-20 23:32:24	Name: _vwo_uuid Value: J11358BBDD5C4BB6AEF1A9453118FC9D9
.nbcnews.com/	1970-01-20 13:56:26	Name: _vwo_sn Value: 0%3A1
.nbcnews.com/	1970-01-20 23:32:24	Name: s_vi Value: [CS]v1\|326B4AF5FA8D29F4-40001532C48DE04D[CE]
.nbcnews.com/	1970-01-20 23:32:24	Name: s_ecid Value: MCMID%7C21025901978960732491409144907016107300
.nbcnews.com/	1970-01-20 16:06:00	Name: _gcl_au Value: 1.1.26219123.1691784684
.nbcnews.com/	1970-01-20 13:56:26	Name: _dpm_ses.1b16 Value: *
.nbcnews.com/	1970-01-20 22:42:00	Name: _dpm_id.1b16 Value: 29fcc9ed-25c3-4087-8a7d-1f5d86b13812.1691784684.1.1691784684.1691784684.f585bcf5-c112-469e-bc45-4f57916279a4
.nbcnews.com/	1970-01-20 22:43:27	Name: _vwo_uuid_v2 Value: DECDA35C583F946D790B20B6874AC2CE6\|c7d924f4c720e73a27b825c0b4e20b56
www.nbcnews.com/	1970-01-20 22:42:00	Name: usprivacy Value: 1---
.nbcnews.com/	1970-01-20 22:42:00	Name: _hjSessionUser_309218 Value: eyJpZCI6IjYyMDdmOTEzLTYxNjgtNWJjYS1hNWU4LTQ4NTBhNDMzMDRiNiIsImNyZWF0ZWQiOjE2OTE3ODQ2ODQxMjEsImV4aXN0aW5nIjpmYWxzZX0=
.nbcnews.com/	1970-01-20 13:56:26	Name: _hjFirstSeen Value: 1
.nbcnews.com/	1970-01-20 13:56:24	Name: _hjIncludedInSessionSample_309218 Value: 0
.nbcnews.com/	1970-01-20 13:56:26	Name: _hjSession_309218 Value: eyJpZCI6ImY3ZjIyOTdlLWIzYWItNDUzNS1hZTJhLTdmZWVjZjRmYTEyNCIsImNyZWF0ZWQiOjE2OTE3ODQ2ODQxMjcsImluU2FtcGxlIjpmYWxzZX0=
.nbcnews.com/	1970-01-20 13:56:26	Name: _hjAbsoluteSessionInProgress Value: 0
.nbcnews.com/	1970-01-20 13:56:26	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email%22%2C%22sref%22:%22%22%2C%22sts%22:1691784684133%2C%22slts%22:0}
.nbcnews.com/	1970-01-20 23:25:48	Name: _parsely_visitor Value: {%22id%22:%22pid=d4e3089d-c810-4d5c-9567-ba4129b6746d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1691784684133}
.nbcnews.com/	1970-01-20 23:32:24	Name: AMCV_A8AB776A5245B4220A490D44%40AdobeOrg Value: 1585540135%7CMCIDTS%7C19581%7CMCMID%7C21025901978960732491409144907016107300%7CMCAAMLH-1692389484%7C6%7CMCAAMB-1692389484%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1691791884s%7CNONE%7CMCAID%7C326B4AF5FA8D29F4-40001532C48DE04D%7CvVersion%7C4.4.0
.nbcnews.com/	1970-01-20 13:56:26	Name: prevVal_pn Value: nbcnews%3Apost%3Aeasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789
.nbcnews.com/	1970-01-20 14:39:36	Name: s_vnum Value: 1694376684150%26vn%3D1
.nbcnews.com/	1970-01-20 13:56:26	Name: s_invisit Value: true
.nbcnews.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.app.link/	1970-01-20 22:42:00	Name: _s Value: PYPXqtTDxzQ4BdhQCoa4qRVr3gAsZg9Mi7H6JEjDmeY4wt9zdgXs1pAYyXU33cFm
.nbcnews.com/	1970-01-20 22:42:00	Name: mprtcl-v4_0631346C Value: {'gs':{'ie':1\|'dt':'65ea0b28a73c4c4abd08599774d30799'\|'cgid':'ae506ebf-9458-4d8d-658e-c657b80e0ee8'\|'das':'24edc958-580c-40ac-800d-77aee624fa40'\|'csm':'WyIzNzAwODM1NjI3NDgwNzgyMDEzIl0='\|'sid':'E70296A5-6A79-427A-246F-7B9352F3E25A'\|'les':1691784683862\|'ssd':1691784683852}\|'l':0\|'3700835627480782013':{'fst':1691784684170}\|'cu':'3700835627480782013'}
