www.nbcnews.com Open in urlscan Pro
2600:141b:e800:c93::2506 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nbcnews.com/news/amp/rcna91341
Submission: On June 28 via manual (June 28th 2023, 4:23:35 pm UTC) from US — Scanned from US

Summary HTTP 364 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 77 IPs in 4 countries across 54 domains to perform 364 HTTP transactions. The main IP is 2600:141b:e800:c93::2506, located in Piscataway, United States and belongs to AKAMAI-ASN1, NL. The main domain is www.nbcnews.com. The Cisco Umbrella rank of the primary domain is 15839.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 8th 2022. Valid for: a year.

This is the only time www.nbcnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2600:141b:e80... 2600:141b:e800:c93::2506	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
7	2600:141b:900... 2600:141b:9000:59e::2506	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:141b:13:... 2600:141b:13:7a2::a1d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:210b:b400:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
6	18.164.98.157 18.164.98.157	16509 (AMAZON-02) (AMAZON-02)
10	50.16.161.49 50.16.161.49	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.38.178 63.140.38.178	14618 (AMAZON-AES) (AMAZON-AES)
2	34.231.207.29 34.231.207.29	14618 (AMAZON-AES) (AMAZON-AES)
1 4	18.164.96.90 18.164.96.90	16509 (AMAZON-02) (AMAZON-02)
16	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
6	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
5	23.193.121.161 23.193.121.161	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2600:9000:23c... 2600:9000:23cb:7200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
4	104.77.247.148 104.77.247.148	16625 (AKAMAI-AS) (AKAMAI-AS)
5	52.204.143.235 52.204.143.235	14618 (AMAZON-AES) (AMAZON-AES)
4	3.221.217.222 3.221.217.222	14618 (AMAZON-AES) (AMAZON-AES)
19	184.84.133.161 184.84.133.161	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
13	34.230.152.154 34.230.152.154	14618 (AMAZON-AES) (AMAZON-AES)
4	2602:803:c002... 2602:803:c002:300::76	26667 (RUBICONPR...) (RUBICONPROJECT)
4 8	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
5	54.157.17.18 54.157.17.18	14618 (AMAZON-AES) (AMAZON-AES)
8	104.66.236.17 104.66.236.17	16625 (AKAMAI-AS) (AKAMAI-AS)
32	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
4	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
10	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
5	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:911:ca5:2fec:7420	14618 (AMAZON-AES) (AMAZON-AES)
3 9	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5 7	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
2 3	67.220.228.200 67.220.228.200	16509 (AMAZON-02) (AMAZON-02)
2 3	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1 4	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
4 4	68.67.179.113 68.67.179.113	29990 (ASN-APPNEX) (ASN-APPNEX)
1 4	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
3	96.17.64.29 96.17.64.29	16625 (AKAMAI-AS) (AKAMAI-AS)
3	3.223.221.83 3.223.221.83	14618 (AMAZON-AES) (AMAZON-AES)
3	23.105.12.150 23.105.12.150	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	23.200.197.46 23.200.197.46	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	35.71.139.29 35.71.139.29	16509 (AMAZON-02) (AMAZON-02)
1 4	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
3	202.241.208.53 202.241.208.53	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
3	195.244.31.11 195.244.31.11	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
8 9	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
3	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	63.251.28.234 63.251.28.234	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 4	54.159.205.59 54.159.205.59	14618 (AMAZON-AES) (AMAZON-AES)
3	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 4	3.229.170.24 3.229.170.24	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550e:4578:8034:184b:4f8b	14618 (AMAZON-AES) (AMAZON-AES)
3	3.211.77.134 3.211.77.134	14618 (AMAZON-AES) (AMAZON-AES)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.225.14.251 3.225.14.251	14618 (AMAZON-AES) (AMAZON-AES)
2	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	54.145.113.152 54.145.113.152	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2600:9000:220... 2600:9000:2209:4400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	54.147.140.130 54.147.140.130	14618 (AMAZON-AES) (AMAZON-AES)
2	108.138.128.21 108.138.128.21	16509 (AMAZON-02) (AMAZON-02)
6	151.101.193.44 151.101.193.44	() ()
2	2600:1f18:612... 2600:1f18:612b:4200:180a:bb6b:7eca:821b	() ()
2	2600:141b:e80... 2600:141b:e800:39::17c6:d61a	() ()
2	34.102.166.132 34.102.166.132	() ()
2	34.202.209.8 34.202.209.8	() ()
2	141.226.124.48 141.226.124.48	() ()
364	77

1 2600:141b:e800:c93::2506 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)

www.nbcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2607:f8b0:4006:816::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:141b:9000:59e::2506 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

nodeassets.nbcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13:7a2::a1d (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

media-cldnry.s-nbcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

d-37003659051456368343.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

3p.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:b400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

nbcnews.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.164.98.157 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-98-157.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 50.16.161.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-161-49.compute-1.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.178 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-178.data.adobedc.net

aamt.nbcnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.207.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-207-29.compute-1.amazonaws.com

srv.pixel.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.164.96.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:820::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

pixels.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:817::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2001 (Flushing, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81f::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.193.121.161 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-193-121-161.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:23cb:7200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.77.247.148 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-247-148.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.204.143.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-143-235.compute-1.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.221.217.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-217-222.compute-1.amazonaws.com

pg-prebid-server-aws-use1.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 184.84.133.161 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-84-133-161.deploy.static.akamaitechnologies.com

nbcudisplay.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.230.152.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-152-154.compute-1.amazonaws.com

s.update.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c002:300::76 (United States)

ASN26667 (RUBICONPROJECT, US)

beacon-iad3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.43.72.97 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.157.17.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-17-18.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.66.236.17 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-66-236-17.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:911:ca5:2fec:7420 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 8.43.72.98 (United States) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.81.226 (Staten Island, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.228.200 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.54.182.161 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.211.178.172 (North Charleston, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.113 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.75 (New York, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.17.64.29 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-29.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.223.221.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-221-83.compute-1.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.105.12.150 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.200.197.46 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-197-46.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.139.29 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.200.65.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 202.241.208.53 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:100:a001::c (United States) 8 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.223.57.84 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.40.39.223 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.251.28.234 (United States)

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.159.205.59 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-205-59.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.229.170.24 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-170-24.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:4578:8034:184b:4f8b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.211.77.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-77-134.compute-1.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.225.14.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-14-251.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.145.113.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-113-152.compute-1.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2209:4400:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.147.140.130 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-140-130.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-21.jfk50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.44 (None, )

ASN- ()

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:180a:bb6b:7eca:821b (None, )

ASN- ()

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:e800:39::17c6:d61a (None, )

ASN- ()

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.166.132 (None, )

ASN- ()

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.202.209.8 (None, )

ASN- ()

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.124.48 (None, )

ASN- ()

ch-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	criteo.net static.criteo.net — Cisco Umbrella Rank: 568 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3134 csm.us.criteo.net — Cisco Umbrella Rank: 3113	428 KB
60	rubiconproject.com 7 redirects prebid-server.rubiconproject.com — Cisco Umbrella Rank: 999 ads.rubiconproject.com — Cisco Umbrella Rank: 2137 pg-prebid-server-aws-use1.rubiconproject.com — Cisco Umbrella Rank: 14462 s.update.rubiconproject.com — Cisco Umbrella Rank: 4939 beacon-iad3.rubiconproject.com — Cisco Umbrella Rank: 2483 token.rubiconproject.com — Cisco Umbrella Rank: 652 eus.rubiconproject.com — Cisco Umbrella Rank: 616 pixel.rubiconproject.com — Cisco Umbrella Rank: 374	164 KB
27	criteo.com 8 redirects ads.us.criteo.com — Cisco Umbrella Rank: 2980 cat.va.us.criteo.com — Cisco Umbrella Rank: 2912 widget.va.us.criteo.com — Cisco Umbrella Rank: 6121 dis.criteo.com — Cisco Umbrella Rank: 608 gum.criteo.com — Cisco Umbrella Rank: 405	216 KB
25	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	433 KB
23	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	70 KB
19	moatpixel.com nbcudisplay.s.moatpixel.com — Cisco Umbrella Rank: 14391	5 KB
12	amazon-adsystem.com 4 redirects aax.amazon-adsystem.com — Cisco Umbrella Rank: 438 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025 s.amazon-adsystem.com — Cisco Umbrella Rank: 333	7 KB
11	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1321 cdn.taboola.com pm-widget.taboola.com trc.taboola.com ch-trc-events.taboola.com	270 KB
10	moatads.com z.moatads.com — Cisco Umbrella Rank: 639 geo.moatads.com — Cisco Umbrella Rank: 742	573 KB
9	nbcnews.com www.nbcnews.com — Cisco Umbrella Rank: 15839 nodeassets.nbcnews.com — Cisco Umbrella Rank: 18312 aamt.nbcnews.com — Cisco Umbrella Rank: 28957	283 KB
8	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 469	8 KB
8	googlesyndication.com d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	110 KB
7	agkn.com d.agkn.com — Cisco Umbrella Rank: 696 aa.agkn.com — Cisco Umbrella Rank: 533	4 KB
5	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 697 i6.liadm.com — Cisco Umbrella Rank: 2150	3 KB
5	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	1 KB
5	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 620	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	280 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	3 KB
4	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 670	2 KB
4	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1573	3 KB
4	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 422	1 KB
4	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	19 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 162	4 KB
4	ampproject.net d-37003659051456368343.ampproject.net 3p.ampproject.net — Cisco Umbrella Rank: 6203	15 KB
3	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 822	1 KB
3	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1226	3 KB
3	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2951	438 B
3	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 643	2 KB
3	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 662	1 KB
3	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1006	724 B
3	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1109	3 KB
3	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2136	604 B
3	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623	2 KB
3	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 566	2 KB
3	media.net contextual.media.net — Cisco Umbrella Rank: 675	2 KB
3	s-nbcnews.com media-cldnry.s-nbcnews.com — Cisco Umbrella Rank: 16767	1 MB
2	yieldmo.com sync-criteo.ads.yieldmo.com	1 KB
2	tpmn.co.kr ad.tpmn.co.kr	1 KB
2	clmbtech.com ade.clmbtech.com	518 B
2	tremorhub.com criteo-partners.tremorhub.com	690 B
2	tapad.com tapestry.tapad.com — Cisco Umbrella Rank: 1547	863 B
2	revcontent.com trends.revcontent.com — Cisco Umbrella Rank: 2055
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 797	1007 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 778	574 B
2	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1262	1 KB
2	bing.com c.bing.com — Cisco Umbrella Rank: 258	839 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 383	946 B
2	parsely.com srv.pixel.parsely.com — Cisco Umbrella Rank: 13691	520 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 414	516 B
1	mparticle.com pixels.mparticle.com — Cisco Umbrella Rank: 58283	200 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 113	482 B
1	app.link nbcnews.app.link — Cisco Umbrella Rank: 105949	743 B
0	nbcuni.com Failed mps.nbcuni.com Failed
364	54

