www.nycgo.com Open in urlscan Pro
104.111.232.58 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nycgo.com/off-broadway-week
Submission: On February 11 via manual (February 11th 2022, 6:09:43 pm UTC) from US — Scanned from DE

Summary HTTP 214 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 64 IPs in 7 countries across 57 domains to perform 214 HTTP transactions. The main IP is 104.111.232.58, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.nycgo.com. The Cisco Umbrella rank of the primary domain is 199021.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 12th 2021. Valid for: a year.

This is the only time www.nycgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8 29	104.111.232.58 104.111.232.58	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	104.92.74.173 104.92.74.173	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 3	3.223.170.70 3.223.170.70	14618 (AMAZON-AES) (AMAZON-AES)
3 4	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
4 8	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	18.66.2.63 18.66.2.63	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.237.219 151.139.237.219	33438 (HIGHWINDS2) (HIGHWINDS2)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
20	2a04:4e42:400... 2a04:4e42:400::614	54113 (FASTLY) (FASTLY)
3	104.92.74.116 104.92.74.116	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	52.86.65.180 52.86.65.180	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
21	2.20.86.213 2.20.86.213	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a04:4e42:62::84 2a04:4e42:62::84	54113 (FASTLY) (FASTLY)
1	151.101.128.114 151.101.128.114	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 7	104.84.56.209 104.84.56.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.66.248.65 18.66.248.65	16509 (AMAZON-02) (AMAZON-02)
1	92.123.194.113 92.123.194.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.71.51.137 52.71.51.137	14618 (AMAZON-AES) (AMAZON-AES)
1	64.158.223.140 64.158.223.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
14	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3 7	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
2 4	3.126.16.11 3.126.16.11	16509 (AMAZON-02) (AMAZON-02)
4 8	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	209.97.149.49 209.97.149.49	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2600:9000:215... 2600:9000:2156:6600:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.246.16.33 34.246.16.33	16509 (AMAZON-02) (AMAZON-02)
1	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
1	104.90.185.183 104.90.185.183	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.192.132.137 18.192.132.137	16509 (AMAZON-02) (AMAZON-02)
1 1	108.157.4.98 108.157.4.98	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	52.200.156.204 52.200.156.204	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2.20.85.164 2.20.85.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4232:5007:e458:edcf:dd38	14618 (AMAZON-AES) (AMAZON-AES)
1	52.28.188.15 52.28.188.15	16509 (AMAZON-02) (AMAZON-02)
1	52.36.230.128 52.36.230.128	16509 (AMAZON-02) (AMAZON-02)
1 2	3.124.150.38 3.124.150.38	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	2600:9000:214... 2600:9000:214f:1400:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.238.149.180 34.238.149.180	14618 (AMAZON-AES) (AMAZON-AES)
214	64

29 104.111.232.58 (Frankfurt am Main, Germany) 8 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-232-58.deploy.static.akamaitechnologies.com

www.nycgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.74.173 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-173.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.223.170.70 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-170-70.compute-1.amazonaws.com

dc.arrivalist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.134 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10272577.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.2.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-63.txl50.r.cloudfront.net

origin-www.nycgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.219 (United States)

ASN33438 (HIGHWINDS2, US)

cdn.getsmartcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a04:4e42:400::614 (United States)

ASN54113 (FASTLY, US)

images.nycgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.92.74.116 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-116.deploy.static.akamaitechnologies.com

service.nycgo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.65.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-65-180.compute-1.amazonaws.com

s.getsmartcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

nycgoprod.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2.20.86.213 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-86-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.84.56.209 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-65.dus51.r.cloudfront.net

analytics-sm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.194.113 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-113.deploy.static.akamaitechnologies.com

3j0pw4ed7uac-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.71.51.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-51-137.compute-1.amazonaws.com

nycgo.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-login.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.23.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.16.11 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-16-11.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 193.0.160.128 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20827843p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20827626p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.97.149.49 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

nycco-sweeps-122021.probabilityworks.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6600:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.16.33 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-16-33.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.185.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-185-183.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.132.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-132-137.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-98.dus51.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.156.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-156-204.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.85.164 (Milan, Italy) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-164.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:5007:e458:edcf:dd38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.188.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-188-15.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.230.128 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-230-128.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.150.38 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-150-38.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:1400:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.149.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-149-180.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	nycgo.com 8 redirects www.nycgo.com — Cisco Umbrella Rank: 199021 origin-www.nycgo.com — Cisco Umbrella Rank: 272279 images.nycgo.com — Cisco Umbrella Rank: 279406 service.nycgo.com — Cisco Umbrella Rank: 300298	1 MB
29	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 ad.doubleclick.net — Cisco Umbrella Rank: 167 stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 10272577.fls.doubleclick.net — Cisco Umbrella Rank: 326298 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276 cm.g.doubleclick.net — Cisco Umbrella Rank: 175	233 KB
25	googlesyndication.com 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 120 pagead2.googlesyndication.com — Cisco Umbrella Rank: 92	138 KB
21	moatads.com z.moatads.com — Cisco Umbrella Rank: 330 px.moatads.com — Cisco Umbrella Rank: 390	280 KB
8	rfihub.com 4 redirects 20827843p.rfihub.com — Cisco Umbrella Rank: 320734 a.rfihub.com — Cisco Umbrella Rank: 2921 20827626p.rfihub.com — Cisco Umbrella Rank: 323245 p.rfihub.com — Cisco Umbrella Rank: 615	11 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	120 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	489 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	198 KB
4	pinterest.de www.pinterest.de — Cisco Umbrella Rank: 28326	15 KB
4	w55c.net 2 redirects tags.w55c.net — Cisco Umbrella Rank: 3467	2 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 349	172 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 283	1006 B
3	evergage.com nycgo.evergage.com — Cisco Umbrella Rank: 261979	2 KB
3	pinterest.com 1 redirects ct.pinterest.com — Cisco Umbrella Rank: 810 www.pinterest.com — Cisco Umbrella Rank: 1008	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 9027 www.google.de — Cisco Umbrella Rank: 6342	1 KB
3	arrivalist.com 3 redirects dc.arrivalist.com — Cisco Umbrella Rank: 9011	2 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 505	70 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 491	607 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 265	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 469	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 187	2 KB
2	probabilityworks.cloud nycco-sweeps-122021.probabilityworks.cloud — Cisco Umbrella Rank: 302847	8 KB
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 288	478 B
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	78 KB
2	analytics-sm.com analytics-sm.com — Cisco Umbrella Rank: 14171	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 667	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	74 KB
2	2o7.net 1 redirects nycgoprod.112.2o7.net — Cisco Umbrella Rank: 291411	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	getsmartcontent.com cdn.getsmartcontent.com — Cisco Umbrella Rank: 23341 s.getsmartcontent.com — Cisco Umbrella Rank: 31575	38 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1099	201 B
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 311	715 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 306	12 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1242	14 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 371	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 388	238 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 864	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 982	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1708	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1871	789 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1187	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 478	614 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 845	344 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 447	676 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5862	6 KB
1	dotomi.com login.dotomi.com — Cisco Umbrella Rank: 1642	211 B
1	akamaihd.net 3j0pw4ed7uac-a.akamaihd.net — Cisco Umbrella Rank: 290772	253 B
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 5320	117 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 99	15 KB
1	t.co t.co — Cisco Umbrella Rank: 456	337 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 468	458 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 539	6 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	4 KB
1	typography.com 1 redirects cloud.typography.com — Cisco Umbrella Rank: 5350	442 B
214	57

	Domain	Requested by
29	www.nycgo.com	8 redirects www.nycgo.com
20	images.nycgo.com	www.nycgo.com
18	px.moatads.com	www.nycgo.com 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
14	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com www.nycgo.com www.googletagservices.com
12	securepubads.g.doubleclick.net	www.nycgo.com securepubads.g.doubleclick.net 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com www.googletagservices.com
8	tpc.googlesyndication.com	34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
8	origin-www.nycgo.com	www.nycgo.com
6	www.googletagservices.com	34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com www.googletagservices.com
5	www.facebook.com	www.nycgo.com
5	connect.facebook.net	www.nycgo.com connect.facebook.net
4	www.pinterest.de	s.pinimg.com www.nycgo.com
4	p.rfihub.com	2 redirects
4	tags.w55c.net	2 redirects 10272577.fls.doubleclick.net
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	10272577.fls.doubleclick.net	2 redirects assets.adobedtm.com
4	maps.googleapis.com	www.nycgo.com maps.googleapis.com
4	adservice.google.com	www.nycgo.com securepubads.g.doubleclick.net 10272577.fls.doubleclick.net
4	ad.doubleclick.net	2 redirects www.googletagservices.com
4	ib.adnxs.com	3 redirects 10272577.fls.doubleclick.net
3	idsync.rlcdn.com	1 redirects 10272577.fls.doubleclick.net
3	cm.g.doubleclick.net	3 redirects
3	nycgo.evergage.com	www.nycgo.com
3	z.moatads.com	34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com assets.adobedtm.com
3	www.google.com	www.nycgo.com tpc.googlesyndication.com
3	34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	service.nycgo.com	www.nycgo.com
3	dc.arrivalist.com	3 redirects
3	assets.adobedtm.com	www.nycgo.com assets.adobedtm.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	dpm.demdex.net	1 redirects
2	nycco-sweeps-122021.probabilityworks.cloud	assets.adobedtm.com nycco-sweeps-122021.probabilityworks.cloud
2	pixel.rubiconproject.com	10272577.fls.doubleclick.net
2	a.rfihub.com	1 redirects
2	s0.2mdn.net	34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
2	analytics-sm.com	www.nycgo.com
2	ct.pinterest.com	www.nycgo.com
2	s.pinimg.com	www.nycgo.com s.pinimg.com
2	www.google.de	www.nycgo.com
2	www.googletagmanager.com	assets.adobedtm.com
2	nycgoprod.112.2o7.net	1 redirects www.nycgo.com
2	www.google-analytics.com	www.nycgo.com
1	ping.chartbeat.net
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.nycgo.com
1	www.pinterest.com	1 redirects
1	static.chartbeat.com	www.nycgo.com
1	beacon.krxd.net	10272577.fls.doubleclick.net
1	aa.agkn.com	10272577.fls.doubleclick.net
1	partners.tremorhub.com	10272577.fls.doubleclick.net
1	x.dlx.addthis.com	10272577.fls.doubleclick.net
1	bpi.rtactivate.com	10272577.fls.doubleclick.net
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	10272577.fls.doubleclick.net
1	contextual.media.net	10272577.fls.doubleclick.net
1	ps.eyeota.net
1	stags.bluekai.com	1 redirects
1	20827626p.rfihub.com	c1.rfihub.net
1	c1.rfihub.net	10272577.fls.doubleclick.net
1	20827843p.rfihub.com	1 redirects
1	login.dotomi.com	assets.adobedtm.com
1	3j0pw4ed7uac-a.akamaihd.net	www.nycgo.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	cdn.evgnet.com	assets.adobedtm.com
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.nycgo.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	t.co	www.nycgo.com
1	analytics.twitter.com	static.ads-twitter.com
1	s.getsmartcontent.com	cdn.getsmartcontent.com
1	static.ads-twitter.com	www.nycgo.com
1	cdn.getsmartcontent.com	www.nycgo.com
1	cdnjs.cloudflare.com	www.nycgo.com
1	cloud.typography.com	1 redirects
214	76

This site contains links to these domains. Also see Links.

Domain
business.nycgo.com
es.nycgo.com
fr.nycgo.com
ptbr.nycgo.com
de.nycgo.com
www.priceless.com
www.telechargeoffers.com
www.brownpapertickets.com
www.nycitycenter.org
mcctheater.org
www.ticketmaster.com
www.59e59.org
web.ovationtix.com
my.playwrightshorizons.org
repertorio.secure.force.com
www.nytw.org
publictheater.org
www.vineyardtheatre.org
twitter.com
www.facebook.com
www.instagram.com
www.youtube.com
www.pinterest.com
www.discoveramerica.com
www.iloveny.com

Subject Issuer	Validity	Valid
*.nycgo.com DigiCert SHA2 Secure Server CA	`2021-11-12` - `2022-11-15`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-21` - `2022-02-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.getsmartcontent.com Go Daddy Secure Certificate Authority - G2	`2021-10-19` - `2022-11-20`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
adacpresse-res.cloudinary.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-19` - `2022-05-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
bound360.com Amazon	`2021-06-28` - `2022-07-27`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
cdn.evergage.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-04-27`	2 years	crt.sh
*.analytics-sm.com Amazon	`2021-07-17` - `2022-08-15`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.evergage.com Amazon	`2022-01-06` - `2023-02-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
nycco-sweeps-122021.probabilityworks.cloud R3	`2022-01-24` - `2022-04-24`	3 months	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.nycgo.com/off-broadway-week
Frame ID: 5182D5FBF0394FD746F2C25732FE6201
Requests: 121 HTTP requests in this frame

Frame: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2BCD71BF0253DECD0E47C1E82BD90750
Requests: 1 HTTP requests in this frame

Frame: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DBBC84CF390A24F72227044DE9E71E12
Requests: 25 HTTP requests in this frame

Frame: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F640E54DFEC1A7341CAF847983ECB3D8
Requests: 25 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8DB925C2DE02FC5C50527201EFA024C4
Requests: 1 HTTP requests in this frame

Frame: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013
Frame ID: 4462B3A9A3742BF406F7601CABE07D2E
Requests: 4 HTTP requests in this frame

Frame: https://10272577.fls.doubleclick.net/activityi;dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588754250.8687
Frame ID: 9333596FD78C74BBDAC0BB34285E98A0
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0920C37488396DB254FE7EE572BC3327
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8D7FF68AE359372F554FDD13E05EE1E1
Requests: 3 HTTP requests in this frame

Frame: https://20827626p.rfihub.com/ca.html?ver=9&rb=42866&ca=20827626&_o=42866&_t=20827626&pe=https%3A%2F%2F10272577.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMXxt8Kf-PUCFXQGBgAdHzsEqg%3Bsrc%3D10272577%3Btype%3Dus-go0%3Bcat%3Dus-go0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%24%257Bgdpr_consent_755%257D%3Bord%3D5986667957248.013%3F&pf=https%3A%2F%2Fwww.nycgo.com%2F&ra=6906876415177738
Frame ID: F8D2863296DCC256C1DF87D1FF3E5380
Requests: 20 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: EF9BADB025955ED6FF7C2935A7549735
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA3CC8246EBA4FA643BE6ECD79F3F0A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE12C7408686EF74C949CAEFD60AF98E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NYC Off-Broadway Week℠ | Discounted Tickets & Theater in NYC | NYCgo

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

214
Requests

89 %
HTTPS

34 %
IPv6

57
Domains

76
Subdomains

64
IPs

7
Countries

3049 kB
Transfer

8166 kB
Size

63
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://business.nycgo.com/members/
Title: Membership

Search URL Search Domain Scan URL

URL: https://business.nycgo.com/meeting-planners/
Title: Meeting Planners

Search URL Search Domain Scan URL

URL: https://business.nycgo.com/press-and-media/
Title: Press & Media

Search URL Search Domain Scan URL

URL: https://business.nycgo.com/travel-trade/
Title: Travel Trade

Search URL Search Domain Scan URL

URL: https://business.nycgo.com/
Title: About Us

Search URL Search Domain Scan URL

URL: https://es.nycgo.com/
Title: Spanish

Search URL Search Domain Scan URL

URL: https://fr.nycgo.com/
Title: French

Search URL Search Domain Scan URL

URL: https://ptbr.nycgo.com/
Title: Portuguese

Search URL Search Domain Scan URL

URL: https://de.nycgo.com/
Title: German

Search URL Search Domain Scan URL

URL: https://www.priceless.com/

Search URL Search Domain Scan URL

URL: https://www.telechargeoffers.com/go.aspx?MD=2001&PID=13390&MC=OBW22&AID=CRP000854300&utm_source=nycgo&utm_campaign=offbroadwayweek2022&utm_medium=web
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.brownpapertickets.com/event/5178176
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.nycitycenter.org/pdps/2021-2022/prayer-for-the-french-republic/?promocode=32226
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://mcctheater.org/tix/space-dogs/
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/promo/gyxp8d
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.59e59.org/shows/show-detail/barococo-2022/
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://web.ovationtix.com/trs/pr/1095054/prm/OBW22
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/perfect-crime-tickets/artist/935439
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://my.playwrightshorizons.org/overview/tambo?promo=OBW22
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/stomp-ny-tickets/artist/844123
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.telechargeoffers.com/go.aspx?MD=2001&PID=13392&MC=OBW22&AID=CRP000854300&utm_source=nycgo&utm_campaign=offbroadwayweek2022&utm_medium=web
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.ticketmaster.com/the-office-a-musical-parody-tickets/artist/2524589
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://web.ovationtix.com/trs/pr/1085781/prm/OBW22
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://repertorio.secure.force.com/ticket/patronticket__publicticketapp#/events/a0S8a00000UqWZ9EAN
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.nytw.org/show/on-sugarland/tickets/
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://publictheater.org/productions/season/2122/out-of-time/
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://www.vineyardtheatre.org/sandblasted/
Title: Buy Now

Search URL Search Domain Scan URL

URL: https://business.nycgo.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://business.nycgo.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://twitter.com/nycgo
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nycgo
Title: Like us on Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nycgo/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0xjgWP2PaZhnNUDKpx6uxg/
Title: Subscribe to us on YouTube

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/nycgo/
Title: Follow us on Pinterest

Search URL Search Domain Scan URL

URL: http://www.discoveramerica.com/

Search URL Search Domain Scan URL

URL: http://www.iloveny.com/

Search URL Search Domain Scan URL

URL: https://business.nycgo.com/privacy#cookies
Title: cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://cloud.typography.com/6347456/7458392/css/fonts.css HTTP 302
https://www.nycgo.com/assets/fonts/680419/3015C34285A295A49.css

Request Chain 10

https://dc.arrivalist.com/px/?pixel_id=1653&a_source=NYCGO&a_medium=Page_Visit&a_type=Owned&a_campaign=Off-Broadway_Week&a_content=Off_Broadway_Week HTTP 302
https://dc.arrivalist.com/pj/check.php?rk=ip-10-0-1-2376206a660e6f069.548307986206a660e794b1.20270138 HTTP 302
https://ib.adnxs.com/getuid?https://dc.arrivalist.com/pj/proc.php?auid=$UID&rk=ckip-10-0-1-2376206a660e6f069.548307986206a660e794b1.20270138 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdc.arrivalist.com%2Fpj%2Fproc.php%3Fauid%3D%24UID%26rk%3Dckip-10-0-1-2376206a660e6f069.548307986206a660e794b1.20270138 HTTP 302
https://dc.arrivalist.com/pj/proc.php?auid=2070091120481305135&rk=ckip-10-0-1-2376206a660e6f069.548307986206a660e794b1.20270138 HTTP 302
https://ib.adnxs.com/seg?add=15697544&redir=https://ad.doubleclick.net/ddm/activity/src=9051767;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1? HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9051767;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9051767;dc_pre=CNf1q8Kf-PUCFbtJkQUdva0FhQ;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9051767;dc_pre=CNf1q8Kf-PUCFbtJkQUdva0FhQ;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 11

https://www.nycgo.com/assets/images/nav/hamburger-search-icon.png HTTP 302
https://origin-www.nycgo.com/assets/images/nav/hamburger-search-icon.png

Request Chain 12

https://www.nycgo.com/images/articles/417/wobw22-nycgo-lockup@2x.png HTTP 302
https://origin-www.nycgo.com/images/articles/417/wobw22-nycgo-lockup@2x.png

Request Chain 14

https://www.nycgo.com/assets/images/programs/off-broadway-week/2022/winter/WOBW22-footer-code.png HTTP 302
https://origin-www.nycgo.com/assets/images/programs/off-broadway-week/2022/winter/WOBW22-footer-code.png

Request Chain 45

https://www.nycgo.com/assets/images/logo-sm-black.png HTTP 302
https://origin-www.nycgo.com/assets/images/logo-sm-black.png

Request Chain 46

https://www.nycgo.com/assets/images/NYCCVB_xxxxs-black.png HTTP 302
https://origin-www.nycgo.com/assets/images/NYCCVB_xxxxs-black.png

Request Chain 47

https://www.nycgo.com/assets/images/NYCVB.png HTTP 302
https://origin-www.nycgo.com/assets/images/NYCVB.png

Request Chain 48

https://www.nycgo.com/assets/images/USA-discover-america-black.png HTTP 302
https://origin-www.nycgo.com/assets/images/USA-discover-america-black.png

Request Chain 49

https://www.nycgo.com/assets/images/iny-black.png HTTP 302
https://origin-www.nycgo.com/assets/images/iny-black.png

Request Chain 51

https://nycgoprod.112.2o7.net/b/ss/nycgoprod/1/JS-2.22.0-LBWB/s87998859076479?AQB=1&ndh=1&pf=1&t=11%2F1%2F2022%2018%3A9%3A37%205%200&fid=18DF5335E32648F3-38BEB3657D6FAF91&ce=UTF-8&g=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&c.&getVisitNum=4.2&endOfDatePeriod=1.2&getTimeSinceLastVisit=2.0&inList=3.0&formatTime=2.0&getTimeParting=6.3&getQueryParam=4.0.1&pt=3.0&getNewRepeat=3.0&.c&cc=USD&events=event1&c15=D%3Dv15&v15=New&c16=D%3Dv16&v16=1&v17=New%20Visitor&c18=D%3Dv18&v18=6%3A09%20PM&c19=D%3Dv19&v19=Friday&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://nycgoprod.112.2o7.net/b/ss/nycgoprod/1/JS-2.22.0-LBWB/s87998859076479?AQB=1&pccr=true&ndh=1&pf=1&t=11%2F1%2F2022%2018%3A9%3A37%205%200&fid=18DF5335E32648F3-38BEB3657D6FAF91&ce=UTF-8&g=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&c.&getVisitNum=4.2&endOfDatePeriod=1.2&getTimeSinceLastVisit=2.0&inList=3.0&formatTime=2.0&getTimeParting=6.3&getQueryParam=4.0.1&pt=3.0&getNewRepeat=3.0&.c&cc=USD&events=event1&c15=D%3Dv15&v15=New&c16=D%3Dv16&v16=1&v17=New%20Visitor&c18=D%3Dv18&v18=6%3A09%20PM&c19=D%3Dv19&v19=Friday&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Request Chain 122

https://10272577.fls.doubleclick.net/activityi;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013 HTTP 302
https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013