www.nbcnews.com/	1970-01-20 13:56:26	Name: BI_UI_mpid Value: 3700835627480782013
.nbcnews.com/	1970-01-20 16:06:00	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241691784683%3A9.00191468%3A%3A%3A6_0%2C1_0%3A1
.dpm.demdex.net/	1970-01-20 18:15:36	Name: dpm Value: 21217024386278537951428312156609241318
.nbcnews.com/	1970-01-20 14:39:36	Name: aam_uuid Value: 21295078898321797701382085368953183551
.nbcnews.com/	1970-01-20 23:25:12	Name: _awl Value: 2.1691784684.5-7f49535522f1197e24219c9df244b244-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-20 23:18:00	Name: IDE Value: AHWqTUn4jodydeKUxIYm_ZO8lpLmAwx7pCUr6m2A8wCEhZxNcrbbvAnxKXIVxoIpILo
.nbcnews.com/	1970-01-20 22:42:00	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Aug+11+2023+22%3A11%3A24+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=b8a86cd7-aee7-42a1-9dbc-cd5444518917&interactionCount=0&landingPath=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Fus-news%2Feasy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789%3Futm_source%3Dsubstack%26utm_medium%3Demail&groups=1%3A1%2C9%3A1%2C12%3A1%2C11%3A1%2C13%3A1%2COOF%3A1%2Cdummy%3A1
.nbcnews.com/	1970-01-20 23:25:12	Name: _admrla Value: 2.2-8f9087c841109a06-832ab1b6-387f-11ee-a926-df2e47ee56cb
.yahoo.com/	1970-01-20 22:42:22	Name: A3 Value: d=AQABBOyV1mQCEHdqd7mivRHE1FSn0ahPyGYFEv__AP8AAAAAAOAYyiMAAAAAgA&S=AQAAAhdFa4Bsovzd8BO0vVBdhvM
.demdex.net/	1970-01-20 18:15:36	Name: dextp Value: 771-1-1691784684199\|30646-1-1691784684300\|57282-1-1691784684402\|129099-1-1691784684504
.imrworldwide.com/	1970-01-20 23:18:00	Name: IMRID Value: 3f102d00-3883-11ee-8149-57bef48e7a3e
www.nbcnews.com/	1970-01-20 13:56:26	Name: sailthru_pageviews Value: 1
.tvpixel.com/	1970-01-20 22:42:00	Name: sp Value: 030ec80d-3eaf-4fc0-a39e-6e72c33ffc18
www.nbcnews.com/	1970-01-20 22:42:00	Name: sailthru_content Value: a3b114ccdcec0320917cc7976e851ab7
www.nbcnews.com/	1970-01-20 22:42:00	Name: sailthru_visitor Value: 5dea5d00-793b-411a-944b-6e1709b35514
www.nbcnews.com/	1970-01-20 15:22:48	Name: adops_master_kvs Value:
www.nbcnews.com/	1970-01-20 13:57:51	Name: _lr_geo_location Value: DE
.nbcnews.com/	1970-01-20 23:18:00	Name: __gads Value: ID=28b3e11497a441c9:T=1691784686:RT=1691784686:S=ALNI_MZDH8AMuxn_IwfONyfq93ftBwfzZg
.nbcnews.com/	1970-01-20 23:18:00	Name: __gpi Value: UID=00000c5f77159baf:T=1691784686:RT=1691784686:S=ALNI_MaTegoTpyo40Dx1qfvV44jSdOVZZQ
.kargo.com/	1970-01-20 22:42:00	Name: ktcid Value: 7c8d7f5a-97a4-0fcd-1790-8af260c39320
.rubiconproject.com/	1970-01-20 22:42:00	Name: khaos Value: LL70X7FE-E-AMHU
.rubiconproject.com/	1970-01-20 22:42:00	Name: audit Value: 1\|naVuGyos1qrDfEFqZbUHiwNb0fGVcfL/XWaA1sYWTLE9gLr7Yht2fchQ/Al609UPUOmnfAwWUtjctsWsOADBBOBxGCOXoSK1AiNLWUE+Kmm+xUA9sgf/4b7FQD2yB//h
.krxd.net/	1970-01-20 13:59:17	Name: e_JnqJS_Pa^ord\|1691784687993 Value: 1691784688
.krxd.net/	1970-01-20 18:15:36	Name: _kuid_ Value: PureD23J
.criteo.com/	1970-01-20 23:18:00	Name: uid Value: 3793afea-a987-4257-83f0-5d81a27ff717