	Domain	Requested by
32	static.criteo.net	ads.us.criteo.com
26	imageproxy.us.criteo.net	ads.us.criteo.com
25	cdn.ampproject.org	www.nbcnews.com cdn.ampproject.org
19	nbcudisplay.s.moatpixel.com	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
16	securepubads.g.doubleclick.net	cdn.ampproject.org d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com www.googletagservices.com
13	s.update.rubiconproject.com	ads.rubiconproject.com s.update.rubiconproject.com
10	prebid-server.rubiconproject.com	cdn.ampproject.org d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
9	gum.criteo.com	8 redirects cdn.taboola.com
9	pixel.rubiconproject.com	3 redirects ads.us.criteo.com widget.va.us.criteo.com
8	eus.rubiconproject.com	ads.rubiconproject.com eus.rubiconproject.com
8	token.rubiconproject.com	4 redirects d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
7	cm.g.doubleclick.net	5 redirects
7	nodeassets.nbcnews.com
6	dis.criteo.com	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com ads.us.criteo.com
6	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com	cdn.ampproject.org
6	aax.amazon-adsystem.com	cdn.ampproject.org
5	csm.us.criteo.net	ads.us.criteo.com
5	beacon.krxd.net	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
5	geo.moatads.com	z.moatads.com
5	d.agkn.com	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com ads.us.criteo.com
5	z.moatads.com	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
5	www.googletagservices.com	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
4	dpm.demdex.net	1 redirects
4	i.liadm.com	2 redirects widget.va.us.criteo.com
4	ad.360yield.com	1 redirects widget.va.us.criteo.com
4	r.casalemedia.com	1 redirects widget.va.us.criteo.com
4	ups.analytics.yahoo.com	1 redirects ads.us.criteo.com
4	eb2.3lift.com	1 redirects widget.va.us.criteo.com
4	secure.adnxs.com	1 redirects ads.us.criteo.com widget.va.us.criteo.com
4	ib.adnxs.com	4 redirects
4	x.bidswitch.net	1 redirects widget.va.us.criteo.com
4	cdnjs.cloudflare.com	ads.us.criteo.com
4	widget.va.us.criteo.com	ads.us.criteo.com
4	cat.va.us.criteo.com	ads.us.criteo.com
4	beacon-iad3.rubiconproject.com	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
4	ads.us.criteo.com	ads.rubiconproject.com
4	pg-prebid-server-aws-use1.rubiconproject.com	ads.rubiconproject.com
4	ads.rubiconproject.com	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
4	sb.scorecardresearch.com	1 redirects cdn.taboola.com d-37003659051456368343.ampproject.net
3	cdn.taboola.com	3p.ampproject.net cdn.taboola.com
3	s.ad.smaato.net	1 redirects ads.us.criteo.com
3	exchange.mediavine.com	ads.us.criteo.com
3	matching.ivitrack.com	ads.us.criteo.com widget.va.us.criteo.com
3	ads.stickyadstv.com	ads.us.criteo.com widget.va.us.criteo.com
3	tags.bluekai.com	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
3	visitor.omnitagjs.com	ads.us.criteo.com widget.va.us.criteo.com
3	tg.socdm.com	ads.us.criteo.com widget.va.us.criteo.com
3	criteo-sync.teads.tv	ads.us.criteo.com widget.va.us.criteo.com
3	sync-t1.taboola.com	ads.us.criteo.com
3	rtb-csync.smartadserver.com	ads.us.criteo.com widget.va.us.criteo.com
3	match.sharethrough.com	ads.us.criteo.com widget.va.us.criteo.com
3	contextual.media.net	ads.us.criteo.com widget.va.us.criteo.com
3	s.amazon-adsystem.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	media-cldnry.s-nbcnews.com	www.nbcnews.com
2	ch-trc-events.taboola.com
2	sync-criteo.ads.yieldmo.com	ads.us.criteo.com widget.va.us.criteo.com
2	ad.tpmn.co.kr	ads.us.criteo.com widget.va.us.criteo.com
2	ade.clmbtech.com	ads.us.criteo.com widget.va.us.criteo.com
2	criteo-partners.tremorhub.com	ads.us.criteo.com widget.va.us.criteo.com
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	aa.agkn.com
2	tapestry.tapad.com	ads.us.criteo.com widget.va.us.criteo.com
2	trends.revcontent.com	ads.us.criteo.com
2	simage2.pubmatic.com	ads.us.criteo.com widget.va.us.criteo.com
2	sync.outbrain.com	ads.us.criteo.com
2	jadserve.postrelease.com	ads.us.criteo.com widget.va.us.criteo.com
2	c.bing.com	ads.us.criteo.com widget.va.us.criteo.com
2	match.adsrvr.org	2 redirects
2	tpc.googlesyndication.com	d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
2	srv.pixel.parsely.com
2	3p.ampproject.net	cdn.ampproject.org d-37003659051456368343.ampproject.net
2	d-37003659051456368343.ampproject.net	cdn.ampproject.org
1	trc.taboola.com	cdn.taboola.com
1	i6.liadm.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com
1	pixels.mparticle.com
1	aamt.nbcnews.com
1	adservice.google.com	cdn.ampproject.org
1	nbcnews.app.link	cdn.ampproject.org
1	www.nbcnews.com
0	mps.nbcuni.com Failed	cdn.ampproject.org
364	83

This site contains links to these domains. Also see Links.

Domain
www.nbcsports.com
story.snapchat.com
www.today.com
www.msnbc.com
www.facebook.com
www.twitter.com
secure.nbcnews.com
www.cnbc.com
www.nbc.com
www.nbcuacademy.com
www.youtube.com
www.peacocktv.com
veterans.nbcnews.com
www.parenttoolkit.com
nbcnews.zendesk.com
www.nbcunicareers.com
www.nbcuniversal.com
together.nbcuni.com
twitter.com
www.huffpost.com
web.colby.edu
mediaburn.org
www.newyorker.com
chicagomag.com
gothamist.com

Subject Issuer	Validity	Valid
*.nbcnews.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-10`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.s-nbcnews.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-14` - `2023-12-14`	a year	crt.sh
appipv4.link Amazon RSA 2048 M02	`2023-04-25` - `2024-05-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
aamt.nbcnews.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.pixel.parsely.com R3	`2023-05-19` - `2023-08-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
pixels.mparticle.com R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-27` - `2023-09-23`	3 months	crt.sh
post.update.rubiconproject.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-01` - `2023-08-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-04` - `2023-08-31`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2023-05-31` - `2024-06-30`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M01	`2023-04-05` - `2024-05-03`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.postrelease.com Amazon RSA 2048 M01	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-02-28` - `2023-09-14`	7 months	crt.sh
*.liadm.com Amazon RSA 2048 M01	`2023-02-21` - `2023-10-29`	8 months	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
colombiaonline.com R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
ad.tpmn.co.kr GTS CA 1D4	`2023-06-12` - `2023-09-10`	3 months	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M02	`2023-02-27` - `2023-09-20`	7 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.nbcnews.com/news/amp/rcna91341
Frame ID: 474812AA57D4837F103BACBB91F0683F
Requests: 75 HTTP requests in this frame

Frame: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 413D9AE8D51BA9B124A27DED9089F63B
Requests: 16 HTTP requests in this frame

Frame: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 3CE60453CD9779AEF9F7E643AC189FE2
Requests: 31 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=EB7F2C09E0DD3875&u=%7C2uIPFsOlszpFc4H0plTXkdcC8MH0fQilX1ELHJn709A%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6LjxFwO6I_AuZ5eoyomZf5q8-f27TvXh85i1Ub2p7pH5GsEM56cJ3HDa7kgkOY5IrYW0Aa80dcHVfyzgJs1ehvCDlPKM8ZrD39nY3qtRC-MfqJWGvKHgcwqr3wWggGYFmDQqxeDYu4R46vq5jp_p-tIV5OO3jsFnAMByqeN55j73qvwUJCrvJS1yuROZaHh5Djh7_LOTRDOLAlmcYDCkCnNYa7FwGKZ-8JxiP-pwiDQa3_eQG-QdGNMVqCYwEGMML_HFIPTL04L2-nCWYEPnEX4taQBCYDerU0GnTZsGvHFmjf4xR3APdwTWNvlGjhXqhNtl1uts98A7eIbBpqUzAl3xZvJwJve6fcatwV3ydJ1RKym7UvUE-rVTSf68Ib9qIrNf_UvVtzvd9_LnR4C-7KDRqaCEJZkQYAXEmLsy_oR8XCSJZUTNWaDyocTguQMVrXa5jR56FTVJAJjm1Ct3ardhnZD3TPtdF0fwvQ1KEFgFNK9LQpwVYyeoPRTyNt4rh_zudFDvuMI4eckgJiqQXG6Vu7JAEqV8TO-bY5JNR-CCqJrYNHmNJrqB1Zq2l4FRtSXA
Frame ID: 5025774C5862537CD9EECAECA0880529
Requests: 20 HTTP requests in this frame

Frame: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 12D2674F5BE962BF664E35456C55E7CF
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Frame ID: AC317B4BBE05B279A09F7E4BF11DBDFD
Requests: 10 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Frame ID: CC49F617826E04CB9F850001773C3ED6
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Frame ID: 371F78BF49544D84B1CD776F71B12D89
Requests: 2 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e7c7d316ef9ea85409072d9d1ab&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Frame ID: 0F7A81DA2A5616C385A50793693D0342
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e7ccc286cd81fc77048bdb4deac&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Frame ID: 4275CC3457ADD035C9EC9A32493CCA98
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30
Frame ID: E78C2F6707A9EF270A67FD887F35F931
Requests: 30 HTTP requests in this frame

Frame: blob://https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/83f91d53-24c1-4e9a-beb0-553b4f82e2bb
Frame ID: A4A9E522173AA027B0E874F2219F08CA
Requests: 1 HTTP requests in this frame

Frame: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: FB977429E866C208F5D37A79850B242D
Requests: 16 HTTP requests in this frame

Frame: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 4D021D2D522B5209FA50CE550AD5C087
Requests: 16 HTTP requests in this frame