Request Chain 123

https://10272577.fls.doubleclick.net/activityi;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588754250.8687 HTTP 302
https://10272577.fls.doubleclick.net/activityi;dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588754250.8687

Request Chain 141

https://tags.w55c.net/rs?id=e1f06ad8953f43418d8736ace56b58c6&t=marketing HTTP 302
https://tags.w55c.net/rs?sccid=ba94fda0-bc76-440b-d30d-6f347b12484f&scc=1&id=e1f06ad8953f43418d8736ace56b58c6&t=marketing

Request Chain 143

https://20827843p.rfihub.com/ca.gif?rb=42866&ca=20827843&ra=YOUR_CUSTOM_CACHE_BUSTER&_o=42866&_t=20827843 HTTP 302
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxOTY4NjU3MDYxMw==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D5142336719686570613%26https%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D5142336719686570613https%25253A%25252F%25252Fdsum-sec.casalemedia.com%25252Frum%25253Fcm_dsp_id%25253D57%252526external_user_id%25253D5142336719686570613%252526forward%25253D HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D5142336719686570613%26https%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D5142336719686570613https%25253A%25252F%25252Fdsum-sec.casalemedia.com%25252Frum%25253Fcm_dsp_id%25253D57%252526external_user_id%25253D5142336719686570613%252526forward%25253D&google_gid=CAESEGiy26-x3V41miyTrSD_ASQ&google_cver=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336719686570613&https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336719686570613https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D57%2526external_user_id%253D5142336719686570613%2526forward%253D

Request Chain 144

https://tags.w55c.net/rs?id=bf57f140e39e4b98bfde08026d7a6868&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price HTTP 302
https://tags.w55c.net/rs?sccid=aca52419-1573-5544-be3d-ccc11d1ad525&scc=1&id=bf57f140e39e4b98bfde08026d7a6868&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price

Request Chain 162

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMTE3MzMxMTk4Mw==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGiy26-x3V41miyTrSD_ASQ&google_cver=1

Request Chain 164

https://stags.bluekai.com/site/4722?id=5124322321173311983&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 166

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322321173311983&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322321173311983&redir=

Request Chain 167

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5142336719686570613&bid=omt9pi0

Request Chain 170

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322321173311983&referrer=https%3A%2F%2Fwww.nycgo.com%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=043684b1-bb8c-4d7d-98c1-3d49e8416b38%3A1644602978.99&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D043684b1-bb8c-4d7d-98c1-3d49e8416b38%253A1644602978.99 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=043684b1-bb8c-4d7d-98c1-3d49e8416b38%3A1644602978.99 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJljy2TQ3VYP8Y5mqguW19E&google_cver=1

Request Chain 172

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321173311983&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321173311983&forward=&C=1

Request Chain 175

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321173311983&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321173311983&img=1&__user_check__=1&sync_id=c714b032-8b65-11ec-b971-1bf0cf250306

Request Chain 179

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322321173311983&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321173311983&expires=30

Request Chain 180

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YgamYwAFeSx-IQBH HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YgamYwAFeSx-IQBH&_test=YgamYwAFeSx-IQBH

Request Chain 184

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

214 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request off-broadway-week Show response
www.nycgo.com/ 85 KB
18 KB 104ms
20ms Document
text/html 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 / PHP/5.6.40
Resource Hash: 21d6073a139bf30bec316adc0301c085870c49486b04cd8138e45067b4bed475

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
x-powered-by: PHP/5.6.40
last-modified: Wed, 09 Feb 2022 16:47:17 GMT
pragma: no-cache
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: QfWOBkfexiLCgoejs6jZ8eoUD_JfDntee9AMAJecg6KrBmjTriQ3Qw==
content-length: 17483
cache-control: max-age=604800
expires: Fri, 18 Feb 2022 18:09:35 GMT
date: Fri, 11 Feb 2022 18:09:35 GMT
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 jquery.min.js Show response
www.nycgo.com/assets/add-ons/jquery/ 82 KB
29 KB 61ms
59ms Script
application/x-javascript 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/add-ons/jquery/jquery.min.js?v=1641863492
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f6e6cf217f7f130dbb3c52f3c0f2945726b43f45a5e49e596be45d5920fd5cf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 29402
last-modified: Tue, 11 Jan 2022 01:11:32 GMT
server: AkamaiNetStorage
etag: "fa15f55b8f5e922dbc6be013d428c17f:1641863657.969248"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2 200 SuperiorTextWeb-Regular.woff
www.nycgo.com/assets/fonts/ 98 KB
85 KB 68ms
66ms Font
font/woff 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/fonts/SuperiorTextWeb-Regular.woff
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3d9b1200ae97fa3c872beae6088439712031f8f6875fd2dffefda21548293944

Request headers

Referer: https://www.nycgo.com/off-broadway-week
Origin: https://www.nycgo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 86633
last-modified: Thu, 21 Jul 2016 17:43:57 GMT
server: AkamaiNetStorage
etag: "ded0adb6e4d79913ad00df15e3c09bda:1594094102.484058"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2 200 NYCSans-MediumWeb.woff
www.nycgo.com/assets/fonts/nyc_sans/ 16 KB
16 KB 75ms
73ms Font
font/woff 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/fonts/nyc_sans/NYCSans-MediumWeb.woff
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de71e3be1643c465c384292eb4d43504c7e1ef7a2f07b005155970fd5c55f4dd

Request headers

Referer: https://www.nycgo.com/off-broadway-week
Origin: https://www.nycgo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 15962
last-modified: Mon, 22 Aug 2016 20:06:28 GMT
server: AkamaiNetStorage
etag: "d0fc34dc4128bae80828c6c3bbe9d058:1609452310.082692"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2 200 NYCSans-BoldWeb.woff
www.nycgo.com/assets/fonts/nyc_sans/ 20 KB
20 KB 75ms
74ms Font
font/woff 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/fonts/nyc_sans/NYCSans-BoldWeb.woff
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35791a7fea75b9b1311561b2bf6361da59cdb611c5032162157f9b7d0fada088

Request headers

Referer: https://www.nycgo.com/off-broadway-week
Origin: https://www.nycgo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 20069
last-modified: Mon, 22 Aug 2016 20:06:28 GMT
server: AkamaiNetStorage
etag: "99502ed40bf4a70db27be26cd177feb5:1609452309.538701"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2 200 NYCgo-Icon.woff
www.nycgo.com/assets/fonts/nycgo_icons/ 28 KB
19 KB 84ms
83ms Font
font/woff 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/fonts/nycgo_icons/NYCgo-Icon.woff
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dc3a2c27e4e9b70186b84f625f22f85fd95dcd748a82d9f486f60679ba64a9c9

Request headers

Referer: https://www.nycgo.com/off-broadway-week
Origin: https://www.nycgo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 19026
last-modified: Thu, 19 Aug 2021 16:18:29 GMT
server: AkamaiNetStorage
etag: "7717e352b8f4f16b3bcb6c14a57ac824:1629390309.535334"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2 200 global.css
www.nycgo.com/assets/css/ 438 KB
75 KB 79ms
78ms Stylesheet
text/css 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/css/global.css?v=1643231583
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 22d0f781ce255e69162447cd18c00d337aebd1bc6ef126a867654ae31ac7246c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 76659
last-modified: Wed, 26 Jan 2022 21:13:03 GMT
server: AkamaiNetStorage
etag: "7ee9a47457d05084ce0c462e5acf806b:1643231823.086505"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2

200

3015C34285A295A49.css
www.nycgo.com/assets/fonts/680419/
Redirect Chain

https://cloud.typography.com/6347456/7458392/css/fonts.css
https://www.nycgo.com/assets/fonts/680419/3015C34285A295A49.css

108 KB
80 KB

79ms
78ms

Stylesheet
text/css

104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/fonts/680419/3015C34285A295A49.css
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ec821a0596673fc8ea6d6184bcc217de6995c2fb647d32b01d560e7bf8436f82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 81792
last-modified: Wed, 15 Aug 2018 20:52:49 GMT
server: AkamaiNetStorage
etag: "aeb1c78756dd9de03e2f5a4d11a1ca8a:1606391107.027034"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:36 GMT

Redirect headers

Date: Fri, 11 Feb 2022 18:09:36 GMT
Last-Modified: Wed, 15 Aug 2018 20:58:11 GMT
Server: AkamaiNetStorage
ETag: "934c6f3a316b4388d8592bae7f6ab784:1534366690"
Content-Type: text/html
Location: https://www.nycgo.com/assets/fonts/680419/3015C34285A295A49.css
Cache-Control: must-revalidate, private
Connection: keep-alive
X-HCo-pid: 16
Content-Length: 154
Expires: Fri, 11 February 2022 18:09:36 GMT

GET
H2 200 off-broadway-week-active.css
www.nycgo.com/assets/css/marketing-programs/off-broadway-week/ 3 KB
1 KB 383ms
382ms Stylesheet
text/css 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/css/marketing-programs/off-broadway-week/off-broadway-week-active.css?v=1643231583
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 74175a5def5aed00685eb42da25d052a315562b949c8fb153ac54f1745a4a6c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 1001
last-modified: Wed, 26 Jan 2022 21:13:03 GMT
server: AkamaiNetStorage
etag: "8c030f948d14fb117881a09c14acb9d4:1643231826.81061"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2 200 launch-d85886614a80.min.js Show response
assets.adobedtm.com/a194bea8d39a/825a12be7af5/ 236 KB
56 KB 47ms
8ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 199d12add96436f325238d197311a7b92b9cc9ec19d40e5fb27179659b4f2c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: gzip
last-modified: Fri, 28 Jan 2022 14:47:30 GMT
server: AkamaiNetStorage
etag: "6326421ce41331be9d911a3ceab7f5ab:1643381250.244931"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.nycgo.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 56914
expires: Fri, 11 Feb 2022 19:09:36 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 153ms
52ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

c97bb3ca107ce9dff21b27d98703b6b7e6cd813d252ce8b1afb1bca174ce49fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27174
x-xss-protection: 0
server: sffe
etag: "1128 / 384 of 1000 / last-modified: 1644581193"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 11 Feb 2022 18:09:36 GMT

GET
H3

200

src=9051767;dc_pre=CNf1q8Kf-PUCFbtJkQUdva0FhQ;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://dc.arrivalist.com/px/?pixel_id=1653&a_source=NYCGO&a_medium=Page_Visit&a_type=Owned&a_campaign=Off-Broadway_Week&a_content=Off_Broadway_Week
https://dc.arrivalist.com/pj/check.php?rk=ip-10-0-1-2376206a660e6f069.548307986206a660e794b1.20270138
https://ib.adnxs.com/getuid?https://dc.arrivalist.com/pj/proc.php?auid=$UID&rk=ckip-10-0-1-2376206a660e6f069.548307986206a660e794b1.20270138
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdc.arrivalist.com%2Fpj%2Fproc.php%3Fauid%3D%24UID%26rk%3Dckip-10-0-1-2376206a660e6f069.548307986206a660e794b1.20270138
https://dc.arrivalist.com/pj/proc.php?auid=2070091120481305135&rk=ckip-10-0-1-2376206a660e6f069.548307986206a660e794b1.20270138
https://ib.adnxs.com/seg?add=15697544&redir=https://ad.doubleclick.net/ddm/activity/src=9051767;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9051767;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9051767;dc_pre=CNf1q8Kf-PUCFbtJkQUdva0FhQ;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9051767;dc_pre=CNf1q8Kf-PUCFbtJkQUdva0FhQ;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
63 B

123ms
76ms

Image
image/gif

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9051767;dc_pre=CNf1q8Kf-PUCFbtJkQUdva0FhQ;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9051767;dc_pre=CNf1q8Kf-PUCFbtJkQUdva0FhQ;type=invmedia;cat=newyo0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

hamburger-search-icon.png
origin-www.nycgo.com/assets/images/nav/
Redirect Chain

https://www.nycgo.com/assets/images/nav/hamburger-search-icon.png
https://origin-www.nycgo.com/assets/images/nav/hamburger-search-icon.png

628 B
1 KB

18ms
18ms

Image
image/png

18.66.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin-www.nycgo.com/assets/images/nav/hamburger-search-icon.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Server: 18.66.2.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-63.txl50.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: a018bd8daf39fdbb04811fec8738c544e2fb5acbe7d967d679ecb43747afd48c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:26:16 GMT
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Thu, 10 Sep 2020 20:09:45 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
age: 2817
etag: "274-5aefb263ea3e8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 628
x-amz-cf-id: 6I0VTCSd9Bf2-FZgXzk68k-3IRc2iz4fHsfLSCgBp-niPc0jud4i7A==
expires: Sun, 13 Mar 2022 17:22:40 GMT

Redirect headers

date: Fri, 11 Feb 2022 18:09:37 GMT
server: AkamaiGHost
location: https://origin-www.nycgo.com/assets/images/nav/hamburger-search-icon.png
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H2

200

wobw22-nycgo-lockup@2x.png
origin-www.nycgo.com/images/articles/417/
Redirect Chain

https://www.nycgo.com/images/articles/417/wobw22-nycgo-lockup@2x.png
https://origin-www.nycgo.com/images/articles/417/wobw22-nycgo-lockup@2x.png

177 KB
177 KB

46ms
46ms

Image
image/png

18.66.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin-www.nycgo.com/images/articles/417/wobw22-nycgo-lockup@2x.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Server: 18.66.2.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-63.txl50.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: c1bee4e8a24acad6f7b38f922e67f9ca90df8c54de6ec570265728707485c83e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:42:41 GMT
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jan 2022 22:19:04 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
age: 1616
etag: "2c289-5d59230d06ec8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 180873
x-amz-cf-id: kcx-O-YW3xPiTMwor0mDePr5t4ymWYSPPZFpDznmN7001Wd-qD-GSQ==
expires: Sun, 13 Mar 2022 17:42:41 GMT

Redirect headers

date: Fri, 11 Feb 2022 18:09:37 GMT
server: AkamaiGHost
location: https://origin-www.nycgo.com/images/articles/417/wobw22-nycgo-lockup@2x.png
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H2 200 mastercard-logo-obw.png
www.nycgo.com/assets/images/partner-logos/ 9 KB
9 KB 505ms
504ms Image
image/png 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nycgo.com/assets/images/partner-logos/mastercard-logo-obw.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 31f4dc16175ce9644251f825ac083991b64f8c1048f66515600ae9fd20888240

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
last-modified: Mon, 03 Jun 2019 16:11:17 GMT
server: AkamaiNetStorage
etag: "e0e870d68fd6ef2f6bed1fc33fa92721:1559578865.704158"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 9050
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H2

200

WOBW22-footer-code.png
origin-www.nycgo.com/assets/images/programs/off-broadway-week/2022/winter/
Redirect Chain

https://www.nycgo.com/assets/images/programs/off-broadway-week/2022/winter/WOBW22-footer-code.png
https://origin-www.nycgo.com/assets/images/programs/off-broadway-week/2022/winter/WOBW22-footer-code.png

7 KB
8 KB

118ms
45ms

Image
image/png

18.66.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin-www.nycgo.com/assets/images/programs/off-broadway-week/2022/winter/WOBW22-footer-code.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Server: 18.66.2.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-63.txl50.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: ff621854fb4a7722e5f02fbfd1f8e425d65bb7867463897b42c838e4c4da9ba1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:42:42 GMT
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jan 2022 21:13:03 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
age: 1615
etag: "1cff-5d682aad65cc8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 7423
x-amz-cf-id: 4AsGu1MNSPZgdbYFeOs0-pxrYy358fFVUmMhpzmsqZK--aSJlT4rhA==
expires: Sun, 13 Mar 2022 17:42:42 GMT

Redirect headers

date: Fri, 11 Feb 2022 18:09:37 GMT
server: AkamaiGHost
location: https://origin-www.nycgo.com/assets/images/programs/off-broadway-week/2022/winter/WOBW22-footer-code.png
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff84c00d295e5eff32b18c3933bb245ba7de8a0828e91a9c6eb99d6f3b16c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NFpkZtO90GFepPmTgRNWZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 11 Feb 2022 18:24:25 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 1caIjFILfp2Pw7FOUute+4bEK9ApyjbvIg8h9H5eJU7fCyBFOV0/6QxjQQQb70p+BaoK/gyXPQx6QWUXGDvCrQ==
x-fb-trip-id: 686109401
x-fb-content-md5: e64b7c79a75d4b119c45852b6ab77e1c
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Feb 2022 18:09:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "cc70b5035e827b463ca9cfe4586e266c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 assets.min.js Show response
www.nycgo.com/assets/js/ 361 KB
106 KB 55ms
55ms Script
application/x-javascript 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/js/assets.min.js?v=1641863493
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 48dbb832581bb1828766b197fefa8c9104a424f42a6a382eec3268367fb93025

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 108075
last-modified: Tue, 11 Jan 2022 01:11:33 GMT
server: AkamaiNetStorage
etag: "5889e0469650a771073843cebf529770:1641863764.208229"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2 200 global.min.js Show response
www.nycgo.com/assets/js/ 34 KB
10 KB 45ms
45ms Script
application/x-javascript 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/js/global.min.js?v=1641863493
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1940bb824f6d3f3bb17e6f4bbf705246839773ab7bb562a176670ec10e717c6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 9718
last-modified: Tue, 11 Jan 2022 01:11:33 GMT
server: AkamaiNetStorage
etag: "1de66db46d16dd9feb195b4e9ae1e784:1641863764.61527"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 161 KB
53 KB 151ms
65ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDkSQUrbnLkcBi92Bz1sKKqG9wEe0NWif8&libraries=places

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4fa39213dffa07ebd19e62a8130dadf50a547d1bb2d17dd6d4fb4d2c00e50f89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53719
x-xss-protection: 0
expires: Fri, 11 Feb 2022 18:39:36 GMT

GET
H2 200 jquery.waypoints.min.js Show response
www.nycgo.com/assets/js/miscellaneous/ 9 KB
3 KB 46ms
46ms Script
application/x-javascript 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/js/miscellaneous/jquery.waypoints.min.js?v=1542317297
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 2753
last-modified: Thu, 15 Nov 2018 21:28:17 GMT
server: AkamaiNetStorage
etag: "7d05f92297dede9ecfe3706efb95677a:1608392165.864019"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:36 GMT

GET
H2 200 clipboard.min.js Show response
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/ 10 KB
4 KB 39ms
15ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.0/clipboard.min.js

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1505701
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2905
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e29-29a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9NGZNjrJEF%2BdhwNe6PvSNixk5o0PicJry6NnBQTO%2BfcVwxF%2FYLXncMREXVtYq78EeC%2BX9fy9sScAOxSaHWnHZ2Rp6QmOw8IDnaKPGo%2BgVF2dSsu%2FsFsmEuyObLXxLcMMeZxnk5fmPDt8EsEy7sMn8p2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6dbf877929f29124-FRA
expires: Wed, 01 Feb 2023 18:09:36 GMT

GET
H2 200 runtime.js Show response
www.nycgo.com/dist/dynamic-grid/ 1 KB
1 KB 13ms
13ms Script
application/javascript 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/dist/dynamic-grid/runtime.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: 32a426dfecc30304a96fa7bea231121415c9a055d47fdfb06056a40229ec9de7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA2-C1
content-length: 733
last-modified: Thu, 08 Apr 2021 18:40:22 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
etag: "5e0-5bf7a61406618-gzip"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 8bEIVoclZD0OmmW5L7tfpGG95tw6SzjFmoF0EuGHSNV4P4aRsbU_VA==
expires: Sun, 13 Mar 2022 18:09:36 GMT

GET
H2 200 polyfills.js Show response
www.nycgo.com/dist/dynamic-grid/ 36 KB
13 KB 10ms
10ms Script
application/javascript 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: d5b15cc14f7e212b2b1154d39601171968b66cd7e908162e1d5324b0bf9daa67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA60-P4
content-length: 12494
last-modified: Thu, 08 Apr 2021 18:40:22 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
etag: "9000-5bf7a61403350-gzip"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: O90Y99lg4CXtm29HNvIW6KvYJyNWxRjulJvKCJ4rhJC4a4eygGHk2A==
expires: Sun, 13 Mar 2022 18:09:36 GMT

GET
H2 200 main.js Show response
www.nycgo.com/dist/dynamic-grid/ 2 MB
423 KB 10ms
10ms Script
application/javascript 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/dist/dynamic-grid/main.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: 5619a8a9168d56fef7b0a650649361e1a71a436b45339a16bdd0a0eb7aa7af5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/off-broadway-week
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA60-P4
content-length: 431622
last-modified: Wed, 09 Feb 2022 15:25:13 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
etag: "1a2de5-5d79770a11640-gzip"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: UfBZB8QcI7Iwhm_2oZoXOxas6_QVEY6wpwRJklrLIy_FcxrlEwE_1A==
expires: Sun, 13 Mar 2022 18:09:36 GMT