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.nbcnews.com/news/us-news/easy-money-how-international-scam-artists-pulled-epic-theft-covid-n1276789?utm_source=substack&utm_medium=email Message: <link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000 ; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8168974.fls.doubleclick.net
aamt.nbcnews.com
aax.amazon-adsystem.com
adservice.google.com
adservice.google.de
ak.sail-horizon.com
api.sail-personalize.com
api2.branch.io
app.link
assets.adobedtm.com
ats.rlcdn.com
ba23bfbabb75a7144a28ba563613a60c.safeframe.googlesyndication.com
beacon.krxd.net
beacon.tru.am
bidder.criteo.com
c.amazon-adsystem.com
c.tvpixel.com
cdn-gl.imrworldwide.com
cdn.branch.io
cdn.cookielaw.org
cdn.parsely.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
colossusssp.com
cookiesync.mparticle.com
d1z2jf7jlzjs58.cloudfront.net
dev.visualwebsiteoptimizer.com
dpm.demdex.net
ds.reson8.com
fastlane.rubiconproject.com
geo.cnbc.com
geo.privacymanager.io
geolocation.onetrust.com
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
identity.mparticle.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
krk2.kargo.com
link.sbstck.com
mb.moatads.com
media-cldnry.s-nbcnews.com
media1.s-nbcnews.com
micro.rubiconproject.com
mid.rkdms.com
mps.nbcuni.com
mug.criteo.com
nbcu.demdex.net
nbcu.track.securedvisit.com
nbcudisplay.s.moatpixel.com
nbcuni.demdex.net
nodeassets.nbcnews.com
nondescriptnote.com
odey8o7krcuep0celnfeevesimqmi1691784684.nuid.imrworldwide.com
p.tvpixel.com
p1.parsely.com
pagead2.googlesyndication.com
prebid-a.rubiconproject.com
sb.scorecardresearch.com
script.hotjar.com
secure-dcr.imrworldwide.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
static.hotjar.com
tag.researchnow.com
tlx.3lift.com
tpc.googlesyndication.com
tru.am
ups.analytics.yahoo.com
usasync01.admantx.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.nbcnews.com
z.moatads.com
104.18.25.185
104.18.9.110
104.64.126.246
108.138.34.127
108.138.36.30
108.139.243.82
13.226.175.79
13.32.2.61
130.162.160.243
142.250.184.194
172.217.16.198
178.250.1.11
18.157.222.165
18.158.87.162
18.173.154.70
18.173.154.84
18.173.187.48
18.173.187.80
18.185.141.113
18.66.23.147
185.64.189.112
212.82.100.182
23.212.89.123
23.218.208.29
23.32.185.123
2600:1901:0:7416::1
2600:9000:20c3:6e00:1d:bf0a:0:93a1
2600:9000:2248:f800:11:f728:3040:93a1
2600:9000:236e:5800:2:42d9:3100:93a1
2600:9000:237d:4a00:19:9934:6a80:93a1
2600:9000:237d:5400:1d:667e:2a40:93a1
2600:9000:26da:9000:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:20::681a:274
2606:4700:20::681a:374
2606:4700::6812:1d26
2606:4700::6812:a972
2606:4700::6813:d383