Frame: https://d-37003659051456368343.ampproject.net/2305252018001/frame.html
Frame ID: 48E38DE4BF2F3E39EFCFC25772EB566A
Requests: 13 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI
Frame ID: E9CECCEB4CA46DC3234EE28311D1D1D1
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Frame ID: 33A7C692346063863C81BDE7D26C7454
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszrZ9ddRR%2B4BgMOsVR5YMSLSGiSXcxNYOyI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj7RzAZ7q3qM1J43OZvGEZwG2jwkJK6dLPjwkahxptuUKWub2B_mg0Ocxn3HnBZRdKgSTTG6ki-F3azyf66iXE3hWGFr6O5goN0ZPfDV44mSQvHE509BpapWvP8QZzumakgIdU4d4KSLYSmYYhXbBp0OPAZXDpoZ8fPNlLcMR0v7qqk1WDZwTpI6LD98k11EpGNFAmYLJnrotrG2M3WJXsw9UYuemV856UlAdAYcCypPr8d9Oxa8gNf2QDuir7Q6QhCulh4jorrWWw5I-V14dgdjwbJNo-uSHTolUrI1GRoFnIAj5RcXfIdrIVkPO31HvidQ9TAUopRrfNqx4D5Qo7nnXsY6skyX258Pm8JsNQA_MrhZRZKqZxEbxf7eYo8IjG-6bmKE9su5liVwLI5zPxe94o7wjsgb8-rhb5E16VktcX__5yPExxTV0bPHlumlyQkDJAmiENEjP4ubX6PbTh4E0L8_EJJkMcqbZ4SHbbrjmXgk6jBbU6uP_zW9jma7tdiSPpZGq4pCRzen6GSLomQ7nh7xbroNwaeWMMtsA0yAIQ8yu-798ga8
Frame ID: C5A8C7392491F59FE7A90C89D91059AC
Requests: 23 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Frame ID: 970DAE22E518F25EEDF73021945A1931
Requests: 2 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Frame ID: BF181AE8F6763C4F57B57C11AFD86C0A
Requests: 1 HTTP requests in this frame

Frame: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Frame ID: A1A92955F5322D8E8A49E46B57747591
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30
Frame ID: 0118B0443F00031714EAB4D6688CC950
Requests: 30 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-0MsoDLqTJUy6P9YzotYFLGS1Dp5J4aeaIg4Hog
Frame ID: B0A309E496B986F523BF4FECA07321C8
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

‘We’re Coming For Your Children’ chant at NYC Drag March elicits outrage, but activists say it’s taken out of contextNBC News LogoNBC News LogoNBC News LogoMSNBC LogoToday Logo

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

364
Requests

89 %
HTTPS

35 %
IPv6

54
Domains

83
Subdomains

77
IPs

4
Countries

3987 kB
Transfer

8984 kB
Size

76
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nbcsports.com/?cid=eref:nbcnews:text
Title: Sports

Search URL Search Domain Scan URL

URL: https://story.snapchat.com/p/8bb879c7-45c0-499c-bb3c-7a3d0e229301/347654839924736
Title: Stay Tuned

Search URL Search Domain Scan URL

URL: https://www.today.com/
Title: Today

Search URL Search Domain Scan URL

URL: https://www.msnbc.com/
Title: MSNBC

Search URL Search Domain Scan URL

URL: http://www.facebook.com/nbcnews

Search URL Search Domain Scan URL

URL: https://www.twitter.com/nbcnews

Search URL Search Domain Scan URL

URL: https://secure.nbcnews.com/_tps/accounts/newsletters

Search URL Search Domain Scan URL

URL: https://www.cnbc.com/
Title: CNBC

Search URL Search Domain Scan URL

URL: https://www.nbc.com/
Title: NBC.COM

Search URL Search Domain Scan URL

URL: https://www.nbcuacademy.com/
Title: NBCU Academy

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Nbclearn/playlists
Title: NBC Learn

Search URL Search Domain Scan URL

URL: https://www.peacocktv.com/?cid=20200715takeflightoneedi027&utm_source=nbcnews&utm_medium=symphony_display_homepagetakeover_link&utm_campaign=20200715takeflight&utm_term=weblink&utm_content=navlink
Title: Peacock

Search URL Search Domain Scan URL

URL: https://veterans.nbcnews.com/
Title: NEXT STEPS FOR VETS

Search URL Search Domain Scan URL

URL: https://www.parenttoolkit.com/
Title: Parent Toolkit

Search URL Search Domain Scan URL

URL: https://nbcnews.zendesk.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.nbcunicareers.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies#cookie_management
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/?intake=NBC_News
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/notrtoo/?intake=NBC_News
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/california-consumer-privacy-act?intake=NBC_News
Title: CA Notice

Search URL Search Domain Scan URL

URL: https://together.nbcuni.com/advertise/?utm_source=nbc_news&utm_medium=referral&utm_campaign=property_ad_pages
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.cnbc.com/select/
Title: Select Personal Finance

Search URL Search Domain Scan URL

URL: https://twitter.com/TimcastNews/status/1672410287251529735?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1672410287251529735%7Ctwgr%5E0153adc40c0e4542e828fa86dc06732649109f63%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.dailymail.co.uk%2Fnews%2Farticle-12230639%2FWere-coming-children-Topless-activists-drag-queens-spark-outrage-NYC-Pride.html
Title: 21-second clip

Search URL Search Domain Scan URL

URL: https://twitter.com/FloridaGOP/status/1673348381672914945
Title: claimed

Search URL Search Domain Scan URL

URL: https://www.huffpost.com/entry/nyc-drag-march_n_5b2fb345e4b0040e274410a0
Title: according to HuffPost

Search URL Search Domain Scan URL

URL: https://web.colby.edu/queer-theory-fall18/files/2016/09/Berlant-and-Freedman.Queer-Nationality.pdf
Title: long been used

Search URL Search Domain Scan URL

URL: https://mediaburn.org/video/the-90s-raw-act-up-rally-in-san-francisco/?t=33:10
Title: 1990 march

Search URL Search Domain Scan URL

URL: https://www.newyorker.com/magazine/2021/06/14/how-act-up-changed-america
Title: demanded

Search URL Search Domain Scan URL

URL: http://chicagomag.com/chicago-magazine/may-2020/oral-history-act-up-chicago-aids/
Title: used by AIDS activists in Chicago demonstrations

Search URL Search Domain Scan URL

URL: https://gothamist.com/news/photos-drag-march-kicks-off-pride-weekend-2022-with-rage-and-defiance
Title: Gothamist reported

Search URL Search Domain Scan URL

URL: https://twitter.com/tylerkingkade

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies
Title: cookie policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://sb.scorecardresearch.com/p?c1=2&c2=6035083&cs_ucfr=&cs_amp_consent=not_required&cs_pv=7827&c12=amp-lqbnu99wL4a5huHWGSuInw&rn=0.822211315774128&c8=%E2%80%98We%E2%80%99re%20Coming%20For%20Your%20Children%E2%80%99%20chant%20at%20NYC%20Drag%20March%20elicits%20outrage%2C%20but%20activists%20say%20it%E2%80%99s%20taken%20out%20of%20context&c7=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&c9=&cs_c7amp=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&comscorekw=amp HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035083&cs_ucfr=&cs_amp_consent=not_required&cs_pv=7827&c12=amp-lqbnu99wL4a5huHWGSuInw&rn=0.822211315774128&c8=%E2%80%98We%E2%80%99re%20Coming%20For%20Your%20Children%E2%80%99%20chant%20at%20NYC%20Drag%20March%20elicits%20outrage%2C%20but%20activists%20say%20it%E2%80%99s%20taken%20out%20of%20context&c7=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&c9=&cs_c7amp=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&comscorekw=amp

Request Chain 161

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJFXEETE-4-KK22

Request Chain 162

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/krhP-FzJIni2_vSX7alH8Q?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xH7sKvlE2oJfbPQ8W1Th4TiQuqFBk1LMVk9f2g--~A

Request Chain 163

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24cfb9a4-ca44-4d7c-8790-4c015d723117&gdpr=0&gdpr_consent=&expires=30

Request Chain 164

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTM0M2UwNWY5ZjYxNjk2ZWM5YWJlYWMyNzRmZGEwNTU1YjgzMmZkMA

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBy7khtjKGnJL6P6Hp_c48I&google_cver=1

Request Chain 166

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rq8GMZwbTZ2MPNERnSn7KA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rq8GMZwbTZ2MPNERnSn7KA

Request Chain 167

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpGWEVFVEUtNC1LSzIy HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECNiZDuCwfOB6eEBlIzN3og&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGWEVFVEUtNC1LSzIy&google_push=

Request Chain 168

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Gwrp4oQlTIG1EZeDFkOljA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gwrp4oQlTIG1EZeDFkOljA

Request Chain 169

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_cm&google_hm=ay10WnlMUkxxVEpVeTZQOVl6b3RZRkxHUzFEcDY4SGZweWljVFZxQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0

Request Chain 171

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400

Request Chain 172

https://secure.adnxs.com/setuid?entity=52&code=k-U4ttBLqTJUy6P9YzotYFLGS1Dp4d4KqOzNHYxQ HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-U4ttBLqTJUy6P9YzotYFLGS1Dp4d4KqOzNHYxQ

Request Chain 179

https://eb2.3lift.com/xuid?mid=2711&xuid=k-SHOKB7qTJUy6P9YzotYFLGS1Dp6sxfbKFBfLqQ&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-SHOKB7qTJUy6P9YzotYFLGS1Dp6sxfbKFBfLqQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 180

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PpQMELqTJUy6P9YzotYFLGS1Dp5zqPzsChrnEA HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PpQMELqTJUy6P9YzotYFLGS1Dp5zqPzsChrnEA&verify=true

Request Chain 183

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=awqjq8uwfiIEOhGZefheTNXCNTWxYLhQ

Request Chain 184

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-JT8_1bqTJUy6P9YzotYFLGS1Dp5sVYTbAofkqg HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-JT8_1bqTJUy6P9YzotYFLGS1Dp5sVYTbAofkqg&C=1

Request Chain 186

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jKcEE7qTJUy6P9YzotYFLGS1Dp6G2524XUJy2w HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jKcEE7qTJUy6P9YzotYFLGS1Dp6G2524XUJy2w

Request Chain 188

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ&_li_chk=true&previous_uuid=d900b3ce6cee4d309e14476c07260280 HTTP 303
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ

Request Chain 195

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-IAZryrqTJUy6P9YzotYFLGS1Dp5yKgylN4C5vQ HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-IAZryrqTJUy6P9YzotYFLGS1Dp5yKgylN4C5vQ&cookieCheck=1

Request Chain 209

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=DMxwX1YF5oC0pZtrNQ3Y5s7NrjoUM-CM HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DMxwX1YF5oC0pZtrNQ3Y5s7NrjoUM-CM

Request Chain 210

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=vz0RCIsUAcDFv2O3EW1A_vhB-R9WZ2pg

Request Chain 296

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_cm&google_hm=ay10WnlMUkxxVEpVeTZQOVl6b3RZRkxHUzFEcDY4SGZweWljVFZxQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0