GET
H/1.1 200
OK 1C9H1VQV.js Show response
cdn.getsmartcontent.com/ 105 KB
37 KB 59ms
13ms Script
application/javascript 151.139.237.219
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.getsmartcontent.com/1C9H1VQV.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.237.219 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a6ae1df5aa88ab77fc2940878600ab7b624e5b30e0239946e2eadcce36f33940

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:36 GMT
Content-Encoding: gzip
ETag: W/"be173b1562498d890464e94fe4887efa"
Last-Modified: Fri, 24 Sep 2021 17:21:54 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: YVZBSFPEVT6CZ98H
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: public, max-age=900
x-amz-replication-status: COMPLETED
Connection: keep-alive
x-amz-version-id: lin_ubaYTCnaiqGqoIM5.HBRLpUNf6Oi
x-amz-id-2: 7hPL7rVmTzmTccmKTP8WVfQCv1QgZVKOx1eQBvOlOF+vPEoiwL5uTkCfRQblWMOeKKPfPVFeP9A=

GET
H2 200 bootstrap-slider.min.css
www.nycgo.com/assets/add-ons/bootstrap-slider/css/ 8 KB
2 KB 55ms
55ms Stylesheet
text/css 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/assets/add-ons/bootstrap-slider/css/bootstrap-slider.min.css
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/assets/css/global.css?v=1643231583
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bd3b37a8818bb370c0a701e19186f1ea86e9e9a4f5338766901d8d26c330fa5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/assets/css/global.css?v=1643231583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:35 GMT
content-encoding: gzip
vary: Accept-Encoding
content-length: 1884
last-modified: Tue, 24 Mar 2020 20:10:30 GMT
server: AkamaiNetStorage
etag: "98adc911b7d09a5bb36210993c1465a3:1585080847.313085"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sun, 13 Mar 2022 18:09:35 GMT

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 26ms
25ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.nycgo.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Fri, 11 Feb 2022 19:09:37 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 68ms
67ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.nycgo.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Fri, 11 Feb 2022 19:09:37 GMT

GET
H2 200 logo.png
www.nycgo.com/assets/images/ 5 KB
6 KB 83ms
83ms Image
image/png 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nycgo.com/assets/images/logo.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/assets/css/global.css?v=1643231583
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40f01f813f2a0e0cd56d0db188dd8194696b232c473fd422e3ab36fecaab2e71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/assets/css/global.css?v=1643231583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
last-modified: Mon, 01 Oct 2018 14:18:31 GMT
server: AkamaiNetStorage
etag: "833faba7d63585044e7127943359c8bc:1556550665.408923"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5525
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H2 200 pubads_impl_2022020801.js Show response
securepubads.g.doubleclick.net/gpt/ 357 KB
120 KB 39ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122244
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:34:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Feb 2023 17:20:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 63 B
95 B 97ms
49ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nycgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5164efdedb9c01c7c202111568dfa7532ccbfc29b3e70e31f526f7a5587fcd93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70
x-xss-protection: 0
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: vBk3dMEVKjpxDyurNO1UYEGyXAkQhgIUfZBk4DZV7pneix27jCNyL6wEoiVaT2F+zHnEHbWkZ9UdmfdluSYJxA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 11 Feb 2022 18:09:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 33ms
6ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100048-IAD, cache-fra19157-FRA

GET
H2 200 wobw22-nycgo-lp-3000x768.jpg
images.nycgo.com/image/fetch/q_65,c_fill,f_auto,w_1920/https://www.nycgo.com/images/pages/417/ 13 KB
14 KB 67ms
10ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_65,c_fill,f_auto,w_1920/https://www.nycgo.com/images/pages/417/wobw22-nycgo-lp-3000x768.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3081babbd1ee2b3b36bddb5d6344b1e1faf1c1b2de1d0a84dd4b8f889534c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="wobw22-nycgo-lp-3000x768.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-02-11T18:09:37.109Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 13466
last-modified: Mon, 31 Jan 2022 00:50:16 GMT
server: Cloudinary
etag: "8b0c48ceb4c836598bd8f035ed8b77d8"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=0c2e820b87bf4fce4448d6251718b4e8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d76aa4395e4aec3b94a5ab6b6f5f19f56bdf249d38d482b330fb851aeaa1dc01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.nycgo.com/
Origin: https://www.nycgo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gRKCwPQiuxTDBxNsSJLx2w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 11 Feb 2023 17:07:02 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82126
x-fb-rlafr: 0
x-fb-debug: HOznEgztr0b1yDpyEifOf/GkV8WttwEPafXqF747DaSi7DziuAPVqvjl01DAukVU442e3x80oBIG7wOdeByn6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2f583fb0d095fac85b01f9dfd38213e5
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 18:09:37 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b6d5f0d524209f3443d805a28bd0e993"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 notice Show response
www.nycgo.com/feeds/ 536 B
715 B 113ms
113ms XHR
application/json 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/feeds/notice
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/assets/add-ons/jquery/jquery.min.js?v=1641863492
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 / PHP/5.6.40
Resource Hash: aa91bf466c13dc3d1a77701ee123b9361fea36ed9751514cbde34610826c5593

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.nycgo.com/off-broadway-week
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA60-P4
x-powered-by: PHP/5.6.40
content-length: 307
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-headers: *
x-amz-cf-id: pXkpXd4NPOCJk6NOwETd0UREsVQCrGk_DDx_jHPzQkVvR4P7BklAVA==
expires: Fri, 18 Feb 2022 18:09:37 GMT

GET
H2 200 global-search-prefetch Show response
www.nycgo.com/feeds/ 22 KB
8 KB 13ms
12ms XHR
application/json 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nycgo.com/feeds/global-search-prefetch
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/assets/add-ons/jquery/jquery.min.js?v=1641863492
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 / PHP/5.6.40
Resource Hash: 7d2ef55b9bcc89fd2c4e8f0f1fb4f084b210a3e5ad23a64ce88592e05c970e77

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.nycgo.com/off-broadway-week
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA2-C1
x-powered-by: PHP/5.6.40
content-length: 7948
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-headers: *
x-amz-cf-id: jF8KdNYdQLJdsZ5Fue7H84woy5GsDgVhsn0q0sGSSn-va7RnUC6Qng==
expires: Fri, 18 Feb 2022 18:09:37 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 106ms
59ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDkSQUrbnLkcBi92Bz1sKKqG9wEe0NWif8&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nycgo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0321d90be5ec15cff0f618931594d1fb2af52b07d770c1eff6cfc61d87f7ecac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CxkFKNo39T736gkPBwTtTg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: LRQCgDw4RNd+0oG7f77ZLQKIz2AhcxWwmhYemE7gQ6d41jv0v4j14VA0QIi0Y2t6ioRa+B/Z/HFIluBgCt4Q1g==
x-fb-content-md5: 8d47784a66431d19eca48f89f8cd70c8
x-frame-options: DENY
date: Fri, 11 Feb 2022 18:09:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3a6c9839c55c9cb487a35b86ef9b27e8"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 11 Feb 2022 18:29:28 GMT

GET
H/1.1 200
OK body-listing-containers Show response
service.nycgo.com/nycgo/v2/ 1 KB
1 KB 226ms
25ms Script
text/javascript 104.92.74.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://service.nycgo.com/nycgo/v2/body-listing-containers?entryId=417&blockId=6113394&ignore=417&callback=ng_jsonp_callback_0
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-116.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 008676201e4f01df3ba7239b6602dd52951c2262c8d5b635f7396f21f34ff8f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:37 GMT
Content-Encoding: gzip
X-RateLimit-Limit: 3000
X-Powered-By: PHP/5.6.40
X-RateLimit-Remaining: 2999
Connection: keep-alive
Content-Length: 570
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://www.nycgo.com
Cache-Control: private, no-cache
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: Origin,Content-Type,Accept,Accept-Language,Accept-Encoding,Authorization,X-CSRF-Token,X-Requested-With
Expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H/1.1 200
OK body-listing-containers Show response
service.nycgo.com/nycgo/v2/ 2 KB
1 KB 667ms
467ms Script
text/javascript 104.92.74.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://service.nycgo.com/nycgo/v2/body-listing-containers?entryId=417&blockId=6130509&ignore=417&callback=ng_jsonp_callback_1
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-116.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 409b00f742127540d7820b3aa9a6200adac141e7708eae1cec04da530f23689d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:37 GMT
Content-Encoding: gzip
X-RateLimit-Limit: 3000
X-Powered-By: PHP/5.6.40
X-RateLimit-Remaining: 2998
Connection: keep-alive
Content-Length: 662
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://www.nycgo.com
Cache-Control: private, no-cache
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: Origin,Content-Type,Accept,Accept-Language,Accept-Encoding,Authorization,X-CSRF-Token,X-Requested-With
Expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H/1.1 200
OK off-broadway-week Show response
service.nycgo.com/nycgo/v2/ 27 KB
6 KB 224ms
32ms Script
text/javascript 104.92.74.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://service.nycgo.com/nycgo/v2/off-broadway-week?entryId=16431&gridId=off-broadway-week&randomizeFirst=true&callback=ng_jsonp_callback_2
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.116 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-116.deploy.static.akamaitechnologies.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 8331323b55c565b4fabb597d0cb60280489e3079cc8ce9fdcba6fb4c676c7747

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:37 GMT
Content-Encoding: gzip
X-RateLimit-Limit: 3000
X-Powered-By: PHP/5.6.40
X-RateLimit-Remaining: 2999
Connection: keep-alive
Content-Length: 5521
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://www.nycgo.com
Cache-Control: private, no-cache
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: Origin,Content-Type,Accept,Accept-Language,Accept-Encoding,Authorization,X-CSRF-Token,X-Requested-With
Expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
39ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 285
date: Fri, 11 Feb 2022 18:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 20:04:52 GMT

GET
H2 200 heart.png
www.nycgo.com/assets/images/favorites/ 1 KB
2 KB 58ms
58ms Image
image/png 104.111.232.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nycgo.com/assets/images/favorites/heart.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/assets/css/global.css?v=1643231583
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.232.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-232-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 110de602c0d0d5284be73180f73923918eb69384fed76a3b5b0f8caa9d9745e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/assets/css/global.css?v=1643231583
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
last-modified: Thu, 15 Nov 2018 21:28:17 GMT
server: AkamaiNetStorage
etag: "889b3bb7402244a9b2c465b6f6dcc472:1542317466.205328"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1299
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H2 200 serving Show response
s.getsmartcontent.com/ 169 B
589 B 493ms
226ms Script
application/javascript 52.86.65.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.getsmartcontent.com/serving?tm=1644602977&rv=627f8035-a5f0-4e75-88c6-c432a5029739&i=5hruykotgqtuy6ku6ihf7lxmn9sk7ztt&loc=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&w=1C9H1VQV&c=&v=1644602977.1644602977.1644602977.1&s=5hruykotgqtuy6ku6ihf7lxmn9sk7ztt.1644602977&d=1600%2C1200&ab=&r=&m.eg=&lvc=&lvcr=&dl=%7B%7D

Requested by

Host: cdn.getsmartcontent.com
URL: https://cdn.getsmartcontent.com/1C9H1VQV.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.65.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-65-180.compute-1.amazonaws.com

Software

Resource Hash

cdef6038f606a5ad81312da4f20c70ef4826359847805683f3e92125bfdcfbf2

Security Headers

Name	Value
Content-Security-Policy	default-src '*'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
referrer-policy: unsafe-url
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: max-age=0, must-revalidate, no-cache=Set-Cookie, private
content-security-policy: default-src '*'
x-content-type-options: nosniff
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

logo-sm-black.png
origin-www.nycgo.com/assets/images/
Redirect Chain

https://www.nycgo.com/assets/images/logo-sm-black.png
https://origin-www.nycgo.com/assets/images/logo-sm-black.png

3 KB
4 KB

19ms
19ms

Image
image/png

18.66.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin-www.nycgo.com/assets/images/logo-sm-black.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Server: 18.66.2.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-63.txl50.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: 491b181dad62439b16d11a85602c468f33be38c224cd7afe34a57bf6ed745b99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:49:51 GMT
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 17:38:56 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
age: 1322
etag: "cc2-5b09f7d986020"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 3266
x-amz-cf-id: TbqsTqC51jzv0R_p14Bzscfdbl9eEklWJYuLJhKuJJ6b_70MrszO6Q==
expires: Sun, 13 Mar 2022 17:47:36 GMT

Redirect headers

date: Fri, 11 Feb 2022 18:09:38 GMT
server: AkamaiGHost
location: https://origin-www.nycgo.com/assets/images/logo-sm-black.png
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Sun, 13 Mar 2022 18:09:38 GMT

GET
H2

200

NYCCVB_xxxxs-black.png
origin-www.nycgo.com/assets/images/
Redirect Chain

https://www.nycgo.com/assets/images/NYCCVB_xxxxs-black.png
https://origin-www.nycgo.com/assets/images/NYCCVB_xxxxs-black.png

5 KB
6 KB

19ms
19ms

Image
image/png

18.66.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin-www.nycgo.com/assets/images/NYCCVB_xxxxs-black.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Server: 18.66.2.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-63.txl50.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: fdf6af253e37b9611eefe4102e1d3084fa175e7200dba32459d98f56ee38fac8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:49:51 GMT
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 17:38:56 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
age: 1321
etag: "14ca-5b09f7d9779a8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 5322
x-amz-cf-id: dniOTwdFIfH6PwQpk87AqsBf3NYNWWFfkOef91JTMHTdjhUJMbq5kA==
expires: Sun, 13 Mar 2022 17:47:36 GMT

Redirect headers

date: Fri, 11 Feb 2022 18:09:37 GMT
server: AkamaiGHost
location: https://origin-www.nycgo.com/assets/images/NYCCVB_xxxxs-black.png
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H2

200

NYCVB.png
origin-www.nycgo.com/assets/images/
Redirect Chain

https://www.nycgo.com/assets/images/NYCVB.png
https://origin-www.nycgo.com/assets/images/NYCVB.png

7 KB
7 KB

44ms
44ms

Image
image/png

18.66.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin-www.nycgo.com/assets/images/NYCVB.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Server: 18.66.2.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-63.txl50.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: 843c4100dfaaf74efcdfaf70aaceb861f4d1d79debfb1371866a0286fbed4aee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Fri, 02 Oct 2020 15:57:39 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
age: 241
etag: "1c07-5b0b2312f29b8"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 7175
x-amz-cf-id: oR3AlDST2hjfbzZ--GcSi8jw8-DKtFqdeLIlzbFm_FPgzPi_9DG_zA==
expires: Sun, 13 Mar 2022 18:05:36 GMT

Redirect headers

date: Fri, 11 Feb 2022 18:09:37 GMT
server: AkamaiGHost
location: https://origin-www.nycgo.com/assets/images/NYCVB.png
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H2

200

USA-discover-america-black.png
origin-www.nycgo.com/assets/images/
Redirect Chain

https://www.nycgo.com/assets/images/USA-discover-america-black.png
https://origin-www.nycgo.com/assets/images/USA-discover-america-black.png

6 KB
6 KB

18ms
18ms

Image
image/png

18.66.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin-www.nycgo.com/assets/images/USA-discover-america-black.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Server: 18.66.2.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-63.txl50.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: a0d81d86b0088fae78c179cad32b4566009767fe886f05d5b612a04e524c8c24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:49:51 GMT
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 17:38:56 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
age: 1321
etag: "1735-5b09f7d97d380"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 5941
x-amz-cf-id: liC9z--0X3U6_BKeE0IeRB1n9Q-rsjBvtdfu7oQrnfCmBxfhjDpwfQ==
expires: Sun, 13 Mar 2022 17:47:36 GMT

Redirect headers

date: Fri, 11 Feb 2022 18:09:37 GMT
server: AkamaiGHost
location: https://origin-www.nycgo.com/assets/images/USA-discover-america-black.png
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H2

200

iny-black.png
origin-www.nycgo.com/assets/images/
Redirect Chain

https://www.nycgo.com/assets/images/iny-black.png
https://origin-www.nycgo.com/assets/images/iny-black.png

5 KB
5 KB

18ms
18ms

Image
image/png

18.66.2.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin-www.nycgo.com/assets/images/iny-black.png
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Server: 18.66.2.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-63.txl50.r.cloudfront.net
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: 31c77770ceb2db18f6d59d010c75dbd711f4724e34fdd41bc50d2657c9697460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:49:51 GMT
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Thu, 01 Oct 2020 17:38:56 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
age: 2524
etag: "127b-5b09f7d983140"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 4731
x-amz-cf-id: vICHsOhY6Fgn2sj1eND8Dq0Qom1hZ4yL6jhdwQpuuLEdtcZPna9biw==
expires: Sun, 13 Mar 2022 17:27:33 GMT

Redirect headers

date: Fri, 11 Feb 2022 18:09:37 GMT
server: AkamaiGHost
location: https://origin-www.nycgo.com/assets/images/iny-black.png
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Sun, 13 Mar 2022 18:09:37 GMT

GET
H3 200 1853655394945282 Show response
connect.facebook.net/signals/config/ 309 KB
87 KB 82ms
82ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853655394945282?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

140ceebf0711c56a234f859194939a4664dab33e6efb47ed9b88de2e066f7318

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 3TUXW93nMvwsy3pHaOMFv4NYXrZo7py6vEUo+FvagCN7tsjSe8WBu+kQZ2tOXlZBlQHRCbY4+/cEZbNu5ZYIjg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 11 Feb 2022 18:09:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

s87998859076479
nycgoprod.112.2o7.net/b/ss/nycgoprod/1/JS-2.22.0-LBWB/
Redirect Chain

https://nycgoprod.112.2o7.net/b/ss/nycgoprod/1/JS-2.22.0-LBWB/s87998859076479?AQB=1&ndh=1&pf=1&t=11%2F1%2F2022%2018%3A9%3A37%205%200&fid=18DF5335E32648F3-38BEB3657D6FAF91&ce=UTF-8&g=https%3A%2F%2Fw...
https://nycgoprod.112.2o7.net/b/ss/nycgoprod/1/JS-2.22.0-LBWB/s87998859076479?AQB=1&pccr=true&ndh=1&pf=1&t=11%2F1%2F2022%2018%3A9%3A37%205%200&fid=18DF5335E32648F3-38BEB3657D6FAF91&ce=UTF-8&g=https...

43 B
298 B

16ms
15ms

Image
image/gif

13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nycgoprod.112.2o7.net/b/ss/nycgoprod/1/JS-2.22.0-LBWB/s87998859076479?AQB=1&pccr=true&ndh=1&pf=1&t=11%2F1%2F2022%2018%3A9%3A37%205%200&fid=18DF5335E32648F3-38BEB3657D6FAF91&ce=UTF-8&g=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&c.&getVisitNum=4.2&endOfDatePeriod=1.2&getTimeSinceLastVisit=2.0&inList=3.0&formatTime=2.0&getTimeParting=6.3&getQueryParam=4.0.1&pt=3.0&getNewRepeat=3.0&.c&cc=USD&events=event1&c15=D%3Dv15&v15=New&c16=D%3Dv16&v16=1&v17=New%20Visitor&c18=D%3Dv18&v18=6%3A09%20PM&c19=D%3Dv19&v19=Friday&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 12 Feb 2022 18:09:37 GMT
server: jag
xserver: anedge-cdfbd77b-k6mwd
etag: 3531758002053480448-4619872551886341875
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 10 Feb 2022 18:09:37 GMT

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Feb 2022 18:09:37 GMT
server: jag
access-control-allow-origin: *
xserver: anedge-cdfbd77b-8pgh5
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
location: https://nycgoprod.112.2o7.net/b/ss/nycgoprod/1/JS-2.22.0-LBWB/s87998859076479?AQB=1&pccr=true&ndh=1&pf=1&t=11%2F1%2F2022%2018%3A9%3A37%205%200&fid=18DF5335E32648F3-38BEB3657D6FAF91&ce=UTF-8&g=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&c.&getVisitNum=4.2&endOfDatePeriod=1.2&getTimeSinceLastVisit=2.0&inList=3.0&formatTime=2.0&getTimeParting=6.3&getQueryParam=4.0.1&pt=3.0&getNewRepeat=3.0&.c&cc=USD&events=event1&c15=D%3Dv15&v15=New&c16=D%3Dv16&v16=1&v17=New%20Visitor&c18=D%3Dv18&v18=6%3A09%20PM&c19=D%3Dv19&v19=Friday&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-type: text/plain;charset=utf-8
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 10 Feb 2022 18:09:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 132ms
51ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-829404768

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b6c3ae57728358f2b479f6608120fa9b1b57d0469739db47c0153db1f89267e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39536
x-xss-protection: 0
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
458 B 175ms
118ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o4mfz&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=63f7f091-8b13-410a-b3d6-c5b69ed32d55&tw_document_href=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 111
date: Fri, 11 Feb 2022 18:09:36 GMT
content-encoding: gzip
server: tsa_o
strict-transport-security: max-age=631138519
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 68714e56f3b589014c4e73fec894127ae074aeb48ed64ffbde20a1842e29c52a
content-type: application/javascript;charset=utf-8
content-length: 57

GET
H2 200 adsct
t.co/i/ 43 B
337 B 144ms
119ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o4mfz&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=63f7f091-8b13-410a-b3d6-c5b69ed32d55&tw_document_href=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time: 112
date: Fri, 11 Feb 2022 18:09:37 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 92f635a3097a5bc5273d23a054b7fd2bf794cc0a8e5f27cc5534d5c6eb274414
content-length: 43

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 172ms
65ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nycgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 161ms
67ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nycgo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 45ms
29ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=152559674784851&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&sdk=joey&wants_cookie_data=true