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:d::d
2a02:26f0:1700:386::2506
2a02:26f0:3500:798::d25
2a02:26f0:480:99e::1e80
2a02:26f0:480:9a9::a1d
2a02:26f0:480:a86::2506
2a04:4e42:400::645
2a04:4e42::645
3.232.111.103
3.71.149.231
3.73.68.108
34.96.102.137
37.252.171.53
52.17.87.80
52.20.122.83
52.208.175.244
52.210.238.166
52.215.66.158
52.222.169.8
52.222.239.116
52.55.252.103
54.144.88.107
54.84.165.30
63.140.62.135
63.34.81.234
64.247.193.131
75.2.40.13
99.81.14.86
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
062e17133910dc59f7d4bcc379c3cc309cb5dcd99c7ca4b414b2ba9487118a52
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0ae3eaae5c56f946160b19d8b0f1363c48f6ca4c9de858dbaf8e4881c8bb1d50
0b4bb74c7f550162d688cef16db8298a8b697ed71082729828f0bfc3b6bbe4dd
0bb6e90286e342d1bea68c7ec47b85c49137854353f243a253ee202d4ce723b6
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0d0f489c847fae1ef2bcb5e5ef1bb5a05028426b55d5b99712430d3876512d20
0d7fd1fb6c00dc9b4e43a4151a860e2bc8fc06befa0f7d3eb4c4bcfc62dad378
0e003b169bf76bfe6b71c69c6a01cbd962ea9189c223ccd3d0c1c0a39b053fe1
107dd02c75777d518488a4e0b04c4de22829fbf97de4a75bff84130382732dfd
12a44958e8169688e595ad2fa2e69278a931a64de1561180bb05bfb7e9c40ccf
15f03b2320cab03d418c6c52dcefd8a89eb884c8ee1011584c8f5d96d892fb48
16be7368c4db8f156aef05f1885b0ee2162a9e9b8b7ff16bd1579a4483ef9daf
197d986313b3d067c7570256f24e204b03305989c76f4a0df86c1e972bf90109
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4f25c2e1d66e2374847514126f278fd61baf1e95f6ee48f5e7ee6f1b699df6
1d24a4866fb08ed13a374977fc2680e9276c07811a4080e81b78d6183e5dc9c1
1eaf39da4a7bc521968553ccb045aaae4c3609d0f714197db1855e4b47bf31d4
1f9187f094239de8b9cfd32162b64e9e8ceb17cc55d68a1eac2b0bc85ef12e2f
2137720bd975aacc3e543ba605ac0835d441b0c777a98f0eb5799cd761b5dc68
23336abd9d1bb27d14a7f3b3d45e8a9132446ac04d5365823f07856bf996ceb6
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
277c96a26dc80ba572e829af3c50f52388176511bdeaeb30fdb0a134a5b8efcf
292439547ecf4b8c21a611701a42f0a6f0e03b3f2df48f6be5ff8863d357baf3
2a038f3dbc1531491fdbbeb65b3b4e25a2da9f180d1394e53161656559bce3f3
2dcfe30523fd22398e13c143421775064ea95c7e35774878d11332503f9a237e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
327ffc1a01ed70669c5ab82d39bfa2fba480057c642132494fbc2f260e6a78de
36a66171502a5081bfe6245a2cfaf78b7d45ecdf3fbd1e842afc174519644052
37bfb97c7a47fd0d3800e89b3edc8f4fdbbc92ea29bf58f9723d3fdd6343a84a
39f5566a98c2a7d3aad7e6c7518c206d3065713e22c98583c9f686e48e9e7f16
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3da379679b7d724d7b2664535e1838d0a9f5fa63b696194babebb60c29ac621d
3f92f360dcd54479ca1f495c37a0a2a32b5eaf1d1028aa3cd79b4fb3977cc1fc