Request Chain 297

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400

Request Chain 305

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=5TcYSXJIEwrVJs273_-bSz1TDcIy8vin

Request Chain 335

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_cm&google_hm=ay10WnlMUkxxVEpVeTZQOVl6b3RZRkxHUzFEcDY4SGZweWljVFZxQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0

Request Chain 336

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400

Request Chain 346

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=4lCz3Bi_Knp4pA13uHn8LrHV-ewskviB

Request Chain 368

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=HEIp__e5sxfOo6t-xuO6kEtGE8WStFHx

Request Chain 369

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=I548HqGRU2-cV-qeS5vCPlpoXHGW7ttH

Request Chain 370

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Ya4yh6IjhlG1aI_pXMxGUchhiuBdJtkb

364 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rcna91341 Show response
www.nbcnews.com/news/amp/ 152 KB
39 KB 1582ms
46ms Document
text/html 2600:141b:e800:c93::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:e800:c93::2506 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d5816a251bf54c5599d5c5b3364578825a2af2246f889f11bbe81a3ed1a24e5b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 37600
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Wed, 28 Jun 2023 16:23:21 GMT
link: <https://cdn.ampproject.org/v0.js>; rel=preload; as=script, <https://cdn.ampproject.org/v0/amp-analytics-0.1.js>; rel=preload; as=script, <https://cdn.ampproject.org/v0/amp-sidebar-0.1.js>; rel=preload; as=script, <https://cdn.ampproject.org/v0/amp-social-share-0.1.js>; rel=preload; as=script, <https://cdn.ampproject.org/v0/amp-ad-0.1.js>; rel=preload; as=script, <https://cdn.ampproject.org/v0/amp-list-0.1.js>; rel=preload; as=script, <https://cdn.ampproject.org/v0/amp-mustache-0.2.js>; rel=preload; as=script, <https://cdn.ampproject.org/v0/amp-iframe-0.1.js>; rel=preload; as=script, <https://nodeassets.nbcnews.com/assets/header-footer/1.8.2/iconfont/hf-icons.woff2?0e7cd496678ed95f2d24830e744413e5>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous, <https://nodeassets.nbcnews.com/assets/fonts/shared/iconfont.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous, <https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskMonoWeb-Regular.861757adb72039160d3707fc6508e252.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous, <https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskCondensedWeb-Semibold.6797c94d7e9d7972e1dda6ed5248e1f4.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous, <https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoHeadline-Light-Web.558b657c534cf850fc1e341ff9df48b9.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous, <https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoText-Roman-Web.752edd6cce510289581b5e8ecea31abd.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous, <https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoText-BoldItalic-Web.4242cd37a672fbb81852bc6b903d1382.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous
strict-transport-security: max-age=2628000 ; preload
vary: Accept-Encoding
x-amz-apigw-id: HPOvNGXAvHcFo5A=
x-amzn-requestid: d6880ed5-a7ec-43a9-aab5-851bde555823
x-amzn-trace-id: Root=1-649c5e61-47924ae8421d4b4d42c7b2e8

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 230ms
113ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee01918f0cf6938c5ef120611f77319898096045ff10aa1d2bd5bd8f2fe23c2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72824
x-xss-protection: 0
server: sffe
etag: "65bfc8ea594eae87"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
31 KB 209ms
93ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2254976bba5b90609720c29fcf13bd161708599fa80c7bc0235fdd65d8a08ff6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32045
x-xss-protection: 0
server: sffe
etag: "c4103982ca7fc5e4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 171ms
55ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4a0ee9d98bebc7f0b92077dcb305255986e2d3d9c7c637cc27fe30a9cc16e4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9653
x-xss-protection: 0
server: sffe
etag: "b8341fece51e0c2b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 226ms
110ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70562640a5faa0735554738e5b62b97428b04ca2b25b873cc07ca648e481ce67

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4793
x-xss-protection: 0
server: sffe
etag: "587a7288a427ad0e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
23 KB 191ms
75ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de41278b639e6af44f3621cb961e3cc315ea5185bd3f71f3b8746f8a6c23abb1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23107
x-xss-protection: 0
server: sffe
etag: "bf24e70b3c2244f1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-list-0.1.js Show response
cdn.ampproject.org/v0/ 42 KB
13 KB 200ms
85ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-list-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39cd29361b7f6839c498541926a32e1dd1e5ea0f98d1aa31c1e4fdd4cd6cb1c4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12975
x-xss-protection: 0
server: sffe
etag: "3bfaad11335eff41"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-mustache-0.2.js Show response
cdn.ampproject.org/v0/ 45 KB
16 KB 162ms
47ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

418023d3bc67bd9a048e3d0d4cbc678c58b2acc7fe3e67eefa44e08bb541350d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15350
x-xss-protection: 0
server: sffe
etag: "22bb61cf47edc947"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 204ms
89ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ed1f166939bdd2358e771b548ee2be36d1850979732c1485373ad4f562dc8bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8951
x-xss-protection: 0
server: sffe
etag: "c072d43f1fd11054"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 hf-icons.woff2
nodeassets.nbcnews.com/assets/header-footer/1.8.2/iconfont/ 6 KB
7 KB 157ms
40ms Font
font/woff2 2600:141b:9000:59e::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/header-footer/1.8.2/iconfont/hf-icons.woff2?0e7cd496678ed95f2d24830e744413e5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:9000:59e::2506 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e09aff711f9a8726b0482c4d5f57b3d7ecc8e820f825ab0ece7a03d069472837

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: Lfdj_PaCBpjavTr1hZcEdRPt3Mw2aUBN
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: VVJZJSF5HY2C0A7Q
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468880_3090388119_22411233_42_7400_27_0_-";dur=1
content-length: 6072
x-amz-id-2: H3vpUoXylsLf4NemSCUsEzNeJkWERzcqw9CeQrLxp+rjOTXLpQrvQv1Co8wkDqJgZZxMOVqpgac=
last-modified: Tue, 08 Sep 2020 16:16:22 GMT
server: AmazonS3
etag: "d2d9b975038ea1ce7d4fb3c5b7b46c86"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
accept-ranges: bytes
expires: Thu, 29 Jun 2023 16:23:22 GMT

GET
H2 200 iconfont.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 13 KB
13 KB 156ms
40ms Font
font/woff2 2600:141b:9000:59e::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/iconfont.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:9000:59e::2506 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

697e0f3f0d843572999b03d112efb43d6b9576d733e9f024607ee088f9034a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: W.z7LwprI03AhtziKw.eQTK5Rbbp_7VP
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: TAW2BEPKWDVRXB4D
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468880_3090388119_22411227_34_7455_27_0_-";dur=1
content-length: 12804
x-amz-id-2: vYcWJGWweSZuy4buRo9gsIWTT+0Fo5ktaGUg9glSDi65kvG3IVne8QqN6N27cMnRRfOKFHbgbOg=
last-modified: Mon, 02 Nov 2020 14:39:45 GMT
server: AmazonS3
etag: "2431efb97a5f2af14ff958819fff750d"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:23:22 GMT

GET
H2 200 FoundersGroteskMonoWeb-Regular.861757adb72039160d3707fc6508e252.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 29 KB
30 KB 219ms
103ms Font
font/woff2 2600:141b:9000:59e::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskMonoWeb-Regular.861757adb72039160d3707fc6508e252.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:9000:59e::2506 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

547bfe45786020d5e9de262b053fecc7e9031cac23695f136d411b67e604c90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: smxq6MLYc1aZNAPU82awTXjGoqcFeVuG
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: 9VJSQH8KG9R16N5P
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468880_3090388119_22411228_2916_7605_27_0_-";dur=1
content-length: 30163
x-amz-id-2: PjyRxHqmxUJM2Ul53bqBMnGo4OIxEUd58oD3G4aH4JMeDT4XQen5Sc0yjnaGaoj8ifstk8f1FEA=
last-modified: Tue, 11 Oct 2022 22:23:57 GMT
server: AmazonS3
etag: "861757adb72039160d3707fc6508e252"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:23:22 GMT

GET
H2 200 FoundersGroteskCondensedWeb-Semibold.6797c94d7e9d7972e1dda6ed5248e1f4.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 39 KB
40 KB 157ms
41ms Font
font/woff2 2600:141b:9000:59e::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/FoundersGroteskCondensedWeb-Semibold.6797c94d7e9d7972e1dda6ed5248e1f4.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:9000:59e::2506 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1eaf39da4a7bc521968553ccb045aaae4c3609d0f714197db1855e4b47bf31d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: UvqxF5yqAakw56cN4C1xb.YQdPhVCBLy
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: Z1P2Q55JDXGWHHYN
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468880_3090388119_22411229_37_7437_27_0_-";dur=1
content-length: 40106
x-amz-id-2: R9NvNy7hCEHI1H+jQzHVrHkzyZCR4puwktALLNP0sKsgdrXAbdP8zzbQYxcJ3sdztxw44B8ANW4=
last-modified: Thu, 11 Jul 2019 19:07:44 GMT
server: AmazonS3
etag: "6797c94d7e9d7972e1dda6ed5248e1f4"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:23:22 GMT

GET
H2 200 PublicoHeadline-Light-Web.558b657c534cf850fc1e341ff9df48b9.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 43 KB
44 KB 157ms
41ms Font
font/woff2 2600:141b:9000:59e::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoHeadline-Light-Web.558b657c534cf850fc1e341ff9df48b9.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:9000:59e::2506 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8e9b3dc41928550a6a5f2294cb7bb92ba7e4ae20198486ce269415ee43543420

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: ul1EPurdSowB7PVZime6PQkFWexC7YJJ
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: N6DE07Q8YK2Q0G93
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468880_3090388119_22411230_41_7453_27_0_-";dur=1
content-length: 44305
x-amz-id-2: KrL0J+oRE6XoAek+lIFb5qXqrNe/ynEg3KzMOGFJH+WmLntgROF+hQhSvwooUjiyd7FyDzrAz9g=
last-modified: Thu, 11 Jul 2019 19:07:44 GMT
server: AmazonS3
etag: "558b657c534cf850fc1e341ff9df48b9"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:23:22 GMT

GET
H2 200 PublicoText-Roman-Web.752edd6cce510289581b5e8ecea31abd.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 51 KB
52 KB 157ms
42ms Font
font/woff2 2600:141b:9000:59e::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoText-Roman-Web.752edd6cce510289581b5e8ecea31abd.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:9000:59e::2506 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