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: m8wPmZ7AcdzNVNohmDXyqw9JedzdjgboGM2PTZW6GfWwYJVWklNMD1Qs1DjdRNE8EBclp1Ebmm4zJ4Vhvp01rg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Fri, 11 Feb 2022 18:09:37 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nycgo.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=152559674784851&ev=fb_page_view&dl=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&rl=&if=false&ts=1644602977324&sw=1600&sh=1200&at=

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 99ms
99ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=534818615247525&correlator=1704389607443252&output=ldjh&eid=31061814%2C31064802%2C44758226&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=61567524%2Cnycgo.com%2CSponsor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&prev_scp=size%3D300x50-xs-sm-970x90-md-lg-only%26pos%3Dgpt-unit-leaderboard%26url%3D%252Foff-broadway-week%26entry%3D417%26categories%3Dthings-to-do%2Carts-culture%2Ctheater%2Coff-broadway%2Ccitywide%2Cspecial-program%2Coff-broadway-week&cookie_enabled=1&bc=31&abxe=1&dt=1644602977334&lmt=1644425237&dlt=1644602975353&idt=1937&frm=20&biw=1600&bih=1200&oid=2&adxs=230&adys=15&adks=120808890&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&vis=1&scr_x=0&scr_y=0&psz=1140x90&msz=1140x0&ga_vid=763778666.1644602977&ga_sid=1644602977&ga_hid=1979766106&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

548de77f1d3854c15d0084b7e0d7a26792ed31a45ca9777d7deb453a468c2e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9311
x-xss-protection: 0
google-lineitem-id: 5848564009
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377604907
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nycgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BCD 6 KB
4 KB 179ms
46ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 11 Feb 2022 18:09:37 GMT
expires: Sat, 11 Feb 2023 18:09:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 96ms
96ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=534818615247525&correlator=1704389607443252&output=ldjh&eid=31061814%2C31064802%2C44758226&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=61567524%2Cnycgo.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=size%3D%257Bembed%253Asize%257D%26pos%3D%257Bembed%253Aid%257D%26url%3D%252Foff-broadway-week%26location%3DInline%26entry%3D417%26categories%3Dthings-to-do%2Carts-culture%2Ctheater%2Coff-broadway%2Ccitywide%2Cspecial-program%2Coff-broadway-week&cookie_enabled=1&bc=31&abxe=1&dt=1644602977345&lmt=1644425237&dlt=1644602975353&idt=1937&frm=20&biw=1600&bih=1200&oid=2&adxs=215&adys=1004&adks=3577966284&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&vis=1&scr_x=0&scr_y=0&psz=1170x25&msz=1170x0&ga_vid=763778666.1644602977&ga_sid=1644602977&ga_hid=1979766106&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e315cf147c1cb58718a439868dcb16a4e60bf0999c6652434eadf367ffa3cb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9266
x-xss-protection: 0
google-lineitem-id: 5848367467
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138375271398
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nycgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 434 B
265 B 92ms
92ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=534818615247525&correlator=1704389607443252&output=ldjh&eid=31061814%2C31064802%2C44758226&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=61567524%2Cnycgo.com%2CProgramInterstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&prev_scp=size%3Doop%26pos%3Dgpt-unit-interstitial%26url%3D%252Foff-broadway-week%26entry%3D417%26categories%3Dthings-to-do%2Carts-culture%2Ctheater%2Coff-broadway%2Ccitywide%2Cspecial-program%2Coff-broadway-week&cookie_enabled=1&bc=31&abxe=1&dt=1644602977349&lmt=1644425237&dlt=1644602975353&idt=1937&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=3291617442&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&vis=1&scr_x=0&scr_y=0&psz=1600x2756&msz=1600x0&ga_vid=763778666.1644602977&ga_sid=1644602977&ga_hid=1979766106&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5d3593d2330bbb00da77fb715a607aa0be2f7b4954c0be3b3141e2033958839e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nycgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 98ms
98ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=534818615247525&correlator=1704389607443252&output=ldjh&eid=31061814%2C31064802%2C44758226&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=61567524%2Cnycgo.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&prev_scp=size%3D%257Bembed%253Asize%257D%26pos%3D%257Bembed%253Aid%257D%26url%3D%252Foff-broadway-week%26location%3DFooter%26entry%3D417%26categories%3Dthings-to-do%2Carts-culture%2Ctheater%2Coff-broadway%2Ccitywide%2Cspecial-program%2Coff-broadway-week&cookie_enabled=1&bc=31&abxe=1&dt=1644602977353&lmt=1644425237&dlt=1644602975353&idt=1937&frm=20&biw=1600&bih=1200&oid=2&adxs=215&adys=1518&adks=3577966283&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&vis=1&scr_x=0&scr_y=0&psz=1170x25&msz=1170x0&ga_vid=763778666.1644602977&ga_sid=1644602977&ga_hid=1979766106&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

86b6b94e6ff7f24578bbb3d769f88f11beaa016e9c8895b383affe8fd3212fed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9265
x-xss-protection: 0
google-lineitem-id: 5848564009
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377604757
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nycgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 103ms
102ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=534818615247525&correlator=1704389607443252&output=ldjh&eid=31061814%2C31064802%2C44758226&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220211&iu_parts=61567524%2Cnycgo.com%2COffBroadwayWeek&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=size%3D300x250-xs-sm-md-lg%26pos%3Dgpt-unit-top%26url%3D%252Foff-broadway-week%26entry%3D417%26categories%3Dthings-to-do%2Carts-culture%2Ctheater%2Coff-broadway%2Ccitywide%2Cspecial-program%2Coff-broadway-week&cookie_enabled=1&bc=31&abxe=1&dt=1644602977356&lmt=1644425237&dlt=1644602975353&idt=1937&frm=20&biw=1600&bih=1200&oid=2&adxs=1010&adys=650&adks=3047983704&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&vis=1&scr_x=0&scr_y=0&psz=389x97&msz=359x0&ga_vid=763778666.1644602977&ga_sid=1644602977&ga_hid=1979766106&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5380a40cc256efd6ffadfd896787b9a32dc0ca1e7e733ab7a44a89250c4399b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9329
x-xss-protection: 0
google-lineitem-id: 5848564009
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377604421
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nycgo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853655394945282&ev=PageView&dl=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&rl=&if=false&ts=1644602977370&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22987156855205584%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22711910803466030%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22491799218871245%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22655429535868882%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22634553697733092%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22598618154532181%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1644602977368.868958124&it=1644602977226&coo=false&rqm=GET

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 11 Feb 2022 18:09:37 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 95ms
48ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1979766106&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week&ul=en-us&de=UTF-8&dt=NYC%20Off-Broadway%20Week%E2%84%A0%20%7C%20Discounted%20Tickets%20%26%20Theater%20in%20NYC%20%7C%20NYCgo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAAEABAAAAAC~&jid=1388945535&gjid=1961183177&cid=763778666.1644602977&tid=UA-35788498-1&_gid=1302040325.1644602977&_r=1&_slc=1&cd1=0&z=698725062

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nycgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nycgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 About-Off-Broadway-Week-Blue-Man-Group.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,w_450,h_390/https://www.nycgo.com/images/uploads/ 20 KB
21 KB 9ms
9ms Image
image/jpeg 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,w_450,h_390/https://www.nycgo.com/images/uploads/About-Off-Broadway-Week-Blue-Man-Group.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6550b02f721a03800f8aab48f1bcc3271746dafdc51af8b11492df15dc4b53da

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Jan 2022 21:16:13 GMT
server: Cloudinary
etag: "3e06401032e7a2002f46cd2993fc5efc"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2022-02-11T18:09:37.430Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 20736

GET
H2 200 FAQ-Off-Broadway-Week-JerseyBoys.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,w_450,h_390/https://www.nycgo.com/images/uploads/ 21 KB
22 KB 11ms
10ms Image
image/jpeg 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,w_450,h_390/https://www.nycgo.com/images/uploads/FAQ-Off-Broadway-Week-JerseyBoys.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

31a41e7e172d9e731fc5141241702e82c3a4c09e4aaca3f5327640db64ff6c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Jan 2022 21:16:13 GMT
server: Cloudinary
etag: "b5cea0c34bfaf5e092db8d4e9f8d367c"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2022-02-11T18:09:37.430Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 21973

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853655394945282&ev=PageView&dl=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&rl=&if=false&ts=1644602977437&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&par[0]=%7B%22extractorID%22%3A%22491799218871245%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22711910803466030%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22987156855205584%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22additionalType%22%3A%22product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22598618154532181%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[4]=%7B%22extractorID%22%3A%22634553697733092%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[5]=%7B%22extractorID%22%3A%22655429535868882%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1644602977368.868958124&it=1644602977226&coo=false&rqm=GET

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H2 200 the-play-that-goes-wrong-obw-nyc-courtesy-jeremy-daniel.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/23341/ 14 KB
14 KB 11ms
8ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/23341/the-play-that-goes-wrong-obw-nyc-courtesy-jeremy-daniel.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9d2d03f65dd47f3d08b9f3bc1cf34a969acdfefa639ed47a8702c9a6a12e1d27

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="the-play-that-goes-wrong-obw-nyc-courtesy-jeremy-daniel.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-02-11T18:09:37.501Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 14216
last-modified: Wed, 26 Jan 2022 21:16:13 GMT
server: Cloudinary
etag: "2c66881dda35bc7d4053c557a0866de9"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1200-mnm_key_art.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/9222/ 12 KB
12 KB 11ms
8ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/9222/1200-mnm_key_art.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

04966ea2f74c08f7ea69a5f38a57a3c5685716c7c85abdb9d7a053127d4126d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="1200-mnm_key_art.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-02-11T18:09:37.502Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 12430
last-modified: Wed, 26 Jan 2022 21:16:12 GMT
server: Cloudinary
etag: "90179d54cc15999e6277d2f5207cea04"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 prayer-for-the-french-republic.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86687/ 9 KB
9 KB 11ms
8ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86687/prayer-for-the-french-republic.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f03860dc78e4e33157509428d603113effdc140a2ae4f17e5913a3406f7a595d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="prayer-for-the-french-republic.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-02-11T18:09:37.502Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 9402
last-modified: Thu, 13 Jan 2022 19:07:45 GMT
server: Cloudinary
etag: "5e833a50d3616d11ad975f13a2f3d0d2"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 space-dogs-off-broadway-courtesy-numad-group.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86685/ 17 KB
17 KB 11ms
8ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86685/space-dogs-off-broadway-courtesy-numad-group.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2dfe7f9378a3945f6867525aa26c51d976d9e4447bf168cb2ff4bda8c3cb6157

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="space-dogs-off-broadway-courtesy-numad-group.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-02-11T18:09:37.502Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 17092
last-modified: Wed, 26 Jan 2022 21:16:13 GMT
server: Cloudinary
etag: "34058b5d81ba31d903fabf8444ca6b59"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1463j_bmg_nycco_1200x800.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/7054/ 13 KB
14 KB 13ms
10ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/7054/1463j_bmg_nycco_1200x800.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ecc9b6e0c77fee9c0473b1b6c8c5bdd0147d48598d15e69640db26e86c7f99f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="1463j_bmg_nycco_1200x800.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-02-11T18:09:37.502Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 13818
last-modified: Wed, 26 Jan 2022 21:16:13 GMT
server: Cloudinary
etag: "57364647712de441d34505eb5ac3a715"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 barococo-off-broadway-2000x3000.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86689/ 11 KB
11 KB 12ms
10ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86689/barococo-off-broadway-2000x3000.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8787ba7d9ba5fd671930aec15440d15f786fc9c17eaaf3795a7a698b1aa81ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="barococo-off-broadway-2000x3000.webp"
server-timing: fastly;dur=2;cpu=0;start=2022-02-11T18:09:37.502Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 11400
last-modified: Wed, 26 Jan 2022 21:16:14 GMT
server: Cloudinary
etag: "84fed62ee964c332b7bb2133b3f4fcee"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 beauty-and-the-beast-3000x2000.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/7170/ 10 KB
10 KB 12ms
9ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/7170/beauty-and-the-beast-3000x2000.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

98ac78bff54a67c96a386e915b91387d88db3cbd9e4de9a5c0451576fbdd9951

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="beauty-and-the-beast-3000x2000.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-02-11T18:09:37.502Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 9796
last-modified: Wed, 26 Jan 2022 21:16:14 GMT
server: Cloudinary
etag: "1354e19c8a4d430c84a761741173f20e"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 perfect_crime_key_art_1200x800.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/6829/ 3 KB
3 KB 16ms
13ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/6829/perfect_crime_key_art_1200x800.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

81edc56241c41fa861aac6add54b7b55af49a920732e978ec498d8024ca14e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="perfect_crime_key_art_1200x800.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-02-11T18:09:37.503Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 3016
last-modified: Wed, 26 Jan 2022 21:16:13 GMT
server: Cloudinary
etag: "c3c3eaf96be502f1f676c800686ca60b"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 tambo-off-broadway-key-art.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86686/ 9 KB
9 KB 16ms
14ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86686/tambo-off-broadway-key-art.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ef0e7abf5a57bae351b7bd0f252a3b130eff212b154c127302f39b86340d7810

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="tambo-off-broadway-key-art.webp"
server-timing: fastly;dur=2;cpu=0;start=2022-02-11T18:09:37.503Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 9250
last-modified: Thu, 13 Jan 2022 19:07:45 GMT
server: Cloudinary
etag: "069a53e73ce7938cfc5b9ffd8edc5e92"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 stomp-obw-keyart-courtesy-aka-nyc.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/7273/ 12 KB
12 KB 16ms
14ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/7273/stomp-obw-keyart-courtesy-aka-nyc.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3c3eda9af621b89b69dfed74997f0190bd25fed9957521ff8ebb1a7b701f2ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="stomp-obw-keyart-courtesy-aka-nyc.webp"
server-timing: fastly;dur=2;cpu=0;start=2022-02-11T18:09:37.503Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 12194
last-modified: Wed, 26 Jan 2022 21:16:13 GMT
server: Cloudinary
etag: "02c8e4c52deae07230ef7c02c83ffcc7"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jersey-boys-photo-joan-marcus-3000x2000_keyart.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/6832/ 10 KB
10 KB 17ms
16ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/6832/jersey-boys-photo-joan-marcus-3000x2000_keyart.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2747f34c4bad50219966f9b176520d3f8fb86195096ddb6e74e12a41486a3e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="jersey-boys-photo-joan-marcus-3000x2000_keyart.webp"
server-timing: fastly;dur=2;cpu=0;start=2022-02-11T18:09:37.507Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 10042
last-modified: Wed, 26 Jan 2022 21:16:14 GMT
server: Cloudinary
etag: "c2722e51fa3464817c102614b2b06f5b"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 the-office-musical-obw-keyart-courtesy-russ-rowland.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/70981/ 14 KB
14 KB 19ms
17ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/70981/the-office-musical-obw-keyart-courtesy-russ-rowland.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b109e09a5d075d2291f160c34e0d27020ccbda48a723e8453f90dc1d9409115e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="the-office-musical-obw-keyart-courtesy-russ-rowland.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-02-11T18:09:37.507Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 13826
last-modified: Wed, 26 Jan 2022 21:16:13 GMT
server: Cloudinary
etag: "1bc53e191c44c4d78725d541ebd3aeaf"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 english-off-broadway-photo-ahron-r-foster.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86727/ 12 KB
13 KB 18ms
17ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86727/english-off-broadway-photo-ahron-r-foster.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b9e056f2356ff70aaaa3fd3da9cc1d5f549c3d758ad677d426d5a8c1326f5b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="english-off-broadway-photo-ahron-r-foster.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-02-11T18:09:37.507Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 12724
last-modified: Mon, 31 Jan 2022 15:21:39 GMT
server: Cloudinary
etag: "b75efa233d37b24f46e78bf735f752c4"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 repertorio-la-dama-boba-off-broadway-01.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86683/ 7 KB
7 KB 16ms
15ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/events/86683/repertorio-la-dama-boba-off-broadway-01.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e39473edb7627601fd4891eca935fe442855c914ca2b582743d01382acf006cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="repertorio-la-dama-boba-off-broadway-01.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-02-11T18:09:37.507Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 7324
last-modified: Wed, 26 Jan 2022 22:25:03 GMT
server: Cloudinary
etag: "26981cfff2251a1dd695b9e412e6a455"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 WOBW22-Default-Card-750x500.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/assets/images/programs/off-broadway-week/2022/winter/ 6 KB
6 KB 17ms
16ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/assets/images/programs/off-broadway-week/2022/winter/WOBW22-Default-Card-750x500.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

aa1f1ccbddc611bc6aba4a493d5c7709901260f24068ecdef0423a48dc624502

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="WOBW22-Default-Card-750x500.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-02-11T18:09:37.507Z;desc=hit,rtt;dur=6
vary: Accept,User-Agent
content-length: 6180
last-modified: Wed, 26 Jan 2022 21:16:14 GMT
server: Cloudinary
etag: "cc64f15a47f48f8142430c25519f521e"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 57ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35788498-1&cid=763778666.1644602977&jid=1388945535&gjid=1961183177&_gid=1302040325.1644602977&_u=YChAAEAAAAAAAC~&z=926842146

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nycgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Feb 2022 18:09:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.nycgo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 143ms
55ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-829404768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 99ms
52ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11004350

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4c5ad98c39e015134436868f0d84f1d3614e10b64a59f450f910d118acc15a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35880
x-xss-protection: 0
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H3 200 container.html Show response
34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DBBC 6 KB
3 KB 86ms
39ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 18:09:37 GMT
expires: Sat, 11 Feb 2023 18:09:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F640 6 KB
3 KB 59ms
42ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 18:09:37 GMT
expires: Sat, 11 Feb 2023 18:09:37 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 145ms
62ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35788498-1&cid=763778666.1644602977&jid=1388945535&_u=YChAAEAAAAAAAC~&z=543918023

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 143ms
61ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35788498-1&cid=763778666.1644602977&jid=1388945535&_u=YChAAEAAAAAAAC~&z=543918023

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DBBC 22 KB
7 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 10:06:19 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame DBBC 10 KB
5 KB 140ms
40ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4819
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 14:44:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 11 Feb 2022 19:00:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBBC 124 KB
38 KB 149ms
49ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nycgodfp891165161802/ Frame DBBC 299 KB
102 KB 99ms
31ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nycgodfp891165161802/moatad.js
Requested by: Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ab0c14fe5d483ff7ea8e18699d87ef7d28cb87840d8479915c95baaf4f1aba7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 16:32:52 GMT
server: AmazonS3
x-amz-request-id: 8Y1E83MNB3VF50WV
etag: "ad18c241d2edecfbb6f2812ad87dea02"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44088
accept-ranges: bytes
content-length: 103570
x-amz-id-2: R5tUibigSm/dbRw3M7Th8V7H7TvJcfhMWaGSL588hrOdZdLsFjXPFn3GJH+uW/fa56kp2YoxCPM=

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F640 22 KB
7 KB 128ms
42ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Feb 2023 10:06:19 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame F640 10 KB
5 KB 142ms
43ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4819
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 14:44:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 11 Feb 2022 19:00:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F640 124 KB
38 KB 197ms
98ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nycgodfp891165161802/ Frame F640 299 KB
102 KB 127ms
60ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nycgodfp891165161802/moatad.js
Requested by: Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ab0c14fe5d483ff7ea8e18699d87ef7d28cb87840d8479915c95baaf4f1aba7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 16:32:52 GMT
server: AmazonS3
x-amz-request-id: 8Y1E83MNB3VF50WV
etag: "ad18c241d2edecfbb6f2812ad87dea02"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1347
accept-ranges: bytes
content-length: 103570
x-amz-id-2: R5tUibigSm/dbRw3M7Th8V7H7TvJcfhMWaGSL588hrOdZdLsFjXPFn3GJH+uW/fa56kp2YoxCPM=

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 32ms
7ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/nycgo/production/scripts/ 381 KB
117 KB 126ms
102ms Script
application/javascript 151.101.128.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/nycgo/production/scripts/evergage.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b49efe8656edb512c432f6ffb4c95dfe366d94e19253e9f80cd3d4c834340228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: HxSsQyN9v5wiK1XlZFM3D_rNeKNaxs5J
content-encoding: gzip
etag: "2a650d285e7941447b0706a1c0d0b243"
timing-allow-origin: *
age: 81
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 119054
x-amz-id-2: /rsTrPMiGjzcMysIhaRRIfsW7hAR2I58s6z5437yJmFaCgqWqLeoCtoteB3J2QbqZMffRcGsEkY=
x-served-by: cache-iad-kcgs7200109-IAD, cache-hhn4050-HHN
x-amz-meta-evergage-sum: b43ab1f31b54c372c69065881d9c45b4f9a67382
last-modified: Thu, 03 Feb 2022 21:36:11 GMT
server: AmazonS3
x-timer: S1644602978.754338,VS0,VE95
date: Fri, 11 Feb 2022 18:09:37 GMT
vary: Accept-Encoding
x-amz-request-id: M13XX3852ZAKEBVD
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=120
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-meta-evergage-beacon-ver: 14
x-cache-hits: 1, 1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/829404768/ 2 KB
2 KB 158ms
71ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/829404768/?random=1644602977733&cv=9&fst=1644602977733&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&tiba=NYC%20Off-Broadway%20Week%E2%84%A0%20%7C%20Discounted%20Tickets%20%26%20Theater%20in%20NYC%20%7C%20NYCgo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34cc818f08a314f41ec42ab10824fda4a0010716a3c07395700cb2a290976663

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 7ms
7ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 487 B
832 B 73ms
47ms XHR
application/json 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613694466045&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1644602977776

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.16d854b8.1644602977.6d14a87f
x-envoy-upstream-service-time: 2
x-pinterest-rid: 3009581404737369
pin-unauth: dWlkPU9EazVaVFkxTnpjdE1EQmtaQzAwTVRVMUxXSTVaVEl0WW1FNVlUQXpPVGt3TVRRMQ
access-control-allow-origin: https://www.nycgo.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 350
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 71ms
47ms Image
image/gif 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613694466045&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1644602977778