3fcf11828806eb582564209cdd3a2d7122be445ae1bca8ed97abf96a86dce4ff
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c9e9ddb9afbbab5cf5fe68f9b01b8fee252002ebb916d7c3be66f72d3090f71
4d96fc764422fb206b40473034ece6980d3a82f94151b13ea8128d9747c3e637
4ed7db0ede77c257549059f0fd4e06bfd9d2daa94979e2af5b9043607062fc91
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50f12dc4b62b9b5edca4a81bf47fc509402fd6a0c93ccabb6780cbbf15c2a64f
541b5504975cab60ee778063f29f6f9320ef309ddb0dc9ca2781f9328c90575e
547bfe45786020d5e9de262b053fecc7e9031cac23695f136d411b67e604c90e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
595b8a4a261b601cd3663e2c81488b0e2ae777b592f33b1da6fa9717ba8edeed
5b69168a30fd5fa709abaeb2bc5cd006cea136f5216f177df40b970ae8fc09b4
5b9cad64bd676904eff85c57f84f0c76d3a1938333fc5c620b9860810ab67f6b
5bd9f4c0d9bb1a4dc31a3521b0676750041e592ac8f4d4b65826555e71b3a20d
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ed43e4886fd1492b20c3be788a4127e3a1d671cde6354aebb26938727abcc0a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d8137d275f12306e177bc726c2b3e072f9efa4743a0ace6ecbcf7a0932fd07
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
668c3d4710b07f2327e63f68caefd38b90999af3e3614532b9c0eafc51ac383c
66d0d266cae0989bb6bba49c65b8452c01b9176d5828d304e49d339c2c49f28e
68179b2afb435b07725952ee0ccbea4c87220b9cd756d4f584e2867f277a7c15
68506f19805cece4d33c339667dbda1a1ee71f27166fb170e27dafac0ced52f0
69a7f118e29bd9cafaba6c69bfbaeeea23e2b8afabdf9130f4144202d52fb3a6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
6c371d78b8de54ae1376578042c383699753ffc0732308a83f626e534ad2cafc
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6fadd70a3b68e5b50db0a1a8e8b20ee77c76ae8400a7c1df193a50822fb0fba1
745834316128a9605db352a4146dfb81cfd209fa037d3256277e2bc9d12b0f44
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7644dddfc917eaf75a112e43241acbcece1ab57af00af0477c0adc7cc74c3574
767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c
77014622bb2b3b959cef95b4e87520f3422d0344a366b0820580b9f9201d5b7f
781e5d64e355ea883008a5a84253f2193e16eeee976577427b5d9008180bdede
78dd5cab8f034e39a17997a27f38feed6e2e32b405372ad59b442ad7fec0e72b
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f5db94edf7ef0c4f1d241e3d297b4151a9825137b5819cf5f20306d30b510ea
7fc0f1f5c86727a5dffe2ffad4353ed890a4c2dc0c80c264338cd3a950a6c1e5
7ff4381f6f2ad9d6186a47b2654e2e3cf0fd2d3c62063271db1c4764137e3a20
821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664
82e99be5296a64d1cde35ec1d74aca80e44aca5eba2098c93076c7e86667b683
83340911733e4ae3c55fc3763d089fa38e427248ac4833ee3209c5c5f7f385dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
837d2f960a4a5ca4b0fa92f295bb6dda0dc551274f45bda82679091e24e3ba38