83340911733e4ae3c55fc3763d089fa38e427248ac4833ee3209c5c5f7f385dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 2MTzNwxTqVPRbYrJTYk1GvQbxM9fvhUo
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: BGDPXNWRPS1TYMH2
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468880_3090388119_22411231_43_7543_27_0_-";dur=1
content-length: 52393
x-amz-id-2: F1n3WiXzFdrWPwMc57oa2bgbHi89zfCV6O7TfeGkMb7X/QMDputqk2PnAPhNitxNnkfCjQiwC5E=
last-modified: Tue, 11 Oct 2022 19:53:40 GMT
server: AmazonS3
etag: "752edd6cce510289581b5e8ecea31abd"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:23:22 GMT

GET
H2 200 PublicoText-BoldItalic-Web.4242cd37a672fbb81852bc6b903d1382.woff2
nodeassets.nbcnews.com/assets/fonts/shared/ 58 KB
59 KB 154ms
39ms Font
font/woff2 2600:141b:9000:59e::2506
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://nodeassets.nbcnews.com/assets/fonts/shared/PublicoText-BoldItalic-Web.4242cd37a672fbb81852bc6b903d1382.woff2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:9000:59e::2506 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d1c2b37ceec567b3c16bcf46bbe4f6ee5c5436e211948953c8c51e138906e5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 33lqXNVQv.NX49MjCRxhG4HWLTqpP9wp
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=2628000 ; preload
x-amz-request-id: P8DAWKHX94EC6987
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468880_3090388119_22411232_43_7392_27_0_-";dur=1
content-length: 59569
x-amz-id-2: lXvwTJ/YhwUl1YXcwAs6Ecau3efEOiaIHNJCyDJr4DU1gf526SjlVSyDfJvBGAtvQlIylEWllp4=
last-modified: Thu, 11 Jul 2019 19:07:45 GMT
server: AmazonS3
etag: "4242cd37a672fbb81852bc6b903d1382"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 16:23:22 GMT

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 222 KB
63 KB 120ms
47ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a285256cf50d15e16185e51140b7ea234589ed02bdbe465f7488844c3de5fc2b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63311
x-xss-protection: 0
server: sffe
etag: "d0eca86d8a89e622"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-ad-0.1.mjs Show response
cdn.ampproject.org/v0/ 74 KB
21 KB 179ms
107ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

657a4a4522867de195bdbde74ec9bec30c0cf50684cdadb31241ddfd903422c8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21125
x-xss-protection: 0
server: sffe
etag: "344b2ded8a016182"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/v0/ 94 KB
28 KB 192ms
120ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ed5c4089864b01e87b2f702813aad69f02a330abc2a228d51025800447411b4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28950
x-xss-protection: 0
server: sffe
etag: "da56deebaed1892b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-consent-0.1.mjs Show response
cdn.ampproject.org/v0/ 51 KB
15 KB 167ms
95ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-consent-0.1.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

307e208c84dc2189af056ef899123539cf4d3e9cdb131bee08e111c170d456eb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15630
x-xss-protection: 0
server: sffe
etag: "cc5d6b19c4a7d649"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-geo-0.1.mjs Show response
cdn.ampproject.org/v0/ 9 KB
4 KB 194ms
122ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-geo-0.1.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bd7f11cc08563640c65390bc9fa76c301ba34d5edbca13836850ce6ec15e4f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3588
x-xss-protection: 0
server: sffe
etag: "a42dccd8104e2a2c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-iframe-0.1.mjs Show response
cdn.ampproject.org/v0/ 20 KB
7 KB 208ms
136ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cdc361ce4f9beadb896676f96309c5dcc6477cd9df82ed5eef42d770e745b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7409
x-xss-protection: 0
server: sffe
etag: "81852fc5dbdc5cb0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-list-0.1.mjs Show response
cdn.ampproject.org/v0/ 35 KB
11 KB 211ms
141ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-list-0.1.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f906aef93053307e6aca22cf447466627a0b3dad0900275849804b4c2b1effb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11128
x-xss-protection: 0
server: sffe
etag: "86ec6c166fa57f65"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-mustache-0.2.mjs Show response
cdn.ampproject.org/v0/ 40 KB
14 KB 194ms
124ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-mustache-0.2.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14aeb3d2618c2abae5865921104ee6ec915be2f0678ec82880f5cd2aceee7c08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13845
x-xss-protection: 0
server: sffe
etag: "e2ba28adf7b1328b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-sidebar-0.1.mjs Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 159ms
89ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973236f90702b605aec5c2d48dc1f9699002fa9d81a341b045d1afebc0ca7522

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8230
x-xss-protection: 0
server: sffe
etag: "491c0b3578b13937"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
H2 200 amp-social-share-0.1.mjs Show response
cdn.ampproject.org/v0/ 12 KB
4 KB 175ms
105ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.mjs

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a07f342a5b9e423663ca0a6de79fdcaadb51c5de1be6fea8dd3b48fac1aa192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4301
x-xss-protection: 0
server: sffe
etag: "2c7a06659d0aee53"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Jun 2023 16:23:22 GMT

GET
DATA 200
OK truncated
/ 342 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d2da0ccaa34f56912080e74e8d710e1d71198698d054472c032007b9bd96886

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 447c1d9ef45c3c4d49424f5b2a2cb8d4b1c1f4e81368fcdc4e5ccae51c1e88d8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e6ee43758f4521237af4059fea23a5e002c080bf62465f021e53c3315b45ffb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 934 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f73d3574008396117cb50a903ded55f288e3eb9d4767b131113d5a25d0a9983

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04481f4f519b299b81a540a46e23cbbb0d9732c4a809cd3fa0926e0b824d11d3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 230627-ny-drag-march-mb-1300-2cf2d2.jpg
media-cldnry.s-nbcnews.com/image/upload/t_fit-2000w,f_auto,q_auto:best/rockcms/2023-06/ 1 MB
1 MB 157ms
41ms Image
image/webp 2600:141b:13:7a2::a1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cldnry.s-nbcnews.com/image/upload/t_fit-2000w,f_auto,q_auto:best/rockcms/2023-06/230627-ny-drag-march-mb-1300-2cf2d2.jpg

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2600:141b:13:7a2::a1d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

cloudinary /

Resource Hash

581a8c4764e258df94bff79f71dba5ff9380f43af67d63dabdc2f77dd6167147

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 1
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=2628000 ; preload
cache-tag: 398903422499397425317691702764264813242,429295019520688131926462112177544696521,7831a46e631c715519da9d0ce0a38b6b
content-disposition: inline; filename="230627-ny-drag-march-mb-1300-2cf2d2.webp"
content-length: 1093342
x-served-by: cache-lga21964-LGA
last-modified: Wed, 28 Jun 2023 00:44:28 GMT
server: cloudinary
x-timer: S1687968930.487219,VS0,VE1
etag: "fb72a519e7fc73fe7379a659fda8e8cd"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, private, max-age=31557109
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
expires: Thu, 27 Jun 2024 22:15:11 GMT

GET
H2 200 230608-richard-fierro-se-555p-53423c.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-06/ 1 KB
2 KB 146ms
30ms Image
image/webp 2600:141b:13:7a2::a1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cldnry.s-nbcnews.com/image/upload/t_focal-80x80,f_auto,q_auto:best/rockcms/2023-06/230608-richard-fierro-se-555p-53423c.jpg

Requested by

Host: www.nbcnews.com
URL: https://www.nbcnews.com/news/amp/rcna91341

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2600:141b:13:7a2::a1d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

cloudinary /

Resource Hash

739c4dde65957335a549174395d628d6e6a3709f84b7bef055c65428e4836950

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 1
date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=2628000 ; preload
cache-tag: 243585689444135765537130317838959279948,380829963117896786254718282598345919481,7831a46e631c715519da9d0ce0a38b6b
content-disposition: inline; filename="230608-richard-fierro-se-555p-53423c.webp"
content-length: 1276
x-served-by: cache-iad-kiad7000032-IAD
last-modified: Mon, 26 Jun 2023 14:40:00 GMT
server: cloudinary
x-timer: S1687963966.999268,VS0,VE1
etag: "c9f937af3d2a1087a9cae35148868846"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, private, max-age=31552114
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
expires: Thu, 27 Jun 2024 20:51:56 GMT

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018001/v0/ 7 KB
3 KB 28ms
27ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018001/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94baf7f0ddcb1cfd1f4a33d91a486b47295fae1b0b06942993ecc844add6608b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 16:33:42 GMT
age: 604180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2842
x-xss-protection: 0
server: sffe
etag: "815aaf24798a1e9a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jun 2024 16:33:42 GMT

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018001/v0/ 12 KB
4 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018001/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fcf7505598f44c875256639e01d50b8e539073a4af0461839483a4cd3842032

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 13:56:18 GMT
age: 8824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3907
x-xss-protection: 0
server: sffe
etag: "07bdd5f4b503c7eb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Jun 2024 13:56:18 GMT

GET
H2 200 amp-ad-network-doubleclick-impl-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018001/v0/ 208 KB
56 KB 27ms
26ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018001/v0/amp-ad-network-doubleclick-impl-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

314ba74b337fd26849597311f798c9241edf19026a0bb311582916a8be9d7c13

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 20:53:15 GMT
age: 588607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57577
x-xss-protection: 0
server: sffe
etag: "1999068cb07254dd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jun 2024 20:53:15 GMT

GET
H2 200 frame.html
d-37003659051456368343.ampproject.net/2305252018001/ 0
0 172ms
39ms Other
text/html 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-37003659051456368343.ampproject.net/2305252018001/frame.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 taboola.mjs
3p.ampproject.net/2305252018001/vendor/ 20 KB
7 KB 152ms
20ms Other
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2305252018001/vendor/taboola.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea80afd281a3a0254cd4ad4d4a10035f73d0f0bb6223337d5d0879e3814d31e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 21:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7126
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Jun 2024 21:04:42 GMT

GET
H2 200 branch-amp-journeys-pre Show response
nbcnews.app.link/ 76 B
743 B 234ms
108ms Fetch
text/html 2600:9000:210b:b400:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcnews.app.link/branch-amp-journeys-pre?branch_key=key_live_bmS4ym2cDBm2ge4BjKwILcjeCvnyQ3v3&__aj_cid=amp-Fmz87_aPfU56GpV3-2szVw&__amp_viewer=&__aj_source_url=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&__aj_canonical_url=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__aj_v=1.0.0&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:b400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

e03a2722836ae8b3a6c5431b9333661d1af26b9b2e5b9894d9fb22d3e30b76be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: openresty
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop: EWR53-C3
etag: W/"4c-tIT7sEVVbVP/Mz5FOcNNNPW8MVE"
vary: origin
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-length: 76
x-amz-cf-id: A3vf_tfragV4idH0go-jItkpfJCYKvRyaB84hjPl2U_sxhaE2d8vqw==