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.16d854b8.1644602977.6d14a886
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 9019921200974343
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBBC 0
0 76ms
75ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstSr2jPelUSHR0Zux00emuSKbuq70pcaofrmXVDB8DYt_qpUhVt3i66PmHQL_nTF8pcO5LquUln_Yl41pvsfKg7nBoX_2mNgAJX8wolqxUIxOdUpNTp8UuiIz9nUKP0zkDs3deZhQ-bz_ez30-WxkXGNnD3cP-mhkhwtT8C1Ar-8GfIY207Py3IjWQcpPS64ByhFfXAFeYUtsOSnWnEHY50q6SlB2pXwJf8w1tRQ1PjiQdD34FNxsohWsU8b5v_KYfdPIk3k5KbQr76k8F4NYaVpZxlEfqsW9Uct4vk0cvVg7sgJdYBd1v8ncxM&sai=AMfl-YRlvjksLpZ156D514CqaVCwPRZh6sLBVnmsTqIZKE2qYK8bbVKKgXLbUFDCsrcQ4kUrt7ccLqxTEJwygaB4dV_zUalPwLYZzEkczqCWG-5xru_zHEtOGx7GUnPR1PM&sig=Cg0ArKJSzDmOUDLzXdcbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F640 0
0 74ms
74ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstojTz9BYCQXoQbqtdu54p_9Cq8cJeKOmIQUT_5donma4pHHzfSrGifWrM2NeSPZQcCGMQHW84mjqR-hGZ4AnET4FkoKbzCV_btU6et1YZTunX3dX-ZbKZYzxzYZcAwTjccdIC97iD3uDgmQhCdrGN8THsTwaUWIJlvhl6kTmB9zveSmMfugp9qLM_VnYmYS46h4bZkt1tqTLL5zAoPrLWLzxwSfpQUqmYMLCyZ-I8IvCkY-2euHELgJkU10Q-NSUtwquwghsU_z2GAjOLV_JDBMB0iNQfLfNE5tAqquedhHlsUkucRxKrHT0a4MDu4JNmu_rk&sai=AMfl-YRLy3qUpq_884maNOmBfM_Tsy7gYVUZ5l8c9VM4Dl8QWK5Aogk8Ll48JRUJim3H3IxDSiuxC-NahA6MRpcp33blBuLbQDw1Q7zgZ64Y0O0bNsSRXlTFbItwrxuHMVU&sig=Cg0ArKJSzBKr2fNBORVXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 18:09:37 GMT

GET
H3 200 impl_v84.js Show response
www.googletagservices.com/dcm/ Frame F640 41 KB
17 KB 85ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v84.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17214
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:39:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 01:00:38 GMT

GET
H3 200 impl_v84.js Show response
www.googletagservices.com/dcm/ Frame DBBC 41 KB
17 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v84.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 01:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17214
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:39:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 01:00:38 GMT

GET
H2 200 The-Play-that-goes-wrong-Photo-Jeremy-Daniel_(1).jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/uploads/ 15 KB
15 KB 8ms
7ms Image
image/jpeg 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/uploads/The-Play-that-goes-wrong-Photo-Jeremy-Daniel_(1).jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

851b0c11cee2230c998a99d3f2e56a13ae1b8abc3de3c05e3dee88e8bbf6cd7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Feb 2022 23:55:29 GMT
server: Cloudinary
etag: "183d2bba25ba11dd386c624d74721a73"
vary: Accept,User-Agent
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2022-02-11T18:09:37.866Z;desc=hit,rtt;dur=5
strict-transport-security: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
content-length: 15542

GET
H2 200 GazillionBubble-4880.jpg
images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/uploads/ 6 KB
6 KB 8ms
8ms Image
image/webp 2a04:4e42:400::614
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.nycgo.com/image/fetch/q_auto:low,c_fill,f_auto,w_340,h_224/https://www.nycgo.com/images/uploads/GazillionBubble-4880.jpg

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::614 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

c0b4cb8ab98e450fcc767cf19b30ce3bffb05150cb71984ede5e7d3056440748

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="GazillionBubble-4880.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-02-11T18:09:37.866Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 6070
last-modified: Tue, 08 Feb 2022 23:55:29 GMT
server: Cloudinary
etag: "36985d90baf82d8dd16c6e43bf012438"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 beacon.js Show response
analytics-sm.com/js/v1/ 2 KB
2 KB 59ms
12ms Script
application/javascript 18.66.248.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-sm.com/js/v1/beacon.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-65.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:07:12 GMT
content-encoding: gzip
last-modified: Mon, 18 Nov 2019 20:56:58 GMT
server: AmazonS3
age: 166
etag: W/"ab9f4a2518b1913f8a45b16f69d1c7a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
cache-control: max-age=600, no-transform, public
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 27YSHKXGWF8mWAvv3KjY5AJmgNGfE0VNopyOKAduirUNl5Zk7Q4ZMQ==

GET
H2 200 moatheader.js Show response
z.moatads.com/nycgoheader74567727191/ 205 KB
72 KB 26ms
25ms Script
application/x-javascript 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nycgoheader74567727191/moatheader.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 525f9310680ab92c717c04f3929d07af51c7cb8b9ead43e7f1a4729f3071ac1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 16:32:18 GMT
server: AmazonS3
x-amz-request-id: BYRNNHHA7ZZFQ7FB
etag: "dd599285fa94f8e676d100075bdb6d73"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=40401
accept-ranges: bytes
content-length: 73649
x-amz-id-2: ineSva69J01MgmB7Q/5v0NKKvWhOSIHc5XepY35/kfsvJPDXDemM7QrTrotJ5QmzfrlbsyYmZcc=

GET
H2 200 pjmpbx6p.gif
3j0pw4ed7uac-a.akamaihd.net/ 43 B
253 B 94ms
7ms Image
image/gif 92.123.194.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3j0pw4ed7uac-a.akamaihd.net/pjmpbx6p.gif?gu=https://www.nycgo.com/off-broadway-week/&de=851429302811&i=NYCGO_HEADER1&mp=1&t=1644602977910&d=nycgo.com%3ANYC%20Off-Broadway%20Week%3A__page__%3A-&vc=2&cm=1&e=17&ac=1&pl=1&j=&bq=10&cs=0
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.113 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-113.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 39ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&d=nycgo.com%3ANYC%20Off-Broadway%20Week%3A__page__%3A-&de=851429302811&t=1644602977910&i=NYCGO_HEADER1&cm=1&j=&mp=0&ac=1&pl=1&bq=10&ad_type=img&vc=2&cs=0
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:37 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8DB9 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.nycgo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.nycgo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Fri, 11 Feb 2022 18:09:37 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/829404768/ 42 B
64 B 118ms
69ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/829404768/?random=1644602977733&cv=9&fst=1644602400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&tiba=NYC%20Off-Broadway%20Week%E2%84%A0%20%7C%20Discounted%20Tickets%20%26%20Theater%20in%20NYC%20%7C%20NYCgo&async=1&fmt=3&is_vtc=1&random=2916797673&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/829404768/ 42 B
64 B 113ms
66ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/829404768/?random=1644602977733&cv=9&fst=1644602400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&tiba=NYC%20Off-Broadway%20Week%E2%84%A0%20%7C%20Discounted%20Tickets%20%26%20Theater%20in%20NYC%20%7C%20NYCgo&async=1&fmt=3&is_vtc=1&random=2916797673&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK twreceiver Show response
nycgo.evergage.com/ 4 KB
2 KB 490ms
107ms XHR
application/json 52.71.51.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://nycgo.evergage.com/twreceiver?_r=257160&_ak=nycgo&_ds=production&.anonId=c218fdb16e46bc58&_anon=true&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&title=NYC%20Off-Broadway%20Week%E2%84%A0%20%7C%20Discounted%20Tickets%20%26%20Theater%20in%20NYC%20%7C%20NYCgo&.dt=1962&.pt=15&.bt=138&.btdns=6&.pv=&.bv=14&.scv=42

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.51.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-51-137.compute-1.amazonaws.com

Software

Apache-Coyote/1.1 /

Resource Hash

f552b787531535f644cbd2438cf51767074d55f3adc94ad1c2cce5640be0927b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.nycgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache-Coyote/1.1
vary: accept-encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.nycgo.com
transfer-encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *

GET
H3 200 B26770616.319624461;dc_ver=84.245;sz=300x250;u_sd=1;dc_adk=3756773004;ord=xrpqh7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvASpblnynhLTEFEQFvEKc6_Vcf2ik8P8BWQbxAj8nR... Show response
ad.doubleclick.net/ddm/adj/N30602.148218NYCGO.COM0/ Frame F640 44 KB
22 KB 82ms
69ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N30602.148218NYCGO.COM0/B26770616.319624461;dc_ver=84.245;sz=300x250;u_sd=1;dc_adk=3756773004;ord=xrpqh7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvASpblnynhLTEFEQFvEKc6_Vcf2ik8P8BWQbxAj8nRTtHejRZsfQ2ajew_IGnTkkqnRGTZoDpX9_0OG-Z2EI59lODRkZKLSr9OccrhU625lrmsubWug8aTrRU1NNQsBmKXAfCmHNE-YEDTXkorT3vK9FMghXWzcezXa6OleTObQ4I78AN3aSwc6DObp31c8CrthajBcp2ZA0TPhMQWZgg0QsqQ7HpUNPzHlv0yZSHUmP5G2mNpF6MazfMen2wx0wTIhzMJe7UODvwd-j4Q0e2VDdkRa2d_0XY-LSnUCuZaCm-5rxyyvhVNUM7mOhWIFSQ%26sai%3DAMfl-YQjHQ4T2MMBQGrhEaYQ2f9QFPZ3MjGyNp2ERuXi2SWuJe7zeuixVYmJE-GeC-OvYGB5Y2IeD106oaxSe8eUFx1U3tUCdxUF9lk7TV18xxmCTIhAf42BG2AH9joqGAo%26sig%3DCg0ArKJSzID_8AJWK2oJEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.nycgo.com%2F$0;xdt=1;crlt=9zuVylXqX0;sttr=111;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

78b5cf04196c0ca36ca473da61dded6a240e3ef378bc32996c136eb623f79197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22574
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 B26770616.319624431;dc_ver=84.245;dc_eid=40004000;sz=970x90;u_sd=1;dc_adk=1633451890;ord=mlpzzu;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst8OC4r2-kQLJA7EIGCA70GrNV47... Show response
ad.doubleclick.net/ddm/adj/N30602.148218NYCGO.COM0/ Frame DBBC 44 KB
22 KB 97ms
87ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N30602.148218NYCGO.COM0/B26770616.319624431;dc_ver=84.245;dc_eid=40004000;sz=970x90;u_sd=1;dc_adk=1633451890;ord=mlpzzu;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst8OC4r2-kQLJA7EIGCA70GrNV47FsX5cs6BjiA9IYjnZSOi2yHCIlUjx85ayDtW_e_feNB6VRqtqKe0nCCPHZp4INrtIUF-yoo6PG1RsKLaw3GG63H_3n16F_piBNC0Dbl8a9abFHnHPzqvoGoCmT6SqvJSY5GYdUXhoiSVN9MJD7QuQ6INIwt4KiNEtC-GtINCcdLst_U2BxakAQCXSI463C_Aawo1eVWSerZfl9AIXKalukQB2wBPxj84n5-xBo379lYK85LcQUKAijz2e6eVREWCjFXLLArb1FcId0fHI-iKefja3Nz%26sai%3DAMfl-YQ28iRIFMGwnuZoOdLdQYzVyD8y7mu5LX9PYkMnDaAhr0Uae82BJ6lHRkxWS1hgVHijCRjKAgfBO7HkdzRRbThKjfdnKiJPyPG2m43uW9Iyc1QJtZ_gPnTYkh3p6q0%26sig%3DCg0ArKJSzDFYqEX2gdrHEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.nycgo.com%2F$0;xdt=1;crlt=9zuVylXqX0;sttr=113;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v84.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

beb0fa025b0362349aaf13140ec1a2554d21a003d0b0f8dd38cdc455f854a924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22435
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=59866679... Show response
10272577.fls.doubleclick.net/ Frame 4462
Redirect Chain

https://10272577.fls.doubleclick.net/activityi;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=59866...
https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent...

2 KB
925 B

60ms
60ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

ba951d02435f541cead25f625f1a3cafbec20a65ecaa7fbd561b2af1227f884e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 18:09:38 GMT
expires: Fri, 11 Feb 2022 18:09:38 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 902
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 18:09:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588... Show response
10272577.fls.doubleclick.net/ Frame 9333
Redirect Chain

https://10272577.fls.doubleclick.net/activityi;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370...
https://10272577.fls.doubleclick.net/activityi;dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consen...

887 B
633 B

62ms
62ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10272577.fls.doubleclick.net/activityi;dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588754250.8687?

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

335e894b8b7a4e49df91b8cae8cfe2b0db943cb34d60e107bd87c90c5ab508ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 18:09:38 GMT
expires: Fri, 11 Feb 2022 18:09:38 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 18:09:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10272577.fls.doubleclick.net/activityi;dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588754250.8687?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1_0 Show response
login.dotomi.com/profile/visit/js/ 19 B
211 B 216ms
27ms Script
application/javascript 64.158.223.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=80372&dtm_cmagic=0cf823&dtm_fid=101&dtm_promo_id=2&cachebuster=7778876287887.891
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-login.dotomi.com
Software: nginx /
Resource Hash: 2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
cache-control: no-cache, private, max-age=0, no-store
content-type: application/javascript
content-length: 19
expires: 0

GET
H2 200 /
analytics-sm.com/ 68 B
397 B 11ms
10ms Image
image/png 18.66.248.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics-sm.com/?bid=1476b155-2746-48fe-8cd9-58e681fa332f&smuid=1644603436767&bt=1644602978025&url=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&url_path=%2Foff-broadway-week%2F&title=NYC%20Off-Broadway%20Week%E2%84%A0%20%7C%20Discounted%20Tickets%20%26%20Theater%20in%20NYC%20%7C%20NYCgo
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-65.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:38:32 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
last-modified: Mon, 15 Oct 2018 15:03:36 GMT
server: AmazonS3
age: 11885467
etag: "e679fbd466a2d656f194a5da4fa083cd"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: no-cache
x-amz-cf-pop: DUS51-P1
content-length: 68
x-amz-cf-id: 4C5v4-nRelZZaIG9MLLJEw2Jv_8Or7aV2xI7QjCMuMfE8gjAbxYonQ==

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ Frame F640 8 KB
4 KB 139ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N30602.148218NYCGO.COM0/B26770616.319624461;dc_ver=84.245;sz=300x250;u_sd=1;dc_adk=3756773004;ord=xrpqh7;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvASpblnynhLTEFEQFvEKc6_Vcf2ik8P8BWQbxAj8nRTtHejRZsfQ2ajew_IGnTkkqnRGTZoDpX9_0OG-Z2EI59lODRkZKLSr9OccrhU625lrmsubWug8aTrRU1NNQsBmKXAfCmHNE-YEDTXkorT3vK9FMghXWzcezXa6OleTObQ4I78AN3aSwc6DObp31c8CrthajBcp2ZA0TPhMQWZgg0QsqQ7HpUNPzHlv0yZSHUmP5G2mNpF6MazfMen2wx0wTIhzMJe7UODvwd-j4Q0e2VDdkRa2d_0XY-LSnUCuZaCm-5rxyyvhVNUM7mOhWIFSQ%26sai%3DAMfl-YQjHQ4T2MMBQGrhEaYQ2f9QFPZ3MjGyNp2ERuXi2SWuJe7zeuixVYmJE-GeC-OvYGB5Y2IeD106oaxSe8eUFx1U3tUCdxUF9lk7TV18xxmCTIhAf42BG2AH9joqGAo%26sig%3DCg0ArKJSzID_8AJWK2oJEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.nycgo.com%2F$0;xdt=1;crlt=9zuVylXqX0;sttr=111;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 18:09:02 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F640 0
524 B 186ms
75ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst33icAVqRK2E_eASDWuM0wX2V8XpfS9nWm3NrOkBvRiH2tQJ9W3mu5cjeMRhKBSqm6J5etG4i-A2hucDGLWJt_u2YNGEvn6oPMmQpS8clWnbEVmD6jApKGUlf85-PWVjLPH7AOyf_75P5dNgLxu1rT&sig=Cg0ArKJSzHXsxnX9UrnnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20220209.04154&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F640 41 KB
15 KB 87ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 10:06:24 GMT

GET
H2 200 CHI_NYCGo_Bway_Best_Bet_020822_300x250_-_NYCGo_2.7.jpg
s0.2mdn.net/6735643/ Frame F640 22 KB
23 KB 124ms
40ms Image
image/jpeg 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6735643/CHI_NYCGo_Bway_Best_Bet_020822_300x250_-_NYCGo_2.7.jpg

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b099ca05d58d5155645770335d7cf8c6b0f22b7a0f547f57a014698cd5208b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 08:28:39 GMT
x-content-type-options: nosniff
age: 34859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22973
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 01:13:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Feb 2022 08:28:39 GMT

GET
DATA 200
OK truncated
/ Frame F640 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 523b69aa8c9d8b447bcbdc598e0495e5651ed64f66b6bf4078991bf2b4e64344

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ Frame F640 43 B
253 B 16ms
16ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=NYCGODFPDISPLAY1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978117&de=61238068722&m=0&ar=944fd8091a1-clean&iw=1929362&q=2&cb=0&ym=0&cu=1644602978117&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=33139484%3A2945629114%3A5848564009%3A138377604421&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2F&id=0&ii=3&bo=60567644&bd=60584324&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60584324&dfp=0%2C1&la=60584324&gw=nycgodfp891165161802&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=196859&na=1009757913&cs=0
Requested by: Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ Frame DBBC 8 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N30602.148218NYCGO.COM0/B26770616.319624431;dc_ver=84.245;dc_eid=40004000;sz=970x90;u_sd=1;dc_adk=1633451890;ord=mlpzzu;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst8OC4r2-kQLJA7EIGCA70GrNV47FsX5cs6BjiA9IYjnZSOi2yHCIlUjx85ayDtW_e_feNB6VRqtqKe0nCCPHZp4INrtIUF-yoo6PG1RsKLaw3GG63H_3n16F_piBNC0Dbl8a9abFHnHPzqvoGoCmT6SqvJSY5GYdUXhoiSVN9MJD7QuQ6INIwt4KiNEtC-GtINCcdLst_U2BxakAQCXSI463C_Aawo1eVWSerZfl9AIXKalukQB2wBPxj84n5-xBo379lYK85LcQUKAijz2e6eVREWCjFXLLArb1FcId0fHI-iKefja3Nz%26sai%3DAMfl-YQ28iRIFMGwnuZoOdLdQYzVyD8y7mu5LX9PYkMnDaAhr0Uae82BJ6lHRkxWS1hgVHijCRjKAgfBO7HkdzRRbThKjfdnKiJPyPG2m43uW9Iyc1QJtZ_gPnTYkh3p6q0%26sig%3DCg0ArKJSzDFYqEX2gdrHEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.nycgo.com%2F$0;xdt=1;crlt=9zuVylXqX0;sttr=113;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 18:09:02 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DBBC 0
60 B 76ms
76ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgQb6M7AtiYi4EjP8l92enrd0MefI-0XpceVGhh4d6LbSEQAmc0EvJngd--VySa2ZC6r2Pm2-PWVMdMi_ZeBu7lXbNykVoCG2nUzmN8teia5HzUZvCPmUTZ8RJ-VSS6u5Og43Pg6KbH3HtRpUQrzi4&sig=Cg0ArKJSzF78n3JpshnbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220209.67134&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DBBC 41 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 10:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 10:06:24 GMT

GET
H2 200 CHI_NYCGo_Bway_Best_Bet_020822_970x90_-_NYCGo_2.7.gif
s0.2mdn.net/6735643/ Frame DBBC 54 KB
55 KB 41ms
41ms Image
image/gif 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6735643/CHI_NYCGo_Bway_Best_Bet_020822_970x90_-_NYCGo_2.7.gif

Requested by

Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a464aaa575f4a845b0f4a8b1417b1f935b792529e1ca6c4bf5a20a01c70013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 15:03:54 GMT
x-content-type-options: nosniff
age: 11144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55793
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 01:14:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Feb 2022 15:03:54 GMT

GET
DATA 200
OK truncated
/ Frame DBBC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55f05527c55ea745f5075d29174659f57169ac5f6d9d39ed00ff7da245652f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ Frame DBBC 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=NYCGODFPDISPLAY1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978216&de=248997237960&m=0&ar=944fd8091a1-clean&iw=1929362&q=2&cb=0&ym=0&cu=1644602978216&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=33139484%3A2945629114%3A5848564009%3A138377604907&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2F&id=0&ii=3&bo=60567644&bd=60624044&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60624044&dfp=0%2C1&la=60624044&gw=nycgodfp891165161802&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A0&fs=196859&na=116629871&cs=0
Requested by: Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame F640 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F6735643%2FCHI_NYCGo_Bway_Best_Bet_020822_300x250_-_NYCGo_2.7.jpg&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-9eUHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-69QRKbOpzNBk3A%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978117&de=61238068722&cu=1644602978117&m=61&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=45&cd=0&ah=45&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604421&bo=60567644&bd=60584324&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60584324&dfp=0%2C1&la=60584324&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=352088406&cs=0
Requested by: Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:38 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F640 0
23 B 122ms
75ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F640 0
0 75ms
74ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyZ3cD2bKdfEEfZ4I8fBAxhIoVNotr3nxLMqtWc6NoO2XFqPGtlI3qZ7STqDWUzzR9jFjLkRrbTAofG1-1fcihzN7OOXiXTQRA5OQGz8YGpAYND6R_zM9plLlr5W8G0OAKQh-2TsLKhq0e9eDWdbIFer8WOv85utMQxRxEhHfFqE8WsETLq41vqId8ituo-EQWu6IgY_HoPbGNzEk6HNKd8_BHk6Az3UqyLo-_HDS50_EXTfUenfYWhn57jvuoYC-4DE8n34xRoct7P8C0jdKOBxlO4V3XnjQANOP_0yI59CueQIDtyqLkY4sBlgsb3_fVOtTdog&sai=AMfl-YTXkFlMlpeHfTxCd54Xow-NdjpL3gWVqmTS8SAg2p8sMNnPzCA90s27a2w94fyQS4d1271CogMy-mcT2z3IuBykFEOyPGXk5Ps8ZKd4dNtujITyZqvSx8LaV-NgqHY&sig=Cg0ArKJSzBbRXFlDeVNlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H/1.1

200

rs
tags.w55c.net/ Frame 4462
Redirect Chain

https://tags.w55c.net/rs?id=e1f06ad8953f43418d8736ace56b58c6&t=marketing
https://tags.w55c.net/rs?sccid=ba94fda0-bc76-440b-d30d-6f347b12484f&scc=1&id=e1f06ad8953f43418d8736ace56b58c6&t=marketing

42 B
580 B

8ms
7ms

Image
image/gif

3.126.16.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=ba94fda0-bc76-440b-d30d-6f347b12484f&scc=1&id=e1f06ad8953f43418d8736ace56b58c6&t=marketing

Requested by

Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?