84ee2584931c1134cb37441f22834730e8bcc740861c7ab9200378f5f24f60fb
8518882d24d5c83caa6bb6ae8f88b2f89524037f9bebc83d2f0741c5d6d1c7ea
8553b1c5d9a0629a8d1f82874918f5e203267cdb5ca1d14a5c224fc9afa7ba8c
8709cecb4b98dd2089aa830e3b2c23461580f352cb97ef3fadd9cbec6b5e14cb
8887f033ae4631ad48fbf4521ba40794325a25b9c24e01c55c972e4d5af595a9
88b4d4627e1e206d18640d49737db3589b7a76c88bc34f671842f685a618492e
8a061eb906851bbccbd3de3aa4062df1a9c23efba1399adbcaef8d5d3aa60181
8c4a3ac0fed73766716288c51bf3801a42c28431b7b369fb50140e176099791b
8c67d47496a8af1f4c99a350ababf131661cf111a02460c5e9f6d9539db481c3
8d53ae07794a4985ec6ade2ce02349bc42c50c5b1b12ad44ae816561039a8d35
8d5f45c56ad6b8e642270d1a8ac31ee840885eb7a30a9efed5a9f92a81d31aca
8e9b3dc41928550a6a5f2294cb7bb92ba7e4ae20198486ce269415ee43543420
8f34ebc564ab6471bb209da166c05e6667d1f10a298e3e613f34d58402e8c689
9656696ac112c4857545329ec7d475e6a5f4072c7aa4b7beeca4810f73cb05dc
96d6583f9cbd8c69f49a4842b402c0176812aad03f216d94676e4b824d884102
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a08be7476bd1b5c312ce519a5bec743a19bcb3bd4a06031af22fb8efe08e759
9abab9b3b812c2c7ca46d5f8976228df8c2a5bd9272228ec2556a5d547c23920
9dbae1c52b25e80d49ac4de0774de054ed6902db415e20f444f244d8b6f98e10
9dfb30c327bc626183bcfb86a1778567f10e1c85d18c9eec88c22f84bbe9673b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3830b637357b9a79589bc2166749af7c75285392e5003444081b378a10ee354
a5c65030006e06d79944399be8c88dfdf03187eabfc05dbbfbed49eea7c13dc4
a5f2bbb60e7c7e8763481edcd2334d6770f57e463209cfae3d63473b90c4f793
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a90a0b0dc00b1192406e000a453417ff0c366134ab9c713f5fe1671617d6e2b3
a92201fa95a7940492030e2e450a66636d725e60414bfd7f3216b567ade783b0
ad7734c2b30945038ff9873a2c8bc72ecf73ef40ba26c30a8012b13c0d250e95
af4c700289815bbc20a737e4df4e9f78a7244e6927f8e52e13ef93ace2278ccd
b010974ffa06648b152996171e7ae8961e05fc21dca1370d357f99525cf2c324
b106d53657dc2442668fad4558fb7d48f00c2e61a77783373c1a91f1152031d3
b43976d90420b5281b8254f6078e8b0cc4fe05e09ec380c5faeaf4747937935b
b5abb7a38b973f2afb7a5db345e6e3af00e0c7f0d25c054797f78cb2653fd301
b6e635a7e1ab8ea1671505d940b05de3652d8fc5fa4aca94da773152deff70c4
b78ab16b972a289c3f833bb02edc358e3315ee48ccb618b57bd6e3c8a230c164
b8b6a13b6b9ac5a178e20d5d77f13fbf2b68e91906eef2851211db57f2e35dec
ba3b0f3b0561b53b98321116b5fa0cb5a937c99d9a4b8012f0cfb46a050e0d63
ba684c94cce5696458bc5225315ce18647eea2682ac6c0030a1ad5c8a65a6163
bc0940918f4137bbbcd28d2b192976c761bb965001ee850e0200547c801fb2b3
be5ddda8e669c59313302ddb6cb53e56c0d33c30fb6d288779723b81cfa9221b
bf3a6b83617a590dcdabc93f3170e2418ea6825b728612041b09377d5058535f
c0d3362277f35f91e37f2b4569754cde92620fa20a333c49655ef43b80cce37c