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
482 B 131ms
35ms Fetch
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.nbcnews.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET amp
mps.nbcuni.com/request/page/json/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
554 B 332ms
169ms Fetch
application/json 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3219&pubid=PUB_UUID&amp=1&u=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&slots=%5B%7B%22sd%22%3A%22%2F2620%2Fnbcnews%2Fnbcout%2Famp%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22ms%22%3A%22300x250%2C300x50%22%7D%5D&pj=%7B%22amp%22%3A%221%22%7D&gdprc=&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: Server
x-amz-rid: R963GKW2AMMH4DJHZ4W0
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: Fykk17nSy7oEr_fkHxY-StT3u93tOsuD3gcsi9bKHZLpXiEQrMTZNQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
554 B 268ms
105ms Fetch
application/json 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: Server
x-amz-rid: H6YFZNZNGJW8V96A41JQ
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: 6iqY-QPJCphB-xTUxTq-ql96MsaUP36zl2WrBGNmOXiDY59bZ74raA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
554 B 305ms
143ms Fetch
application/json 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: Server
x-amz-rid: K17GX5VKPH2WEAZ54X7S
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: 7gxOBVgOU-TDHUTN9TJIKhvxv0WuMwqt_W11DXr_7-A86Zn7bet2fA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
556 B 261ms
98ms Fetch
application/json 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: Server
x-amz-rid: 5A8QDDP3TR2EVZH7PXM9
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: b-f1eLKKAJZUDWXV6xjvF4xHvAqZ1yhj3k7iGK5Gi_-gyHehsMh6yQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
554 B 272ms
109ms Fetch
application/json 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: Server
x-amz-rid: FFP3ASTBRA7X0HVYDJPF
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: eNyNMo2VQ_OIC6opGd8lBaNa070fJZM4vGZR8rMUWW7LKLFOGp4t4w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
552 B 289ms
127ms Fetch
application/json 18.164.98.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.98.157 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-98-157.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:22 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: Server
x-amz-rid: G5Y7BK9KHW6Q9N77CWX6
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: SkimaC3O--88cr1B67-28iiDr_NgQycOduU_Hfky5q1GKzsbtuxccA==

GET
H2 200 amp Show response
prebid-server.rubiconproject.com/openrtb2/ 465 B
548 B 406ms
225ms Fetch
application/json 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/amp?tag_id=24610-amp-nbcnews&w=300&h=250&ow=&oh=&ms=300x250%2C300x50&slot=%2F2620%2Fnbcnews%2Fnbcout%2Famp&targeting=%7B%22amp%22%3Atrue%2C%22pos%22%3A%22boxinline_bentoarticle_amp%22%2C%22targeting%22%3A%22news%2Cusnews%2Cundefined%22%7D&curl=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&timeout=1000&adc=amp-lTQUeOAHimqc8XVW7FQl9A&purl=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&consent_string=&account=24610&gdpr_applies=&addtl_consent=&consent_type=&pvid=7827&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: d871f6175a528a2ac9fde32ef1ad780873c903da5f8f6275d34532e8df2ed849

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:22 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: https://www.nbcnews.com
x-prebid: pbs-java/1.121.0
content-type: application/json
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 215
expires: 0

GET
H2 200 amp Show response
prebid-server.rubiconproject.com/openrtb2/ 465 B
547 B 657ms
482ms Fetch
application/json 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/amp?tag_id=24610-amp-nbcnews&w=300&h=250&ow=&oh=&ms=300x250%2C300x50&slot=%2F2620%2Fnbcnews%2Fnbcout%2Famp&targeting=%7B%22amp%22%3Atrue%2C%22pos%22%3A%22boxinline_bentoarticle_amp%22%2C%22targeting%22%3A%22news%2Cusnews%2Cundefined%22%7D&curl=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&timeout=1000&adc=amp-lTQUeOAHimqc8XVW7FQl9A&purl=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&consent_string=&account=24610&gdpr_applies=&addtl_consent=&consent_type=&pvid=7827&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: 7bb224f5380f47477290ca81a6b9cfbb49797c07e14df932c7dd97025dedc191

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:23 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: https://www.nbcnews.com
x-prebid: pbs-java/1.121.0
content-type: application/json
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 214
expires: 0

GET
H2 200 amp Show response
prebid-server.rubiconproject.com/openrtb2/ 465 B
548 B 403ms
227ms Fetch
application/json 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/amp?tag_id=24610-amp-nbcnews&w=300&h=250&ow=&oh=&ms=300x250%2C300x50&slot=%2F2620%2Fnbcnews%2Fnbcout%2Famp&targeting=%7B%22amp%22%3Atrue%2C%22pos%22%3A%22boxinline_bentoarticle_amp%22%2C%22targeting%22%3A%22news%2Cusnews%2Cundefined%22%7D&curl=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&timeout=1000&adc=amp-lTQUeOAHimqc8XVW7FQl9A&purl=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&consent_string=&account=24610&gdpr_applies=&addtl_consent=&consent_type=&pvid=7827&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: b2e601b0beafd141f8a9d9921956c3700aef2f2c4dcddbf58b54b0e821e2479a

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:22 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: https://www.nbcnews.com
x-prebid: pbs-java/1.121.0
content-type: application/json
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 215
expires: 0

GET
H2 200 amp Show response
prebid-server.rubiconproject.com/openrtb2/ 465 B
550 B 356ms
181ms Fetch
application/json 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/amp?tag_id=24610-amp-nbcnews&w=300&h=250&ow=&oh=&ms=300x250%2C300x50&slot=%2F2620%2Fnbcnews%2Fnbcout%2Famp&targeting=%7B%22amp%22%3Atrue%2C%22pos%22%3A%22boxinline_bentoarticle_amp%22%2C%22targeting%22%3A%22news%2Cusnews%2Cundefined%22%7D&curl=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&timeout=1000&adc=amp-lTQUeOAHimqc8XVW7FQl9A&purl=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&consent_string=&account=24610&gdpr_applies=&addtl_consent=&consent_type=&pvid=7827&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: dbe481406fb7e2d84d9b87bbbc336ec8d7ea62c9978d8fa36d2171d7d2f4b6cb

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:22 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: https://www.nbcnews.com
x-prebid: pbs-java/1.121.0
content-type: application/json
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 216
expires: 0

GET
H2 200 amp Show response
prebid-server.rubiconproject.com/openrtb2/ 465 B
548 B 396ms
221ms Fetch
application/json 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/amp?tag_id=24610-amp-nbcnews&w=300&h=250&ow=&oh=&ms=300x250%2C300x50&slot=%2F2620%2Fnbcnews%2Fnbcout%2Famp&targeting=%7B%22amp%22%3Atrue%2C%22pos%22%3A%22boxinline_bentoarticle_amp%22%2C%22targeting%22%3A%22news%2Cusnews%2Cundefined%22%7D&curl=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&timeout=1000&adc=amp-lTQUeOAHimqc8XVW7FQl9A&purl=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&consent_string=&account=24610&gdpr_applies=&addtl_consent=&consent_type=&pvid=7827&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: 96443831f40e48742d7bd299ef80326751b06bbf7954edf4e61ec3c0eef40733

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:22 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: https://www.nbcnews.com
x-prebid: pbs-java/1.121.0
content-type: application/json
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 215
expires: 0

GET
H2 200 amp Show response
prebid-server.rubiconproject.com/openrtb2/ 465 B
549 B 387ms
212ms Fetch
application/json 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/amp?tag_id=24610-amp-nbcnews&w=300&h=250&ow=&oh=&ms=300x250%2C300x50&slot=%2F2620%2Fnbcnews%2Fnbcout%2Famp&targeting=%7B%22amp%22%3Atrue%2C%22pos%22%3A%22boxinline_bentoarticle_amp%22%2C%22targeting%22%3A%22news%2Cusnews%2Cundefined%22%7D&curl=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&timeout=1000&adc=amp-lTQUeOAHimqc8XVW7FQl9A&purl=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&consent_string=&account=24610&gdpr_applies=&addtl_consent=&consent_type=&pvid=7827&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: d2152d607f4a55ad438903d9c843f7b848b82ff71481d5d63a56b4f4a81be3d9

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:22 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: https://www.nbcnews.com
x-prebid: pbs-java/1.121.0
content-type: application/json
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 216
expires: 0

GET
H3 200 amp-lightbox-gallery-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018001/v0/ 56 KB
17 KB 29ms
27ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018001/v0/amp-lightbox-gallery-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bdf7c616ffcf31914947a4c74c6e545bda502495eedc4136f94eb3d0317ce5d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Origin: https://www.nbcnews.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 21 Jun 2023 20:53:15 GMT
age: 588607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16911
x-xss-protection: 0
server: sffe
etag: "e61601070cb5813d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jun 2024 20:53:15 GMT

GET
H3 200 parsely.json Show response
cdn.ampproject.org/rtv/012305252018001/v0/analytics-vendors/ 835 B
424 B 52ms
35ms Fetch
application/json 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018001/v0/analytics-vendors/parsely.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae28fcab23026155838be7a52d391f3ed4e25769a154c2d15265b7adf26bfb0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 25 Jun 2023 17:11:26 GMT
age: 256316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
x-xss-protection: 0
server: sffe
etag: "90552a7d92fd56a7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 24 Jun 2024 17:11:26 GMT

GET
H3 200 comscore.json Show response
cdn.ampproject.org/rtv/012305252018001/v0/analytics-vendors/ 559 B
311 B 51ms
36ms Fetch
application/json 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018001/v0/analytics-vendors/comscore.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b913d6f06cebe5484a2bf0de91fa809e331c5b4c7885a8bb67e971f1be57c48

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 22 Jun 2023 09:14:25 GMT
age: 544137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
server: sffe
etag: "a84217fc00d66735"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Jun 2024 09:14:25 GMT

GET
H3 200 mparticle.json Show response
cdn.ampproject.org/rtv/012305252018001/v0/analytics-vendors/ 796 B
397 B 49ms
37ms Fetch
application/json 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018001/v0/analytics-vendors/mparticle.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fce5e2d3b54be3de1e77402ea2d9c69d355054b288b523b47fa00738fe38df7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.nbcnews.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 28 Jun 2023 12:34:54 GMT
age: 13708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 367
x-xss-protection: 0
server: sffe
etag: "03030946784604af"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Jun 2024 12:34:54 GMT