Protocol

HTTP/1.1

Server

3.126.16.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-16-11.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-702-g2925257#rel-ec2-master i-0d390a4cbd087d732@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10272577.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:09:38 GMT
Server: Retargeting/v2.0.30-702-g2925257#rel-ec2-master i-0d390a4cbd087d732@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:09:37 GMT
Server: Retargeting/v2.0.30-702-g2925257#rel-ec2-master i-0d836f7294b6c7d01@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://tags.w55c.net/rs?sccid=ba94fda0-bc76-440b-d30d-6f347b12484f&scc=1&id=e1f06ad8953f43418d8736ace56b58c6&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013
adservice.google.com/ddm/fls/z/ Frame 4462 42 B
63 B 76ms
76ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10272577.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9333
Redirect Chain

https://20827843p.rfihub.com/ca.gif?rb=42866&ca=20827843&ra=YOUR_CUSTOM_CACHE_BUSTER&_o=42866&_t=20827843
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxOTY4NjU3MDYxMw==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D1349...
https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D5142336719686570613%26https%253A%252F%252Fib.adnxs.com%252Fsetuid%253F...
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336719686570613&https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336719686570613https%253A%252F%252Fdsum-sec.casaleme...

0
239 B

44ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336719686570613&https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336719686570613https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D57%2526external_user_id%253D5142336719686570613%2526forward%253D
Requested by: Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588754250.8687?
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10272577.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336719686570613&https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336719686570613https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D57%2526external_user_id%253D5142336719686570613%2526forward%253D
Date: Fri, 11 Feb 2022 18:09:38 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200

rs
tags.w55c.net/ Frame 9333
Redirect Chain

https://tags.w55c.net/rs?id=bf57f140e39e4b98bfde08026d7a6868&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price
https://tags.w55c.net/rs?sccid=aca52419-1573-5544-be3d-ccc11d1ad525&scc=1&id=bf57f140e39e4b98bfde08026d7a6868&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price

42 B
580 B

8ms
8ms

Image
image/gif

3.126.16.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/rs?sccid=aca52419-1573-5544-be3d-ccc11d1ad525&scc=1&id=bf57f140e39e4b98bfde08026d7a6868&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price

Requested by

Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588754250.8687?

Protocol

HTTP/1.1

Server

3.126.16.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-16-11.eu-central-1.compute.amazonaws.com

Software

Retargeting/v2.0.30-702-g2925257#rel-ec2-master i-0a9739bdde9ce53f1@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10272577.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:09:37 GMT
Server: Retargeting/v2.0.30-702-g2925257#rel-ec2-master i-0a9739bdde9ce53f1@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:09:37 GMT
Server: Retargeting/v2.0.30-702-g2925257#rel-ec2-master i-087e8c0a3b0870f0e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://tags.w55c.net/rs?sccid=aca52419-1573-5544-be3d-ccc11d1ad525&scc=1&id=bf57f140e39e4b98bfde08026d7a6868&t=checkout&tx=$TRANSACTION_ID&sku=$SKUS&price=$price
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588754250.8687
adservice.google.com/ddm/fls/z/ Frame 9333 42 B
63 B 76ms
75ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLHxt8Kf-PUCFbEGBgAdb-gCUA;src=10272577;type=us-go00;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=2370588754250.8687

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10272577.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DBBC 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F6735643%2FCHI_NYCGo_Bway_Best_Bet_020822_970x90_-_NYCGo_2.7.gif&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-88B%2FQp3imbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jEwFHCPigVLOGg%3D%3D&sc=1&os=1-1A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978216&de=248997237960&cu=1644602978216&m=30&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=24&cd=0&ah=24&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604907&bo=60567644&bd=60624044&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60624044&dfp=0%2C1&la=60624044&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=511114711&cs=0
Requested by: Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H/1.1 200
OK widget.js Show response
nycco-sweeps-122021.probabilityworks.cloud/ 2 KB
1 KB 301ms
95ms Script
application/javascript 209.97.149.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://nycco-sweeps-122021.probabilityworks.cloud/widget.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a194bea8d39a/825a12be7af5/launch-d85886614a80.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.97.149.49 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Apache /

Resource Hash

22c432bc4608a33dbeebe465a7e638d7bee9af2550f9f5285708ae75ded307d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Connection: Keep-Alive
Content-Length: 592
Pragma: no-cache
Access-Control-Allow-Headers: Content-Type, Origin, Authorization, x-requested-with, accept, client-security-token
Last-Modified: Fri, 11 Feb 2022 18:09:38 GMT
Server: Apache
Access-Control-Max-Age: 10000
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=3, max=500
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DBBC 0
23 B 109ms
74ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBBC 0
0 74ms
74ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR2nFozgvOa7JkY96o614H6cKn1Q3sPT9jB_Membbgt4HupmVnh74gt9xWlD-J7TEAOMsAyLG-FapnEdBtGEMWAI4NMEe-GGsJwDbcaUfRq1ErfE6hnPEtVKOpLKshJa31PejtN0F7yjPPiX8z3POvbmRe7S-EGLuYpEJs7lzSeq2vLUS74w10FYFUSqLKmJSaNU4UxPzdemb17da9v2n1rZmFoy5P0xhmE5_D0-ohg5fIq2WnIYKFAC7Sv2ocmqXXpumfdgcInJkwRAHibaFPb9dQNIdjJn6_9mrtURt7oczznS0LVkJ-DLcDdT0&sai=AMfl-YSmz-iC3uD-1tFyIhBIW3z1TWTm1CvywMdZt34KY1qJB-qWhWfJCdXn1JGMVutgXBxLM2HaW3qCfmyJGBhpZ5iniepcyqwtf5TS0Tvsa2SWHywtSiG33UTjZYQd14Q&sig=Cg0ArKJSzG4kD-aXKpogEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ Frame 4462 19 KB
6 KB 49ms
8ms Script
application/x-javascript 2600:9000:2156:6600:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10272577.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:59:05 GMT
content-encoding: gzip
last-modified: Fri, 11 Feb 2022 17:58:55 GMT
server: Jetty(9.3.29.v20201019)
age: 633
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: ryPohKkWoYlScbEeBBwUTh-0jBmA1N4iTNdOpDdrABcudl7ag46GSw==
expires: Fri, 11 Feb 2022 18:59:05 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0920 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 10:06:25 GMT
expires: Fri, 10 Feb 2023 10:06:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 115393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8D7F 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Feb 2022 10:06:25 GMT
expires: Fri, 10 Feb 2023 10:06:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 115393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ Frame F640 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-9eUHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-69QRKbOpzNBk3A%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978117&de=61238068722&cu=1644602978117&m=204&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A562%3A562%3A0%3A559&aa=0&ad=75&cn=0&gk=75&gl=0&ik=75&ic=75&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=45&cd=45&ah=45&am=45&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604421&bo=60567644&bd=60584324&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60584324&dfp=0%2C1&la=60584324&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=1253941928&cs=0
Requested by: Host: 34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
URL: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H/1.1 200
OK ca.html Show response
20827626p.rfihub.com/ Frame F8D2 3 KB
4 KB 479ms
46ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20827626p.rfihub.com/ca.html?ver=9&rb=42866&ca=20827626&_o=42866&_t=20827626&pe=https%3A%2F%2F10272577.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMXxt8Kf-PUCFXQGBgAdHzsEqg%3Bsrc%3D10272577%3Btype%3Dus-go0%3Bcat%3Dus-go0%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bnpa%3D%3Bgdpr%3D%3Bgdpr_consent%3D%24%257Bgdpr_consent_755%257D%3Bord%3D5986667957248.013%3F&pf=https%3A%2F%2Fwww.nycgo.com%2F&ra=6906876415177738
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: ff8eb1254520181c83fbf8c7b13f6a555c076e52635e70631a98f574b448a130

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10272577.fls.doubleclick.net/

Response headers

Date: Fri, 11 Feb 2022 18:09:38 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2786
Server: Jetty(9.3.29.v20201019)

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 0920 35 KB
13 KB 84ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 16:21:23 GMT

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D7F 35 KB
13 KB 80ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 16:21:23 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DBBC 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-88B%2FQp3imbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jEwFHCPigVLOGg%3D%3D&sc=1&os=1-1A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978216&de=248997237960&cu=1644602978216&m=202&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A675%3A675%3A785%3A657&aa=0&ad=87&cn=0&gk=87&gl=0&ik=87&ic=87&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=24&cd=24&ah=24&am=24&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604907&bo=60567644&bd=60624044&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60624044&dfp=0%2C1&la=60624044&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=805084268&cs=0
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H/1.1 204
No Content msreceiver Show response
nycgo.evergage.com/ 0
224 B 102ms
101ms XHR
text/plain 52.71.51.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://nycgo.evergage.com/msreceiver?_r=447479&_ak=nycgo&_ds=production&.anonId=c218fdb16e46bc58&_anon=true&.cStat=%5B%5B%7B%22type%22%3A%22e%22%2C%22id%22%3A%22uFJrO%22%2C%22stat%22%3A%22i%22%7D%2C%7B%22type%22%3A%22m%22%2C%22id%22%3A%22B5uWD%22%2C%22stat%22%3A%22i%22%2C%22eid%22%3A%22uFJrO%22%7D%5D%5D&.bv=14&.scv=42

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.51.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-51-137.compute-1.amazonaws.com

Software

Apache-Coyote/1.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.nycgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.nycgo.com
Date: Fri, 11 Feb 2022 18:09:38 GMT
X-Content-Type-Options: nosniff
Server: Apache-Coyote/1.1
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK widget-generate-js-v3.5.php Show response
nycco-sweeps-122021.probabilityworks.cloud/ 17 KB
6 KB 231ms
231ms Script
text/html 209.97.149.49
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://nycco-sweeps-122021.probabilityworks.cloud/widget-generate-js-v3.5.php?slug=&referer=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&utm_source=&utm_medium=&utm_campaign=&utm_term=&utm_content=&adobe_cid=

Requested by

Host: nycco-sweeps-122021.probabilityworks.cloud
URL: https://nycco-sweeps-122021.probabilityworks.cloud/widget.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.97.149.49 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Apache /

Resource Hash

42b950f562b96f0f8f54fec15b15f3b88cd9a714f31fb37cd94e5e367fa09d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:38 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Connection: Keep-Alive
Content-Length: 5693
Pragma: no-cache
Access-Control-Allow-Headers: Content-Type, Origin, Authorization, x-requested-with, accept, client-security-token
Server: Apache
Access-Control-Max-Age: 10000
Strict-Transport-Security: max-age=15768000
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=3, max=499
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D7F 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdOy8YaYGYrPpPJ-DjuwPtZiHiAsAAAAAOAHgBAI&bg=!QUKlQgbNAAbAtJCDwLQ7ACkAdvg8Woub3hSfjqX_MV3g3AZ_RdWWWm5xkBO5AbVO_ScjAMAVxgyFbgIAAAByUgAAAANoAQeZAwFHDjzhAIIURPgz-aRObOjoVqkzxQeQ6X2i3ZHp28LqemUXhyXqFjo8fTb7tFg9IU5-C2O5LvpLsImBOzf0pjwR9jX_KU4CJ1rCfgx0sjgZEodvTt6KVy-1-fYtjyKe_Coj8VhwvEKyoOGfZFqdfNkuDqDMmWn2C75KyRDfEEevKwzUVdr6UEd4Ijgcs1V5taRE1-uspv01tpyQ5G49n3xxxylkVBvT2zeRhl9R0aO1U3e3q5RdjUadqKUSgMJcxJd8jvpkTzKoIdI97GocNHOC-0dh9H-6KACqCevZStvIvOxJziZpyW8aeAh-ukS-gCyBc2BQM9c14j0y6Z-tRK4ypVthRoRreP0A142nSl20vm9RCrmUnlqa-o99eWEQb0j0ELRacHBTZy4pLlKH5lbvXBH0kCK2JwIYqim2Gm8foZsXzNGnQyBlR3Yu59HwrqDV0pgOwxoZ15oC2yBbp-CLAvqxTJX5RQrHtomm9OjRDDHLAhPs7Eeb7jsg9Om6jsBuMrIRfK7VseRKd64ouJeOgVjeNtOm_6P56r5FvkElkgu6ByHlOTguCUKxg3w68KnEqe259OTcN_A2FOtBDe9Bqia45v2OOgbAazSQBR_dI9PxFgnm-3S7xY2LSIRhJcLo8DfLaFRsShHLsvROrG_Zgq9oqAbeKrk8L8OZOIt_rpApkwZdb4y1F7ZsA-4UcmhxdmOhfb6912Caqz_PcDk0DRIo3csqZX5FMET9CmL0DtHGtxE9HB8OGYhEY9u0HtNoXCRV67CP1vO5IXBLcsc7esjtdxrSktk1F8iiY_M_2farSRZYju3rRd7xMEYwzhHl3MSsrkt6FZoS8ThBl4dKbDMXOtZt4hZD2TD-CDEk1887nIlDDEwOoYzBqgewO2UT2BKAAeArCRAqfPbSM01bjvw6CrEXIjf-DNoddBoNIN-AHtxSLVgEaKYBZ1l5fk61eNhw0lqPdkelGPWbsZVrOrt5SfziWrvPlE7u5SM58B1sAgTtZ0qAsdvGli06QIaL

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0920 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYac6YaYGYsnmPJidgQeCrYDYCgAAAAA4AeAEAg&bg=!ysmlyY3NAAbAtJCDwLQ7ACkAdvg8Wit5QozNbb3etQyC7kjognDMrau8Sliklcv0sH-x1BnAO8Uv5QIAAACMUgAAAAJoAQeZAvSCe7ET_JZuxIdg8WEu1zTPc9MXmhuEt0-ca2miiQbcF77oEQMwfwQNKG1aW_VtS2x6r4G5YzC6E-vvbypDvZbTsJDNmaj9ocuyhe1QdGkNCV2zoXCHEBjygdrZ8Qvt4kAvP9O8dhwJQLbX19I_hFU0kBsPqY7DKRssOelKo2Rc6o__U7TIJ-P68TC0J_MsYrUU18iA5A0t3z5GIlZ1VqCu-De3LIvzjcQg5IzCHc-p0nq_TUo4JOUAPYNc4JX6On6cJNMjvGynCRxADLyskLx3ceQIWD3jWaqSWPjvbER0JcD9sUUV51HIUAMZxbO1VvNoKcXErcytqcV-DdOhbzhbpPzcCJv7fYFIg-7ITTT-nfdrOaFJq3d-XnqFZIv0orZdV5XpT1LUSNYVAfRWOSYe6bjJo3F6XwQBsADGVeXvAvKG6GePJV0WBDtHCdAtTtqRsbKJgULk0U_iVhwj1vKXvbnEQs716OsOL1Is1D2yfCLlieK3qBQixeFQsZbnBC6MDBbZkxay4sEMS7Roneks9WzdWME0qBPGI4zrkpuN3FRObiym45lF9n73OaXG_u46Bw3HNrKECNrcHWG7mqvqbiWuXcgtTthgXg86DgNnxGW61d3Ccwe26kBrVzPCQVQFG0Urp6PUEOXdEO8w5N9SLLtGSgWqaj-Tam7VVANnD6eiMnHZWROmyUTvKSVL5_uyiFBpZ7e-lumqyEijnmHkwPjbPt-zl4G17gQzqYJ0B8szl80IzkoEzBpRIkkSEYIYfYQIcOwgiJdlcMeX_8YIA06ed7ikZG-5yz1td7CCPKCho-5sjrGK3DHM7BF_9pNQ_1nCq23oj24zLkCon2TBoFVe3RYAm79GfqhaTWLLmRYI2D-IBJapB5LC0AHz-MOxNLEQ-wwdGMqt0d1sGJPhz2XS_kugipO0f6qAgPCV2pzLQ0BXxHve8j2QKVSOn7gXxwmnpn3x9n_WaoALClYZhJGM_zbu4dIhI_TdkS7FY28ZPRo

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame F8D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEyNDMyMjMyMTE3MzMxMTk4Mw==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGiy26-x3V41miyTrSD_ASQ&google_cver=1

42 B
1 KB

17ms
17ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGiy26-x3V41miyTrSD_ASQ&google_cver=1
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:38 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGiy26-x3V41miyTrSD_ASQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame F8D2 43 B
998 B 52ms
51ms Image
image/gif 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5124322321173311983

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:09:38 GMT
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fd3e08f1-c5c2-4bce-a1db-7f7ad7ac7ec9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame F8D2
Redirect Chain

https://stags.bluekai.com/site/4722?id=5124322321173311983&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

42 B
1012 B

16ms
16ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:39 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Date: Fri, 11 Feb 2022 18:09:39 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame F8D2 0
239 B 44ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5124322321173311983&
Requested by: Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame F8D2
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5124322321173311983&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322321173311983&redir=

42 B
945 B

34ms
34ms

Image
image/gif

34.246.16.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322321173311983&redir=

Protocol

HTTP/1.1

Server

34.246.16.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-16-33.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v027-0213a5377.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: gYp3+DlUQ3g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v027-06778f748.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Way4jlYjQUs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5124322321173311983&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame F8D2
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5142336719686570613&bid=omt9pi0

0
344 B

38ms
8ms

Image
text/plain

3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5142336719686570613&bid=omt9pi0
Protocol: HTTP/1.1
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:38 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5142336719686570613&bid=omt9pi0
Date: Fri, 11 Feb 2022 18:09:38 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame F8D2 45 B
614 B 48ms
24ms Image
image/gif 104.90.185.183
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5124322321173311983

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.185.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-185-183.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 11 Feb 2022 18:09:38 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame F8D2 0
105 B 76ms
9ms Image
text/plain 18.192.132.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.132.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-132-137.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:38 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame F8D2
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5124322321173311983&referrer=https%3A%2F%2Fwww.nycgo.com%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=043684b1-bb8c-4d7d-98c1-3d49e8416b38%3A1644602978.99&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D043684b1-bb8c-4d7d-98c1-3d49e8416b38...
https://idsync.rlcdn.com/501709.gif?partner_uid=043684b1-bb8c-4d7d-98c1-3d49e8416b38%3A1644602978.99
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJljy2TQ3VYP8Y5mqguW19E&google_cver=1

42 B
299 B

20ms
19ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJljy2TQ3VYP8Y5mqguW19E&google_cver=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:39 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJljy2TQ3VYP8Y5mqguW19E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame F8D2 43 B
109 B 394ms
141ms Image
image/gif 52.200.156.204
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5124322321173311983
Requested by: Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.156.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-156-204.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:39 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F8D2
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321173311983&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321173311983&forward=&C=1

43 B
1006 B

74ms
74ms

Image
image/gif

2.20.85.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321173311983&forward=&C=1
Protocol: HTTP/1.1
Server: 2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-85-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:09:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 18:09:39 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 18:09:38 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5124322321173311983&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame F8D2 42 B
415 B 60ms
20ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5124322321173311983
Requested by: Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:38 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame F8D2 43 B
191 B 188ms
146ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5124322321173311983

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 11 Feb 2022 18:09:39 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame F8D2
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321173311983&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321173311983&img=1&__user_check__=1&sync_id=c714b032-8b65-11ec-b971-1bf0cf250306

43 B
548 B

25ms
25ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5124322321173311983&img=1&__user_check__=1&sync_id=c714b032-8b65-11ec-b971-1bf0cf250306
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 32
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 11 Feb 2022 18:09:38 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=5124322321173311983&img=1&__user_check__=1&sync_id=c714b032-8b65-11ec-b971-1bf0cf250306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 13
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame F8D2 43 B
183 B 317ms
99ms Image
image/gif 2600:1f18:612b:4232:5007:e458:edcf:dd38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5124322321173311983&r=-2OOAmGJUFZB
Requested by: Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:5007:e458:edcf:dd38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:39 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame F8D2 43 B
238 B 49ms
7ms Image
image/gif 52.28.188.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5124322321173311983
Requested by: Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.188.15 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-188-15.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame F8D2 0
338 B 525ms
169ms Image
text/plain 52.36.230.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5124322321173311983
Requested by: Host: 10272577.fls.doubleclick.net
URL: https://10272577.fls.doubleclick.net/activityi;dc_pre=CMXxt8Kf-PUCFXQGBgAdHzsEqg;src=10272577;type=us-go0;cat=us-go0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=$%7Bgdpr_consent_755%7D;ord=5986667957248.013?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.230.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-230-128.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:39 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1644602979
x-served-by: beacon-n005-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame F8D2
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5124322321173311983&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321173311983&expires=30