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c2a4f13f2f53631fe201946e00d86223ba47a42f981701a5a36713aae551f987
c352a6b6f42a01002824f53be7054d9b81e5811b32bc44ba8c05727aaa739f0a
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
cb399b9ee5e0daff6b915936873c31e7405040b9e586cb02988a513ff43e55df
cef4bd2366fe9f01a0cef765ac8f0a77d2805e64ba0168a24e1777e4d583a53e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d32fab7fdbf206c43c8f41a9938a0a18631aac27188da5b02fe81d839a75ae56
d3faec294fbd9c381d61b3a559bfb7e3fb2899c3535106dc981956ef0abeca48
d5cc7bf36f04b6976c44a9dfd8c2231918fcaadc7215f4b778dda14da9c06bd2
d5dff8cb0971d056c1a8f3e22e096eb18006e00a4ad48d2eb9308b149172adbe
d7bce4354208897cefdc172e0023efb5070f1a6ca0058a6a0ba2142c8ed8ab03
da998083f78c40ddec935cd325eea7ba92723ece5c90cef2104ddd4245c96f1a
dba8842a30a0214ed2532bc6d5be0c667506050e386c56a11be5dc80d34cbb2b
dbe1b49a9ffc00eeaa6c698480c3cb3c171ca9570fe1989d35fafd29fafd32da
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e300bb0d03ccd64b295a0cdd084fa0ffbcd0450ef22f26f0e2c0834866dbf964
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6beb00e75f332564823b34aca86d7b13c4d4f5aa8f29089fd7fe23439570bf9
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e9c07824d0967d30b5ca738d650cd92f1dc38082939be19f4507d9f7c9bee5e0
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
eb7d94c68fd95098d442185b5521bffa0aaef8bb2dfd847ece2e804e0603408c
eec660e2b3b122746049afba74759e1d3012e9757e4d93063212a770eb150b31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f4b789a94b43b21f595fc45c22051acd05c2f653a39d2daf2685303c45e33d29
f526755512b464228c5af13374012e3b145ea22242659c2b7ad5cc62ddf6ca10
f536230f018214f31c7ff72a1f3720315b4892849e9390ac692d2adfad0ad917
f9df1da2e337cc44e3d87a5dc93f8271933b5ee914c7046ef02e281014b6cda0
fbf3fbacbbbd5450d461202dec467b8f56a0a085cfdae026e1887976600ea77b
fc3bc4cb0c90c349b25357e6ec52534251db4d796efe8f4da0e98fb3cef4491e
fdb34b1ef3887ed0b7291072c13b7e97f1e9c1b8a467fcbd48b61ffffb422fb5
fedca269c46d16ef7bbb050acc9bbb9fe51a8bb77a3a8d31627d82fce4ce124a

www.nbcnews.com Open in urlscan Pro 2a02:26f0:1700:386::2506 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

194 Requests

97 %HTTPS

42 %IPv6

53 Domains

80 Subdomains

76 IPs

8 Countries

3450 kBTransfer

11752 kBSize

64 Cookies

74 Outgoing links

Page URL History

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nbcnews.com Open in urlscan Pro
2a02:26f0:1700:386::2506 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

97 %
HTTPS

42 %
IPv6

53
Domains

80
Subdomains

76
IPs

8
Countries

3450 kB
Transfer

11752 kB
Size

64
Cookies

194 HTTP transactions
2 data transactions