GET
H2 200 s0.18856196574183826
aamt.nbcnews.com/b/ss/msnbcnbcnewscomprod/0/amp-1.0/ 0
0 163ms
34ms Image
text/html 63.140.38.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aamt.nbcnews.com/b/ss/msnbcnbcnewscomprod/0/amp-1.0/s0.18856196574183826?vid=zamp-UUXQAAW9ZSVhwg4a-SIoAA&cc=USD&ndh=0&ce=UTF-8&g=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&r=&bh=1200&bw=1600&c=24&j=amp&s=1600x1200&ns=msnbc&server=nbcnews.com&pageName=nbcnews%3AAMP%3Apost%3Are-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&c.&news.&brand=nbcnews&contentcategory=NBC%20OUT&contenttype=AMP:post&pageurl=https://www.nbcnews.com/nbc-out/nbc-out-proud/re-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&pageview=true&referrer=&server=nbcnews.com&subcat1=NBC%20Out%20&%20Proud&subverticalname=not%20available&verticalname=news&author=Tyler%20Kingkade&ecommerceEnabled=false&label=&modpagepublishdate=2023-06-28%2013:20:25%20Z&origpagepublishdate=2023-06-27%2023:37:27%20Z&docid=rcna91341&headline=%E2%80%98We%E2%80%99re%20Coming%20For%20Your%20Children%E2%80%99%20chant%20at%20NYC%20Drag%20March%20elicits%20outrage%2C%20but%20activists%20say%20it%E2%80%99s%20taken%20out%20of%20context&pagename=nbcnews:AMP:post:re-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&shortsummary=Over%20the%20weekend%2C%20a%20short%20video%20circulated%20widely%20on%20social%20media%20of%20an%20unidentified%20person%20at%20a%20New%20York%20City%20march%20during%20Pride%20festivities%20saying%2C%20%E2%80%9CWe%E2%80%99re%20coming%20for%20your%20children.%E2%80%9D&.news&.c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.140.38.178 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ip-63-140-38-178.data.adobedc.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK /
srv.pixel.parsely.com/plogger/ 43 B
260 B 233ms
41ms Image
image/gif 34.231.207.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.pixel.parsely.com/plogger/?rand=1687969402979&idsite=nbcnews.com&url=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&urlref=&screen=1600x1200%7C1600x1200%7C24&title=%E2%80%98We%E2%80%99re%20Coming%20For%20Your%20Children%E2%80%99%20chant%20at%20NYC%20Drag%20March%20elicits%20outrage%2C%20but%20activists%20say%20it%E2%80%99s%20taken%20out%20of%20context&date=1687969402980&ampid=amp-jSubJ1geQOXJTrrBiJJQWQ&action=pageview&metadata={%22canonical_url%22:%22https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341%22}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.207.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-207-29.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:23 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 28-Jun-2023 16:23:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035083&cs_ucfr=&cs_amp_consent=not_required&cs_pv=7827&c12=amp-lqbnu99wL4a5huHWGSuInw&rn=0.822211315774128&c8=%E2%80%98We%E2%80%99re%20Coming%20For%20You...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035083&cs_ucfr=&cs_amp_consent=not_required&cs_pv=7827&c12=amp-lqbnu99wL4a5huHWGSuInw&rn=0.822211315774128&c8=%E2%80%98We%E2%80%99re%20Coming%20For%20Yo...

43 B
300 B

44ms
41ms

Image
image/gif

18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035083&cs_ucfr=&cs_amp_consent=not_required&cs_pv=7827&c12=amp-lqbnu99wL4a5huHWGSuInw&rn=0.822211315774128&c8=%E2%80%98We%E2%80%99re%20Coming%20For%20Your%20Children%E2%80%99%20chant%20at%20NYC%20Drag%20March%20elicits%20outrage%2C%20but%20activists%20say%20it%E2%80%99s%20taken%20out%20of%20context&c7=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&c9=&cs_c7amp=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&comscorekw=amp
Protocol: H2
Server: 18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-90.jfk50.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:23 GMT
via: 1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: O39MTn2PIs_Dyy-pByp_1GKRuIeWpXg32lNBMVSUVwMsqVprRMGlMg==

Redirect headers

date: Wed, 28 Jun 2023 16:23:23 GMT
via: 1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
location: /p2?c1=2&c2=6035083&cs_ucfr=&cs_amp_consent=not_required&cs_pv=7827&c12=amp-lqbnu99wL4a5huHWGSuInw&rn=0.822211315774128&c8=%E2%80%98We%E2%80%99re%20Coming%20For%20Your%20Children%E2%80%99%20chant%20at%20NYC%20Drag%20March%20elicits%20outrage%2C%20but%20activists%20say%20it%E2%80%99s%20taken%20out%20of%20context&c7=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&c9=&cs_c7amp=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&comscorekw=amp
content-length: 0
x-amz-cf-id: iDhY2lJbrn679dqxSZyOScycTObaZ3-wB9VX6LPCAzdglO1OgoxpJQ==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 1231ms
1156ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F2620%2Fnbcnews%2Fnbcout%2Famp&adk=643347294&sz=300x250%7C300x250%7C300x50&output=html&impl=ifr&ifi=1&msz=1600x-1&psz=1600x-1&fws=4&scp=amp%3Dtrue%26pos%3Dboxinline_bentoarticle_amp%26targeting%3Dnews%252Cusnews%252Cundefined%26hb_size_rubicon%3D300x250%26hb_cache_id%3Dd468703a-aee4-4197-972d-fb353384b9ca%26hb_cache_host_rubico%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443%26hb_pb%3D0.41%26hb_pb_rubicon%3D0.41%26hb_cache_id_rubicon%3Dd468703a-aee4-4197-972d-fb353384b9ca%26hb_cache_path%3D%252Fcache%26hb_size%3D300x250%26hb_cache_path_rubico%3D%252Fcache%26hb_bidder%3Drubicon%26hb_bidder_rubicon%3Drubicon%26hb_cache_host%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443&adf=3109333053&nhd=0&adx=650&ady=3362&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=463%2C297%2C459&ati=8%2C2%2C2&ard=mps.nbcuni.com%2Frequest%2Fpage%2Fjson%2Famp%2Caps%2Cprebidrubicon&is_amp=3&amp_v=2305252018001&d_imp=1&c=879007827&ga_cid=amp-lTQUeOAHimqc8XVW7FQl9A&ga_hid=7827&dt=1687969402495&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&loc=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&bdt=513&dtd=550&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00d25aa07f76ff0f5073084904ea375bbc3ed81c1229aceb16fc41b1e9da1fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13049
x-xss-protection: 0
google-lineitem-id: 6295160621
x-qqid: CK6Nq4Ww5v8CFczlswodME4J6w
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431898896
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 202 Pixel
pixels.mparticle.com/v1/65ea0b28a73c4c4abd08599774d30799/ 0
200 B 184ms
61ms Image
text/plain 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixels.mparticle.com/v1/65ea0b28a73c4c4abd08599774d30799/Pixel?dt=AppEvent&n=Page%20View&et=Navigation&amp_id=amp-HA4LxJLuiVT2q1SF-WUlYA&attrs_k=article%20id,author,headline,isAmp,page%20modified%20date,page%20name,page%20publish%20date,page%20section,page%20type,product%20name,short%20summary,sub%20topic,url&attrs_v=rcna91341,Tyler%20Kingkade,%25E2%2580%2598We%25E2%2580%2599re%2520Coming%2520For%2520Your%2520Children%25E2%2580%2599%2520chant%2520at%2520NYC%2520Drag%2520March%2520elicits%2520outrage%252C%2520but%2520activists%2520say%2520it%25E2%2580%2599s%2520taken%2520out%2520of%2520context,true,2023-06-28%2013%3A20%3A25%20Z,nbcnews%3AAMP%3Apost%3Are-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341,2023-06-27%2023%3A37%3A27%20Z,NBC%20OUT,article,web,Over%2520the%2520weekend%252C%2520a%2520short%2520video%2520circulated%2520widely%2520on%2520social%2520media%2520of%2520an%2520unidentified%2520person%2520at%2520a%2520New%2520York%2520City%2520march%2520during%2520Pride%2520festivities%2520saying%252C%2520%25E2%2580%259CWe%25E2%2580%2599re%2520coming%2520for%2520your%2520children.%25E2%2580%259D,NBC%20Out%20%26%20Proud,https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&ua_k=&ua_v=&ui_t=&ui_v=&flags_k=&flags_v=&ct=1687969403050&dbg=false&lc=&av=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Wed, 28 Jun 2023 16:23:23 GMT
via: 1.1 varnish
server: Kestrel
x-timer: S1687969403.195421,VS0,VE33
x-origin-name: 6PfmZ4AlPVVkUV2mzL7ZRt--F_us1_origin
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-nyc-kteb1890055-NYC

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 1406ms
1358ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F2620%2Fnbcnews%2Fnbcout%2Famp&adk=1099145535&sz=300x250%7C300x250%7C300x50&output=html&impl=ifr&ifi=2&msz=1600x-1&psz=1600x-1&fws=4&scp=amp%3Dtrue%26pos%3Dboxinline_bentoarticle_amp%26targeting%3Dnews%252Cusnews%252Cundefined%26hb_size_rubicon%3D300x250%26hb_cache_id%3Dba56775c-9ba9-4c2a-b7a9-27d3ac81759f%26hb_cache_host_rubico%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443%26hb_pb%3D0.43%26hb_pb_rubicon%3D0.43%26hb_cache_id_rubicon%3Dba56775c-9ba9-4c2a-b7a9-27d3ac81759f%26hb_cache_path%3D%252Fcache%26hb_size%3D300x250%26hb_cache_path_rubico%3D%252Fcache%26hb_bidder%3Drubicon%26hb_bidder_rubicon%3Drubicon%26hb_cache_host%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443&adf=1609070684&nhd=0&adx=650&ady=3876&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=461%2C306%2C523&ati=8%2C2%2C2&ard=mps.nbcuni.com%2Frequest%2Fpage%2Fjson%2Famp%2Caps%2Cprebidrubicon&is_amp=3&amp_v=2305252018001&d_imp=1&c=879007827&ga_cid=amp-lTQUeOAHimqc8XVW7FQl9A&ga_hid=7827&dt=1687969402495&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&loc=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&bdt=513&dtd=577&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a05fe2886d9376972b756947caf7358383300c71f126f2a4583bef5347fe19a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13043
x-xss-protection: 0
google-lineitem-id: 6295160627
x-qqid: CPL3qoWw5v8CFYPKswodeAsFvw
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431898896
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
14 KB 554ms
507ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F2620%2Fnbcnews%2Fnbcout%2Famp&adk=1689981980&sz=300x250%7C300x250%7C300x50&output=html&impl=ifr&ifi=3&msz=1600x-1&psz=1600x-1&fws=4&scp=amp%3Dtrue%26pos%3Dboxinline_bentoarticle_amp%26targeting%3Dnews%252Cusnews%252Cundefined%26hb_size_rubicon%3D300x250%26hb_cache_id%3D6c2c9e20-a72d-4143-89c4-a4fba6102f3f%26hb_cache_host_rubico%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443%26hb_pb%3D0.42%26hb_pb_rubicon%3D0.42%26hb_cache_id_rubicon%3D6c2c9e20-a72d-4143-89c4-a4fba6102f3f%26hb_cache_path%3D%252Fcache%26hb_size%3D300x250%26hb_cache_path_rubico%3D%252Fcache%26hb_bidder%3Drubicon%26hb_bidder_rubicon%3Drubicon%26hb_cache_host%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443&adf=2062698367&nhd=0&adx=650&ady=4366&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=533%2C445%2C457&ati=8%2C2%2C2&ard=mps.nbcuni.com%2Frequest%2Fpage%2Fjson%2Famp%2Caps%2Cprebidrubicon&is_amp=3&amp_v=2305252018001&d_imp=1&c=879007827&ga_cid=amp-lTQUeOAHimqc8XVW7FQl9A&ga_hid=7827&dt=1687969402495&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&loc=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&bdt=513&dtd=578&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89e7c9cb5faf5db96026ad7ae318dee7b6ecf65c601a0237b8d3bdce03593a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13029
x-xss-protection: 0
google-lineitem-id: 6295160624
x-qqid: CL3yqoWw5v8CFZH5swod31MJgg
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431898893
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 28 Jun 2023 16:23:23 GMT