43 B
495 B

17ms
17ms

Image
image/gif

3.124.150.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321173311983&expires=30
Protocol: HTTP/1.1
Server: 3.124.150.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-150-38.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5124322321173311983&expires=30
Date: Fri, 11 Feb 2022 18:09:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame F8D2
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YgamYwAFeSx-IQBH
https://p.rfihub.com/cm?in=1&pub=21653&userid=YgamYwAFeSx-IQBH&_test=YgamYwAFeSx-IQBH

42 B
1 KB

18ms
18ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YgamYwAFeSx-IQBH&_test=YgamYwAFeSx-IQBH
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20827626p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:39 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644602979.144613,VS0,VE0
x-served-by: cache-hhn4068-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YgamYwAFeSx-IQBH&_test=YgamYwAFeSx-IQBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=5&pxm=5&sgs=6&vb=6&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=1&ak=https%3A%2F%2Fwww.nycgo.com%2F%2Foff-broadway-week%2F-&i=NYCGO_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-pI1cvD-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-J7VHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-jEwFHCPigVLOGg%3D%3D&sc=1&os=1-3g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=4&w=4&rm=1&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=4&cm=1&zMoatIS=0&pl=1&f=0&t=1644602977969&de=664131635610&rx=782536425128&cu=1644602977969&m=937&ar=944fd8091a1-clean&iw=4fc7fc1&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5086&le=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=1%3A1789%3A1789%3A0%3A1955&im=0&in=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=0&cd=0&ah=0&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&gw=nycgoheader74567727191&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&ab=3&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=196859&na=2134679745&cs=0
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:38 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 71ms
8ms Script
application/x-javascript 2600:9000:214f:1400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 17:03:57 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 3941
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: lTRfrVqZm6fhyHhbTdZXdLDH4fPNHBJGK4XndnXVqGXRQsnAnd_-IQ==
expires: Fri, 11 Feb 2022 19:03:57 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 96ms
52ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020801&st=env

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f7bb50ffe2e8b45b5f549ac70f01ecf3e10dc125b0d97b7db7ab5fcbeeb12a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 18:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9866
x-xss-protection: 0

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame EF9B
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

230ms
230ms

Document
text/html

104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

f304461126d7a393030a9a149fe50da5a5c68252c1cc87561a5c04547d0eaaf9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-ab129a34af7124c80af1f82b4e354305' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1747608508390304; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-ab129a34af7124c80af1f82b4e354305' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1747608508390304; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-ab129a34af7124c80af1f82b4e354305' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 132
pinterest-generated-by: coreapp-webapp-prod-0a011f50
content-encoding: gzip
pinterest-version: 51e3c06
referrer-policy: origin
x-pinterest-rid: 1747608508390304
date: Fri, 11 Feb 2022 18:09:39 GMT
akamai-grn: 0.16d854b8.1644602979.6d14bd3c
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 105
pinterest-generated-by: coreapp-webapp-prod-0a0112c8
content-encoding: gzip
pinterest-version: 51e3c06
referrer-policy: origin
x-pinterest-rid: 1062631281081106
date: Fri, 11 Feb 2022 18:09:39 GMT
akamai-grn: 0.16d854b8.1644602978.6d14ba25
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 33ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: PFXMHSMQRYFBJAVQ
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11777
x-amz-id-2: Z0HDsMPDsn7UZvwpeECjaxkm/uvU4/rurM34xi2PkMZqqkUdTPKNUUNIUZse4nJqqs9ekVZ6y2o=
x-served-by: cache-hhn4028-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1644602979.945267,VS0,VE0
date: Fri, 11 Feb 2022 18:09:38 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 969

GET
H/1.1 200
OK dde01cd7af Show response
bam-cell.nr-data.net/1/ 49 B
715 B 587ms
558ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/dde01cd7af?a=86651758&sa=1&v=1208.49599aa&t=Unnamed%20Transaction&rst=3709&ck=1&ref=https://www.nycgo.com/off-broadway-week/&be=2661&fe=3671&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1644602975246,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:69,%22c%22:69,%22s%22:75,%22ce%22:84,%22rq%22:84,%22rp%22:104,%22rpe%22:105,%22dl%22:107,%22di%22:1955,%22ds%22:1955,%22de%22:1962,%22dc%22:3649,%22l%22:3662,%22le%22:3671%7D,%22navigation%22:%7B%7D%7D&fp=1788&fcp=1788&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 18:09:39 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6dbf878aade29226-FRA

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 299ms
95ms Image
image/gif 34.238.149.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nycgo.com&p=%2Foff-broadway-week&u=Duk_DEDO7ZAeBIGEY3&d=nycgo.com&g=115&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5086&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3662&t=Dl_va2C4A-F3C6ph8oOIcP9C5JfLc&V=129&i=NYC%20Off-Broadway%20Week%E2%84%A0%20%7C%20Discounted%20Tickets%20%26%20Theater%20in%20NYC%20%7C%20NYCgo&tz=0&sn=1&sv=BsXawHzsuiqDs3J80BqjnlhCpADxO&sd=1&im=067b0cf3&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.149.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-149-180.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 191ms
190ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 18:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 18:09:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA3C 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 17:45:58 GMT
expires: Sat, 11 Feb 2023 17:45:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DE12 783 B
536 B 51ms
51ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43356a80f90ff7412ecfa190dc20e1c7faf039b79efe8bca201dcd6347860ead

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XV20xEhfBN3/keMJW533Dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 11 Feb 2022 18:09:39 GMT
date: Fri, 11 Feb 2022 18:09:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XV20xEhfBN3/keMJW533Dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js Show response
pagead2.googlesyndication.com/bg/ Frame FA3C 35 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3he9SSTPTzffGJDQBOTZcvp_zoO7E8v038ekVtZ_6Vg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 16:21:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13552
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 16:21:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DE12 0
0 87ms
87ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020801&jk=534818615247525&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F640 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstG6KVpOjfTzSYSTvrY81jqqpbaMQsMd9je5-_KqNRXBhVUhNs--fExK8d5PEXakhkVFOfOrBEbyyD1jzXHjrXLyOCm-yn96Mo&sig=Cg0ArKJSzFLvKgK5cupzEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3756773004&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644602977621&rpt=666&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F640 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1HUunYVENgaikThDliNTpwNgJgEPtjLLPQc-lMtSZcvDUYZek7Pj2X8C6ChS36ey914UKUOpja5C4h5scR5ZNs-302kNU0WRe1XfJDfWufac4r0O0&sig=Cg0ArKJSzJM7CSevS6SzEAE&id=lidar2&mcvt=1002&p=650,1040,900,1340&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=3047983704&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644602977621&rpt=663&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBBC 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUsJ_Cr5lw4eK68stGjfpFGz5H-r44_7yFZFRVsQS1ahsW0oU_WaZ0zNOzoRoGNzEAojQjEAAl8HXPhrkMUyrvwMVe31FUUEpiLMfvbeXcKggxMkM0&sig=Cg0ArKJSzF5KgkEc_YXIEAE&id=lidar2&mcvt=1010&p=15,315,105,1285&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=120808890&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644602977591&rpt=706&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBBC 42 B
64 B 71ms
70ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuozCPFt8TphMz13WV1VG9tTNwMksZykDldbEguW1u5HSpqQF8P65kVeW0erJ7a0ghHOUEFg1MkiiYf7ed8NGNWeKxMu4VfBvM&sig=Cg0ArKJSzMP5fnfRtMBCEAE&id=lidar2&mcvt=1011&p=0,0,90,970&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=1633451890&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644602977591&rpt=708&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame F640 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-9eUHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-69QRKbOpzNBk3A%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978117&de=61238068722&cu=1644602978117&m=1225&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A562%3A562%3A753%3A559&aa=1&ad=1096&cn=75&gn=1&gk=1096&gl=75&ik=1096&ic=1096&ez=1&co=1096&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=45&ah=1012&am=45&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604421&bo=60567644&bd=60584324&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60584324&dfp=0%2C1&la=60584324&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=1087755388&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:39 GMT

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame EF9B 0
4 KB 182ms
181ms Other
text/plain 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=1747608508390304

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-05e54fe038c14b7e9c139c665e8a1856' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1308800553414862; frame-ancestors 'self' , script-src 'nonce-05e54fe038c14b7e9c139c665e8a1856' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1308800553414862
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-05e54fe038c14b7e9c139c665e8a1856' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1308800553414862; frame-ancestors 'self' , script-src 'nonce-05e54fe038c14b7e9c139c665e8a1856' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1308800553414862
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.16d854b8.1644602979.6d14c0df
content-security-policy-report-only: script-src 'nonce-05e54fe038c14b7e9c139c665e8a1856' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 76
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1308800553414862
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 51e3c06
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 11 Feb 2022 18:09:39 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a0113af

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame EF9B 0
4 KB 129ms
129ms Other
text/plain 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-8b0d6fcc4805c90306d0f51ee0ac50fc' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4804265792219483; frame-ancestors 'self' , script-src 'nonce-8b0d6fcc4805c90306d0f51ee0ac50fc' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4804265792219483
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-8b0d6fcc4805c90306d0f51ee0ac50fc' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=4804265792219483; frame-ancestors 'self' , script-src 'nonce-8b0d6fcc4805c90306d0f51ee0ac50fc' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=4804265792219483
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.16d854b8.1644602979.6d14c0e6
content-security-policy-report-only: script-src 'nonce-8b0d6fcc4805c90306d0f51ee0ac50fc' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 29
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 4804265792219483
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 51e3c06
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 11 Feb 2022 18:09:39 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a011404

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame EF9B 0
4 KB 126ms
126ms Other
text/plain 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/off-broadway-week

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-c7cfa02fffbf73a18fa6020e66ce033e' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1852027605114618; frame-ancestors 'self' , script-src 'nonce-c7cfa02fffbf73a18fa6020e66ce033e' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1852027605114618
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-c7cfa02fffbf73a18fa6020e66ce033e' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net px.ads.linkedin.com www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1852027605114618; frame-ancestors 'self' , script-src 'nonce-c7cfa02fffbf73a18fa6020e66ce033e' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1852027605114618
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.16d854b8.1644602979.6d14c0ee
content-security-policy-report-only: script-src 'nonce-c7cfa02fffbf73a18fa6020e66ce033e' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.online.tableau.com *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 26
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1852027605114618
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: 51e3c06
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 11 Feb 2022 18:09:39 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a01193c

GET
H2 200 pixel.gif
px.moatads.com/ Frame F640 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-9eUHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-69QRKbOpzNBk3A%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978117&de=61238068722&cu=1644602978117&m=1225&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A562%3A562%3A753%3A559&aa=1&ad=1096&cn=1096&gn=1&gk=1096&gl=1096&ik=1096&ic=1096&ez=1&co=1096&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=1012&ah=1012&am=1012&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604421&bo=60567644&bd=60584324&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60584324&dfp=0%2C1&la=60584324&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=2106512571&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:39 GMT

GET generate_204
tpc.googlesyndication.com/ Frame FA3C 0
0

GET
H2 200 pixel.gif
px.moatads.com/ Frame F640 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-9eUHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-69QRKbOpzNBk3A%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978117&de=61238068722&cu=1644602978117&m=1226&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A562%3A562%3A753%3A559&aa=1&ad=1096&cn=1096&gn=1&gk=1096&gl=1096&ik=1096&ic=1096&ez=1&co=1096&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1012&cd=1012&ah=1012&am=1012&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604421&bo=60567644&bd=60584324&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60584324&dfp=0%2C1&la=60584324&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=470710022&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020801&jk=534818615247525&bg=!mpmlmd3NAAbAtJCDwLQ7ACkAdvg8WjL7LLNEtsevgwKfcdAUVETzTwVg7uR9obd0bwFDgnVr4PggzAIAAABSUgAAAAJoAQcKAFlO2LaWFKxDmr5h-ciIQoRCgkR7Efo8F5ajEdCe-x3I_oRP5p5qCu5z5kC-zXLiyGk13OfkOJJtV-XLZt6-TJW-0t3sFoWL9wN5WJbhrjAQd-q1dJc2Gm6ESZkCxZrNk1O-1erH4w97jyAZszoP8bHP2_3qR5qDGMYUzxz1tMUFoFDXQFVeqD8BNdSB6HiNYN0QECyYuU5_LyZRioe28UgRFIOZWKDq5SXobML8a5QoNZjef6FBaEHo5rqZO9ySVAhMoj2wlpLp5BeNBPMsbqvBymbOLm1uiFjngx2nefNgStWeQ3aXYPcDSds67ouSrTNe1PyTZrHNDSlRKnB6SiEe02hHIGxkA61T78sz45hGuBIVIj_Y2ItF4oLDGY9SPF389oQudIuup_QRxychH4Fr9Etn8BzJ8iMB3nUCRVzyF2dcqA5-F55L3848kXK_1G9A0zI2CNglGm1BxwdaoyM3pgAlfGLtVzYjWTb9H1E629bFFUxLg73NiyNpo6ymp0IYwsqxAn9eSvswxvDm6zDlyeD3djDBlyyNgjl6LEXwa_n_9mwcTrWPpS79CA7kRbLM3aY9FzZg3pu512icvFRiDXypq33Ghl7GDm5RgPCDrozEQsfedfNYzHBBKIw84WE7fvYkfZAW-luCcb3bksjqzHvmNPciFTjN7ambeAatwIyz8PkVi5ISj1gE6hQZ12kSqc9y9dLq9jkalQa-ciQhySPPpt4YqrOL3b8q1X32v9fOrJlJjYpNajr-Cs-IP8gFKneA71bGxthf72SnZWdB4U6B-lbaQQNjx0Pd83g1p-jLZtqUtF8reGnT6lXXh8WE6aGIuXfVop5t_dHSvcH18THJeaABpQ54uxDIM9eq1ZMmh17iUzXphSxojaF8sm4hno_Rv5gQzx3Ps1PPGuL0IZy8GQp98oNB0QLhNHXEZTGrndOjLXqkTKWIg84hRWoDeyXslBwwYRvxa3l00KhJ2efFsDzRSJ0P7fu6-X0RvAqRjn9YcGCQ7nHXcGpblx7-HGYyD9MH-5euXgcMOgx4eNyKewQ7NpFaZd5Edpldlxc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DBBC 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-88B%2FQp3imbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jEwFHCPigVLOGg%3D%3D&sc=1&os=1-1A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978216&de=248997237960&cu=1644602978216&m=1209&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A675%3A675%3A785%3A657&aa=1&ad=1094&cn=87&gn=1&gk=1094&gl=87&ik=1094&ic=1094&ez=1&co=1094&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=24&ah=1005&am=24&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604907&bo=60567644&bd=60624044&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60624044&dfp=0%2C1&la=60624044&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=382638883&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:39 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DBBC 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-88B%2FQp3imbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jEwFHCPigVLOGg%3D%3D&sc=1&os=1-1A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978216&de=248997237960&cu=1644602978216&m=1210&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A675%3A675%3A785%3A657&aa=1&ad=1094&cn=1094&gn=1&gk=1094&gl=1094&ik=1094&ic=1094&ez=1&co=1094&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604907&bo=60567644&bd=60624044&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60624044&dfp=0%2C1&la=60624044&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=111344964&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:39 GMT

GET
H/1.1 204
No Content pr Show response
nycgo.evergage.com/ 0
224 B 101ms
101ms XHR
text/plain 52.71.51.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://nycgo.evergage.com/pr?_r=334611&_ak=nycgo&_ds=production&.scv=42&.anonId=c218fdb16e46bc58&_anon=true&.top=1499&.lt=3671&.tt=491&.ttdns=82

Requested by

Host: www.nycgo.com
URL: https://www.nycgo.com/dist/dynamic-grid/polyfills.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.71.51.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-71-51-137.compute-1.amazonaws.com

Software

Apache-Coyote/1.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.nycgo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.nycgo.com
Date: Fri, 11 Feb 2022 18:09:38 GMT
X-Content-Type-Options: nosniff
Server: Apache-Coyote/1.1
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 pixel.gif
px.moatads.com/ Frame DBBC 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-88B%2FQp3imbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jEwFHCPigVLOGg%3D%3D&sc=1&os=1-1A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978216&de=248997237960&cu=1644602978216&m=1211&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A675%3A675%3A785%3A657&aa=1&ad=1094&cn=1094&gn=1&gk=1094&gl=1094&ik=1094&ic=1094&ez=1&co=1094&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1005&cd=1005&ah=1005&am=1005&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604907&bo=60567644&bd=60624044&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60624044&dfp=0%2C1&la=60624044&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=647374341&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:39 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:39 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/de_ALL/ 77 KB
28 KB 86ms
39ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDkSQUrbnLkcBi92Bz1sKKqG9wEe0NWif8&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc61eef243fa47845cbb95d6c3078ad2fda22fa9924a1daaf535438b2ad299a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28830
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 03:36:25 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/de_ALL/ 297 KB
91 KB 88ms
41ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDkSQUrbnLkcBi92Bz1sKKqG9wEe0NWif8&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6a8db162e9c771134ba27281df5338087590bf3a00d1765ec3382c20628b345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nycgo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92779
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 03:31:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame F640 43 B
253 B 16ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-9eUHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-69QRKbOpzNBk3A%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978117&de=61238068722&cu=1644602978117&m=5235&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A562%3A562%3A753%3A559&aa=1&ad=5107&cn=1096&gn=1&gk=5107&gl=1096&ik=5107&ic=5107&ez=1&co=1096&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5027&cd=1012&ah=5027&am=1012&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604421&bo=60567644&bd=60584324&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60584324&dfp=0%2C1&la=60584324&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=463469359&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DBBC 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-88B%2FQp3imbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jEwFHCPigVLOGg%3D%3D&sc=1&os=1-1A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978216&de=248997237960&cu=1644602978216&m=5220&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A675%3A675%3A785%3A657&aa=1&ad=5106&cn=1094&gn=1&gk=5106&gl=1094&ik=5106&ic=5106&ez=1&co=1094&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5016&cd=1005&ah=5016&am=1005&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604907&bo=60567644&bd=60624044&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60624044&dfp=0%2C1&la=60624044&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=1482741336&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame F640 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-9eUHbtgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-69QRKbOpzNBk3A%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978117&de=61238068722&cu=1644602978117&m=5437&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A562%3A562%3A753%3A559&aa=1&ad=5308&cn=5107&gn=1&gk=5308&gl=5107&ik=5308&ic=5308&ez=1&co=1096&cp=1012&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5227&cd=5027&ah=5227&am=5027&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604421&bo=60567644&bd=60584324&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60584324&dfp=0%2C1&la=60584324&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=1000017527&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:43 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame DBBC 43 B
253 B 15ms
15ms Image
image/gif 2.20.86.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=5&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=NYCGODFPDISPLAY1&ol=447578989&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BC9krG%3D01%2C(a%24X%24J%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-88B%2FQp3imbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jEwFHCPigVLOGg%3D%3D&sc=1&os=1-1A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=970&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=90&w=970&zGSRC=1&gu=https%3A%2F%2Fwww.nycgo.com%2Foff-broadway-week%2F&id=1&ii=1&f=1&j=https%3A%2F%2Fwww.nycgo.com&lp=https%3A%2F%2Fwww.nycgo.com&t=1644602978216&de=248997237960&cu=1644602978216&m=5421&ar=944fd8091a1-clean&iw=1929362&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=94&le=1&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A675%3A675%3A785%3A657&aa=1&ad=5307&cn=5106&gn=1&gk=5307&gl=5106&ik=5307&ic=5307&ez=1&co=1094&cp=1005&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5217&cd=5016&ah=5217&am=5016&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=33139484%3A2945629114%3A5848564009%3A138377604907&bo=60567644&bd=60624044&gw=nycgodfp891165161802&zMoatOrigSlicer1=60567644&zMoatOrigSlicer2=60624044&dfp=0%2C1&la=60624044&hv=DCM%20ins&ab=3&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=196859&na=1633129233&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.86.213 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-86-213.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 18:09:43 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 11 Feb 2022 18:09:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?xwJ7uA

Verdicts & Comments Add Verdict or Comment

349 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nycgo.com/	1970-01-20 01:33:14	Name: s_nr30 Value: 1644602976411-New
.nycgo.com/	1970-01-20 09:35:59	Name: s_vnc365 Value: 1676138976412%26vn%3D1
.nycgo.com/	1970-01-20 00:50:04	Name: s_ivc Value: true
.nycgo.com/	1970-01-20 18:21:14	Name: s_tslv Value: 1644602976414
.nycgo.com/	1970-01-20 00:50:04	Name: s_inv Value: 0
.dc.arrivalist.com/	1970-01-20 09:35:38	Name: avlcnt Value: 1
.dc.arrivalist.com/	1970-01-20 09:35:38	Name: avlukey Value: 6206a660e6f069.54830798
www.nycgo.com/	1969-12-31 23:59:59	Name: gscs Value: 1644602977.1644602977.1644602977
www.nycgo.com/	1970-01-20 18:21:14	Name: gscv Value: 1644602977.1644602977.1644602977.1
www.nycgo.com/	1970-01-20 01:33:14	Name: nycgo_page_visits Value: 1
.nycgo.com/	1970-01-20 18:21:14	Name: s_fid Value: 18DF5335E32648F3-38BEB3657D6FAF91
.nycgo.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.adnxs.com/	1970-01-20 02:59:38	Name: uuid2 Value: 2070091120481305135
.2o7.net/	1970-01-20 18:21:14	Name: s_vi_gpjnfyx7Bfm Value: [CS]v4\|31035330D90A815C-4000159BDAC346F4\|6206A661[CE]
.nycgo.com/	1970-01-20 02:59:38	Name: _fbp Value: fb.1.1644602977368.868958124
.nycgo.com/	1970-01-20 18:21:14	Name: _ga Value: GA1.2.763778666.1644602977
.nycgo.com/	1970-01-20 00:51:29	Name: _gid Value: GA1.2.1302040325.1644602977
.nycgo.com/	1970-01-20 00:50:03	Name: _gat Value: 1
.t.co/	1970-01-20 18:21:14	Name: muc_ads Value: 233679c0-0e9f-4088-aa23-7f09a00d035c
.twitter.com/	1970-01-20 18:21:14	Name: personalization_id Value: "v1_pZPuapF9gRKe1HrqhnVmcg=="
.nycgo.com/	1970-01-20 10:11:38	Name: __gads Value: ID=73468a0b6ee3579f-226eb316dccf0068:T=1644602977:S=ALNI_MYTDib_Lb2Y-k7U_asXroZjaEpB_A
.nycgo.com/	1970-01-20 02:59:38	Name: _gcl_au Value: 1.1.1678692415.1644602978
s.getsmartcontent.com/	1970-01-20 18:21:14	Name: gsci Value: 5hruykotgqtuy6ku6ihf7lxmn9sk7ztt
www.nycgo.com/	1970-01-20 18:21:14	Name: gsci Value: 3f42ff5afb842c125ca34cf1aadddd7148fd3fe4
.nycgo.com/	1970-01-20 09:35:38	Name: _pin_unauth Value: dWlkPU9EazVaVFkxTnpjdE1EQmtaQzAwTVRVMUxXSTVaVEl0WW1FNVlUQXpPVGt3TVRRMQ
.nycgo.com/	1970-01-20 18:21:14	Name: _evga_59b3 Value: c218fdb16e46bc58.
.doubleclick.net/	1970-01-20 10:11:38	Name: IDE Value: AHWqTUnNzMCLDI6qAQA0NF23amMHW_TTrbqQZGfKKQfdlbnF_8KjzbUkoZd1R5u4MqE
.nycgo.com/	1978-01-11 21:31:40	Name: sm_uuid Value: 1644603436767
.w55c.net/	1970-01-20 10:19:26	Name: wfivefivec Value: EOxJb9ox1NiAmu2
nycco-sweeps-122021.probabilityworks.cloud/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7ij5p3d6iagsg70kn3hbg8ua8k
.rfihub.com/	1970-01-20 10:11:38	Name: cmd Value: H4sIAAAAAAAAAONiNBTiNTQzMTEzMLI0tzCzNAMABssvLRIAAAA
.rfihub.com/	1970-01-20 10:11:38	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDSzMDM1NzAzNBbiM9TNCC0NLg1yT_YoLU2W4jU0MzExMzCyNLcwszQHADbWUww0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDSzMDM1NzAzNBbiM9TNCC0NLg1yT_YoLU0GAMNDYbIlAAAA
.media.net/	1970-01-20 09:35:38	Name: visitor-id Value: 2876045788397279000V10
.media.net/	1970-01-20 09:34:12	Name: data-rk Value: 5124322321173311983~~3
.adnxs.com/	1970-01-20 02:59:38	Name: anj Value: dTM7k!M4/YErk#WF']wIg2E>8p43az!]tb68i_j$PTm@MUf!LdSguC-Sl4'FXy1K8XvW@>_/!.o_V5sN3If)y3KL9D3I?*l:4b:v
.rfihub.com/	1970-01-20 10:11:38	Name: smd Value: H4sIAAAAAAAAAOPiNTQzMTEzMLI0t7A0sgQAvQ1IpA8AAAA
.eyeota.net/	1970-01-20 00:50:03	Name: SERVERID Value: 22124~DM
.spotxchange.com/	1970-01-20 09:35:42	Name: audience Value: c714afeb-8b65-11ec-b971-1bf0cf250306
www.nycgo.com/	1970-01-20 10:18:50	Name: _cb_ls Value: 1
www.nycgo.com/	1970-01-20 10:18:50	Name: _cb Value: Duk_DEDO7ZAeBIGEY3
www.nycgo.com/	1970-01-20 10:18:50	Name: _chartbeat2 Value: .1644602978988.1644602978988.1.BsXawHzsuiqDs3J80BqjnlhCpADxO.1
www.nycgo.com/	1970-01-20 00:50:04	Name: _cb_svref Value: null
.casalemedia.com/	1970-01-20 09:35:38	Name: CMID Value: YgamYnGE5KG87zvpcXK-VwAA
.casalemedia.com/	1970-01-20 02:59:38	Name: CMPS Value: 3269
.demdex.net/	1970-01-20 05:09:14	Name: demdex Value: 64271234920694591284491535079388977665
.dpm.demdex.net/	1970-01-20 05:09:14	Name: dpm Value: 64271234920694591284491535079388977665
.rezync.com/	1970-01-20 05:08:46	Name: zync-uuid Value: 043684b1-bb8c-4d7d-98c1-3d49e8416b38:1644602978.99
live.rezync.com/	1970-01-20 05:09:14	Name: sd-session-id Value: .eJwVyk0LgjAYAOC_Eu_Zw76kErptB6FNBCPWRSqHbEsLNw9N_O_Z8YFngfZjpuE-mjFCEafZZPB82U0BigWCTYPxUECOCaOEUILxnlKMjwcKawbBhGDfY2u7_949til5nZTrkXYi6qFk-ovQjXf-3Himk4iS1Ki6XpjigmgnWeUEUbwmkpe5Sv1cNf4E6_oDhicvvw.FOg34g.w2NdcAGyqp6irRx_AsoLGHku1Mo
.casalemedia.com/	1970-01-20 02:59:38	Name: CMPRO Value: 1172
.casalemedia.com/	1970-01-20 00:51:29	Name: CMST Value: YgamY2IGpmMA
.casalemedia.com/	1970-01-20 09:35:38	Name: CMRUM3 Value: 396206a66327605124322321173311983
.bidswitch.net/	1970-01-20 09:35:38	Name: tuuid Value: 0c46dc0c-7983-49a5-b0ab-739218dfd2b8
.bidswitch.net/	1970-01-20 09:35:38	Name: c Value: 1644602979
.bidswitch.net/	1970-01-20 09:35:38	Name: tuuid_lu Value: 1644602979
.rlcdn.com/	1970-01-20 09:35:38	Name: rlas3 Value: 1d8+2wR40NizRcideScGPapgFNHiGhRhE2651BmJyjI=
.rlcdn.com/	1970-01-20 02:16:26	Name: pxrc Value: COPMmpAGEgYIuuoBEAA=
.everesttech.net/	1970-01-20 09:35:38	Name: everest_g_v2 Value: g_surferid~YgamYwAFeSx-IQBH
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dc-sNDLTrTAOMzHMzawMKQp2iXcMDlzFKBCZnpgbWe7olhpcoesZ6OTRxGJkYGJsZmGSZKiblGSRrGuSYp6ia2mRbKhrnGJimWphYmiWZGxhZWhmYmJmYGRpbqFnaQkA9AUEiGYAAAA
.rfihub.com/	1970-01-20 10:11:38	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12dc-sNDLTrTAOMzHMzawMKQp2iXcMDgziNTQzMTEzMLI0t7A0spjFiMQ3NzBYhcZ_hcb_hca_xYJsnoHFIlaByPTE3MhyR7fU4Apdz0Anj1WsCCWWhqZmk4SNDEyMzSxMkgx1k5IsknVNUsxTdC0tkg11jVNMLFMtTAzNkowtrBDm6llazhJGMsTAwgAAkXFXsuUAAAA
www.pinterest.de/	1970-01-20 09:28:26	Name: _pinterest_sess Value: TWc9PSZiSERaM0l1cFNVK1pqTDhSRmpTcXJ4WStTbURZM2RxY3IwUnp5VWZYRUplMDBBYUNGb0dwWjRaMkVrQkJzM3ZyTlN6bUcrRDlQdk9VZEJMUldOM0xXRmRVNlpHdld5V3VYcWl0MHNoeUQ2bz0mczU3VjhORnB4RHgybHBBbG85bkxZSGxJMXljPQ==
.krxd.net/	1970-01-20 05:09:14	Name: _kuid_ Value: OqBVKSxj
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 216e14054d9b6c9a

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://z.moatads.com/nycgodfp891165161802/moatad.js(Line 132) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://z.moatads.com/nycgodfp891165161802/moatad.js(Line 132) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-ab129a34af7124c80af1f82b4e354305' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .online.tableau.com .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10272577.fls.doubleclick.net
20827626p.rfihub.com
20827843p.rfihub.com
34666103a5e8bf891b3507ac8170217a.safeframe.googlesyndication.com
3j0pw4ed7uac-a.akamaihd.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics-sm.com
analytics.twitter.com
assets.adobedtm.com
bam-cell.nr-data.net
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdn.evgnet.com
cdn.getsmartcontent.com
cdnjs.cloudflare.com
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
ct.pinterest.com
dc.arrivalist.com
dpm.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
images.nycgo.com
js-agent.newrelic.com
live.rezync.com
login.dotomi.com
maps.googleapis.com
nycco-sweeps-122021.probabilityworks.cloud
nycgo.evergage.com
nycgoprod.112.2o7.net
origin-www.nycgo.com
p.rfihub.com
pagead2.googlesyndication.com
partners.tremorhub.com
ping.chartbeat.net
pixel.rubiconproject.com
ps.eyeota.net
px.moatads.com
s.getsmartcontent.com
s.pinimg.com
s0.2mdn.net
securepubads.g.doubleclick.net
service.nycgo.com
stags.bluekai.com
static.ads-twitter.com
static.chartbeat.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.co
tags.w55c.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.nycgo.com
www.pinterest.com
www.pinterest.de
x.bidswitch.net
x.dlx.addthis.com
z.moatads.com
tpc.googlesyndication.com
104.111.215.191
104.111.232.58
104.244.42.197
104.244.42.67
104.84.56.209
104.90.185.183
104.92.74.116
104.92.74.173
108.157.4.98
13.36.218.177
142.250.184.226
142.250.185.134
142.250.186.98
151.101.12.157
151.101.128.114
151.101.130.49
151.101.194.137
151.139.237.219
162.247.243.146
172.217.23.98
18.192.132.137
18.66.2.63
18.66.248.65
185.33.221.90
185.94.180.125
193.0.160.128
2.20.85.164
2.20.86.213
209.97.149.49
2600:1f18:612b:4232:5007:e458:edcf:dd38
2600:9000:214f:1400:18:1fcd:34f:cdc1
2600:9000:2156:6600:1:76cf:fe80:93a1
2606:4700::6810:135e
2a00:1450:4001:800::2006
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a02:26f0:6c00:299::1e80
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::614
2a04:4e42:62::84
3.124.150.38
3.126.16.11
3.127.178.105
3.223.170.70
34.238.149.180
34.246.16.33
35.244.174.68
52.200.156.204
52.28.188.15
52.36.230.128
52.71.51.137
52.86.65.180
64.158.223.140
69.173.144.165
92.123.194.113
008676201e4f01df3ba7239b6602dd52951c2262c8d5b635f7396f21f34ff8f3
0321d90be5ec15cff0f618931594d1fb2af52b07d770c1eff6cfc61d87f7ecac
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
04966ea2f74c08f7ea69a5f38a57a3c5685716c7c85abdb9d7a053127d4126d3
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110de602c0d0d5284be73180f73923918eb69384fed76a3b5b0f8caa9d9745e4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
133b0a1570d26f9e1beeecaeb4587a8f449c65bff8c87895cdd7e98879644ba6
140ceebf0711c56a234f859194939a4664dab33e6efb47ed9b88de2e066f7318
14b099ca05d58d5155645770335d7cf8c6b0f22b7a0f547f57a014698cd5208b
1940bb824f6d3f3bb17e6f4bbf705246839773ab7bb562a176670ec10e717c6d
199d12add96436f325238d197311a7b92b9cc9ec19d40e5fb27179659b4f2c9b
1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4
2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763
21d6073a139bf30bec316adc0301c085870c49486b04cd8138e45067b4bed475
22c432bc4608a33dbeebe465a7e638d7bee9af2550f9f5285708ae75ded307d7
22d0f781ce255e69162447cd18c00d337aebd1bc6ef126a867654ae31ac7246c
2747f34c4bad50219966f9b176520d3f8fb86195096ddb6e74e12a41486a3e5b
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228
2dfe7f9378a3945f6867525aa26c51d976d9e4447bf168cb2ff4bda8c3cb6157
31a41e7e172d9e731fc5141241702e82c3a4c09e4aaca3f5327640db64ff6c8d
31c77770ceb2db18f6d59d010c75dbd711f4724e34fdd41bc50d2657c9697460
31f4dc16175ce9644251f825ac083991b64f8c1048f66515600ae9fd20888240
32a426dfecc30304a96fa7bea231121415c9a055d47fdfb06056a40229ec9de7
335e894b8b7a4e49df91b8cae8cfe2b0db943cb34d60e107bd87c90c5ab508ca
34cc818f08a314f41ec42ab10824fda4a0010716a3c07395700cb2a290976663
35791a7fea75b9b1311561b2bf6361da59cdb611c5032162157f9b7d0fada088
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3c3eda9af621b89b69dfed74997f0190bd25fed9957521ff8ebb1a7b701f2ba4
3d9b1200ae97fa3c872beae6088439712031f8f6875fd2dffefda21548293944
3f7bb50ffe2e8b45b5f549ac70f01ecf3e10dc125b0d97b7db7ab5fcbeeb12a9
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
409b00f742127540d7820b3aa9a6200adac141e7708eae1cec04da530f23689d
40f01f813f2a0e0cd56d0db188dd8194696b232c473fd422e3ab36fecaab2e71
42b950f562b96f0f8f54fec15b15f3b88cd9a714f31fb37cd94e5e367fa09d3c
43356a80f90ff7412ecfa190dc20e1c7faf039b79efe8bca201dcd6347860ead
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48dbb832581bb1828766b197fefa8c9104a424f42a6a382eec3268367fb93025
491b181dad62439b16d11a85602c468f33be38c224cd7afe34a57bf6ed745b99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4fa39213dffa07ebd19e62a8130dadf50a547d1bb2d17dd6d4fb4d2c00e50f89
4ff84c00d295e5eff32b18c3933bb245ba7de8a0828e91a9c6eb99d6f3b16c63
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5164efdedb9c01c7c202111568dfa7532ccbfc29b3e70e31f526f7a5587fcd93
523b69aa8c9d8b447bcbdc598e0495e5651ed64f66b6bf4078991bf2b4e64344
525f9310680ab92c717c04f3929d07af51c7cb8b9ead43e7f1a4729f3071ac1d
5380a40cc256efd6ffadfd896787b9a32dc0ca1e7e733ab7a44a89250c4399b3
548de77f1d3854c15d0084b7e0d7a26792ed31a45ca9777d7deb453a468c2e88
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f05527c55ea745f5075d29174659f57169ac5f6d9d39ed00ff7da245652f1f
5619a8a9168d56fef7b0a650649361e1a71a436b45339a16bdd0a0eb7aa7af5e
5b6c3ae57728358f2b479f6608120fa9b1b57d0469739db47c0153db1f89267e
5c3dbfb84c509437cbbb9209c8717e0df34927af36cdfd8456e3debd02f3ac4e
5d3593d2330bbb00da77fb715a607aa0be2f7b4954c0be3b3141e2033958839e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6550b02f721a03800f8aab48f1bcc3271746dafdc51af8b11492df15dc4b53da
74175a5def5aed00685eb42da25d052a315562b949c8fb153ac54f1745a4a6c8
78b5cf04196c0ca36ca473da61dded6a240e3ef378bc32996c136eb623f79197
7d2ef55b9bcc89fd2c4e8f0f1fb4f084b210a3e5ad23a64ce88592e05c970e77
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
81edc56241c41fa861aac6add54b7b55af49a920732e978ec498d8024ca14e22
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8331323b55c565b4fabb597d0cb60280489e3079cc8ce9fdcba6fb4c676c7747
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
843c4100dfaaf74efcdfaf70aaceb861f4d1d79debfb1371866a0286fbed4aee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851b0c11cee2230c998a99d3f2e56a13ae1b8abc3de3c05e3dee88e8bbf6cd7d
86b6b94e6ff7f24578bbb3d769f88f11beaa016e9c8895b383affe8fd3212fed
8787ba7d9ba5fd671930aec15440d15f786fc9c17eaaf3795a7a698b1aa81ee6
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
98ac78bff54a67c96a386e915b91387d88db3cbd9e4de9a5c0451576fbdd9951
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
9d2d03f65dd47f3d08b9f3bc1cf34a969acdfefa639ed47a8702c9a6a12e1d27
a018bd8daf39fdbb04811fec8738c544e2fb5acbe7d967d679ecb43747afd48c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d81d86b0088fae78c179cad32b4566009767fe886f05d5b612a04e524c8c24
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ae1df5aa88ab77fc2940878600ab7b624e5b30e0239946e2eadcce36f33940
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa1f1ccbddc611bc6aba4a493d5c7709901260f24068ecdef0423a48dc624502
aa91bf466c13dc3d1a77701ee123b9361fea36ed9751514cbde34610826c5593
ab0c14fe5d483ff7ea8e18699d87ef7d28cb87840d8479915c95baaf4f1aba7d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b109e09a5d075d2291f160c34e0d27020ccbda48a723e8453f90dc1d9409115e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b49efe8656edb512c432f6ffb4c95dfe366d94e19253e9f80cd3d4c834340228
b4c5ad98c39e015134436868f0d84f1d3614e10b64a59f450f910d118acc15a9
b9e056f2356ff70aaaa3fd3da9cc1d5f549c3d758ad677d426d5a8c1326f5b8d
ba951d02435f541cead25f625f1a3cafbec20a65ecaa7fbd561b2af1227f884e
bd3b37a8818bb370c0a701e19186f1ea86e9e9a4f5338766901d8d26c330fa5e
beb0fa025b0362349aaf13140ec1a2554d21a003d0b0f8dd38cdc455f854a924
c0b4cb8ab98e450fcc767cf19b30ce3bffb05150cb71984ede5e7d3056440748
c1bee4e8a24acad6f7b38f922e67f9ca90df8c54de6ec570265728707485c83e
c6a8db162e9c771134ba27281df5338087590bf3a00d1765ec3382c20628b345
c97bb3ca107ce9dff21b27d98703b6b7e6cd813d252ce8b1afb1bca174ce49fb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdef6038f606a5ad81312da4f20c70ef4826359847805683f3e92125bfdcfbf2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5b15cc14f7e212b2b1154d39601171968b66cd7e908162e1d5324b0bf9daa67
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d76aa4395e4aec3b94a5ab6b6f5f19f56bdf249d38d482b330fb851aeaa1dc01
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc3a2c27e4e9b70186b84f625f22f85fd95dcd748a82d9f486f60679ba64a9c9
de17bd4924cf4f37df1890d004e4d972fa7fce83bb13cbf4dfc7a456d67fe958
de71e3be1643c465c384292eb4d43504c7e1ef7a2f07b005155970fd5c55f4dd
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3081babbd1ee2b3b36bddb5d6344b1e1faf1c1b2de1d0a84dd4b8f889534c1a
e315cf147c1cb58718a439868dcb16a4e60bf0999c6652434eadf367ffa3cb02
e39473edb7627601fd4891eca935fe442855c914ca2b582743d01382acf006cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8a464aaa575f4a845b0f4a8b1417b1f935b792529e1ca6c4bf5a20a01c70013
ec821a0596673fc8ea6d6184bcc217de6995c2fb647d32b01d560e7bf8436f82
ecc9b6e0c77fee9c0473b1b6c8c5bdd0147d48598d15e69640db26e86c7f99f4
ef0e7abf5a57bae351b7bd0f252a3b130eff212b154c127302f39b86340d7810
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03860dc78e4e33157509428d603113effdc140a2ae4f17e5913a3406f7a595d
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f304461126d7a393030a9a149fe50da5a5c68252c1cc87561a5c04547d0eaaf9
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f552b787531535f644cbd2438cf51767074d55f3adc94ad1c2cce5640be0927b
f6e6cf217f7f130dbb3c52f3c0f2945726b43f45a5e49e596be45d5920fd5cf2
fc61eef243fa47845cbb95d6c3078ad2fda22fa9924a1daaf535438b2ad299a6
fdf6af253e37b9611eefe4102e1d3084fa175e7200dba32459d98f56ee38fac8
ff621854fb4a7722e5f02fbfd1f8e425d65bb7867463897b42c838e4c4da9ba1
ff8eb1254520181c83fbf8c7b13f6a555c076e52635e70631a98f574b448a130

www.nycgo.com Open in urlscan Pro 104.111.232.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

214 Requests

89 %HTTPS

34 %IPv6

57 Domains

76 Subdomains

64 IPs

7 Countries

3049 kBTransfer

8166 kBSize

63 Cookies

37 Outgoing links

Redirected requests

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nycgo.com Open in urlscan Pro
104.111.232.58 Public Scan

Screenshot
Live screenshot

Full Image

214
Requests

89 %
HTTPS

34 %
IPv6

57
Domains

76
Subdomains

64
IPs

7
Countries

3049 kB
Transfer

8166 kB
Size

63
Cookies

214 HTTP transactions
2 data transactions