GET
H2 200 ads
securepubads.g.doubleclick.net/gampad/ 0
0 1497ms
1454ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F2620%2Fnbcnews%2Fnbcout%2Famp&adk=4023218650&sz=300x250%7C300x250%7C300x50&output=html&impl=ifr&ifi=4&msz=1600x-1&psz=1600x-1&fws=4&scp=amp%3Dtrue%26pos%3Dboxinline_bentoarticle_amp%26targeting%3Dnews%252Cusnews%252Cundefined%26hb_size_rubicon%3D300x250%26hb_cache_id%3D2272f824-f744-40ef-8ace-40b3a5fde989%26hb_cache_host_rubico%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443%26hb_pb%3D0.38%26hb_pb_rubicon%3D0.38%26hb_cache_id_rubicon%3D2272f824-f744-40ef-8ace-40b3a5fde989%26hb_cache_path%3D%252Fcache%26hb_size%3D300x250%26hb_cache_path_rubico%3D%252Fcache%26hb_bidder%3Drubicon%26hb_bidder_rubicon%3Drubicon%26hb_cache_host%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443&adf=2194237113&nhd=0&adx=650&ady=1646&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=547%2C461%2C563&ati=8%2C2%2C2&ard=mps.nbcuni.com%2Frequest%2Fpage%2Fjson%2Famp%2Caps%2Cprebidrubicon&is_amp=3&amp_v=2305252018001&d_imp=1&c=879007827&ga_cid=amp-lTQUeOAHimqc8XVW7FQl9A&ga_hid=7827&dt=1687969402494&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&loc=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&bdt=512&dtd=582&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

amp-ff-empty-creative: true
date: Wed, 28 Jun 2023 16:23:24 GMT
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
x-qqid: CJy1q4Ww5v8CFVgQiAkdrMoJ7Q
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-empty-creative
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
16 KB 849ms
814ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F2620%2Fnbcnews%2Fnbcout%2Famp&adk=4201840505&sz=300x250%7C300x250%7C300x50&output=html&impl=ifr&ifi=5&msz=1600x-1&psz=1600x-1&fws=4&scp=amp%3Dtrue%26pos%3Dboxinline_bentoarticle_amp%26targeting%3Dnews%252Cusnews%252Cundefined%26hb_size_rubicon%3D300x250%26hb_cache_id%3Dae9a4c1e-4189-410f-8d03-3a0ed51d0cd3%26hb_cache_host_rubico%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443%26hb_pb%3D0.35%26hb_pb_rubicon%3D0.35%26hb_cache_id_rubicon%3Dae9a4c1e-4189-410f-8d03-3a0ed51d0cd3%26hb_cache_path%3D%252Fcache%26hb_size%3D300x250%26hb_cache_path_rubico%3D%252Fcache%26hb_bidder%3Drubicon%26hb_bidder_rubicon%3Drubicon%26hb_cache_host%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443&adf=971151130&nhd=0&adx=650&ady=2650&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=548%2C451%2C568&ati=8%2C2%2C2&ard=mps.nbcuni.com%2Frequest%2Fpage%2Fjson%2Famp%2Caps%2Cprebidrubicon&is_amp=3&amp_v=2305252018001&d_imp=1&c=879007827&ga_cid=amp-lTQUeOAHimqc8XVW7FQl9A&ga_hid=7827&dt=1687969402495&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&loc=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&bdt=513&dtd=587&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de437aee914ab9d1756acaa06d55bead60a11839cb50cb5cfcf6e2172cde90ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16240
x-xss-protection: 0
google-lineitem-id: 6334817002
x-qqid: CMXpqoWw5v8CFZfcswodAI0B6g
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138438027889
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 28 Jun 2023 16:23:23 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 1663ms
1659ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F2620%2Fnbcnews%2Fnbcout%2Famp&adk=774886040&sz=300x250%7C300x250%7C300x50&output=html&impl=ifr&ifi=6&msz=1600x-1&psz=1600x-1&fws=4&scp=amp%3Dtrue%26pos%3Dboxinline_bentoarticle_amp%26targeting%3Dnews%252Cusnews%252Cundefined%26hb_size_rubicon%3D300x250%26hb_cache_id%3D99cffc89-821b-4516-bc59-813dfc4642e2%26hb_cache_host_rubico%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443%26hb_pb%3D0.43%26hb_pb_rubicon%3D0.43%26hb_cache_id_rubicon%3D99cffc89-821b-4516-bc59-813dfc4642e2%26hb_cache_path%3D%252Fcache%26hb_size%3D300x250%26hb_cache_path_rubico%3D%252Fcache%26hb_bidder%3Drubicon%26hb_bidder_rubicon%3Drubicon%26hb_cache_host%3Dpg-prebid-server-aws-use1.rubiconproject.com%253A443&adf=1147602427&nhd=0&adx=650&ady=2088&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=545%2C310%2C711&ati=8%2C2%2C2&ard=mps.nbcuni.com%2Frequest%2Fpage%2Fjson%2Famp%2Caps%2Cprebidrubicon&is_amp=3&amp_v=2305252018001&d_imp=1&c=879007827&ga_cid=amp-lTQUeOAHimqc8XVW7FQl9A&ga_hid=7827&dt=1687969402495&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&loc=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&bdt=513&dtd=719&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1937c96fa2830c8283a2e05bb905ff5720ea65552577791cf1e5272e9c881d11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
google-lineitem-id: 6295160627
x-qqid: CMK9sYWw5v8CFSQSiAkdmIwE7w
amp-access-control-allow-source-origin: https://www.nbcnews.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431898899
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.nbcnews.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 200 container.html
d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 131ms
44ms Other
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 container.html Show response
d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 413D 6 KB
3 KB 55ms
49ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:24 GMT
expires: Thu, 27 Jun 2024 16:23:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/ Frame 413D 3 KB
2 KB 101ms
23ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230620/r20110914/client/window_focus_fy2021.js

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 13:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9026
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Jul 2023 13:52:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 413D 179 KB
57 KB 126ms
51ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 200 2167345409867815301
tpc.googlesyndication.com/simgad/ Frame 413D 94 KB
95 KB 101ms
26ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2167345409867815301

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f16a502ef7b322dc11da3c4b0dbfa9ff3cb7801c1b80e94c4094af9a194a9f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 04:00:04 GMT
x-content-type-options: nosniff
age: 217400
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96670
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 16:38:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Jun 2024 04:00:04 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame 413D 336 KB
114 KB 206ms
59ms Script
application/x-javascript 23.193.121.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.121.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-121-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58b691843c224b0fb4482efa5c50bffe06df252df7c85e3c040a3beb80aa3946

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:52:54 GMT
server: AmazonS3
x-amz-request-id: ARPQJZ45SHXVXBH1
etag: "558536c1bcdfd0228402644e03886534"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24897
accept-ranges: bytes
content-length: 116826
x-amz-id-2: widc96mS58isingTKvqBm4DF8Cfzpoza3+x3a2x5TA29MkyByc+7+m9GWOQcwCrX+kcIQqaCU3Y=

GET
H2 200 /
d.agkn.com/pixel/8633/ Frame 413D 43 B
612 B 192ms
35ms Image
image/gif 2600:9000:23cb:7200:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8633/?che=1726545561&col=3138547590,0,21823574394,6334817002,138438027889
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:7200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
via: 1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: BCPREFEGfQTHFne-lh5L8EVluRIcml5cQ0T6AMVM3dJciJbvZ-qCuA==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 413D 0
462 B 45ms
43ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMg0V8Lidy1qJKW-_zzyhAMWqkhsfPF-YT22WnD1KGmMFdz_AfHfhZ6oXgxcXq7_KKMFzWxrc2v-Yo_3FNkrk5615x3a_6bo812Q8-oMO36Z7NWTGQJm3QiFvhK7hgje7p135JRmD1ukCqqu5nQ3jERJGBX5J1CQfo96SHidb4OirjZlNQ3VpcdyVkm5Z5cR_zfjKNbJM5eT4CMTyZ06eTtjSWaPbWmdVpT4UbFl0aYmTEOEXHpyoaoopEVziYNYe7eg0Fb72r6w3nfdMl12MnfNuetGLDsqHf5XRY7ccQojBMe4uWPR9F5D1T2-x8hXbOXytEfA&sai=AMfl-YSSE94_5SEnsTJpTbrE6A3AKM1Eaj9e8bqVfSNURfOBzTRylz-EFTGtvVw_g2xn0jo9WfBzsILz-0X0JzI&sig=Cg0ArKJSzFuSfpnJL-EYEAE&uach_m=[UACH]&adurl=

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
DATA 200
OK truncated
/ Frame 413D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcb5397cfd68a54fdcb6460acf73f830f5d4715be88af81e072966f605e5810b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 413D 0
0 99ms
43ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqWc2zuLN9oJxQFDXF3IlT_W852Ii9uULSXEmgtDqoBR0S5ygKj8SaEhNz3THx0K4Eo2Z9en2Tbphc4-l1mM9hpjUG0RHSlg5L5T0zA0ipgDUxV-oJGY9HdLZeiNqg9fn_qhBPP4ESLafN90hbMt69TgaX203dLnLJxxXiSLTigpoYeETqq4I_ApqOcpqzz46ZSHNhf3L2Bo_NjVfyj1rdeyj69uzs8qShbkhjjlhdg3HRmV7jFMzHUlMpy18HDSJGm3dIxLql22-ZQY2Jexl7qRfKKtycGcC6DtNuSCvdz1KvD368KpvmOK7IBtiq7EoZiFQyat07&sai=AMfl-YRPfPYCdmDc048f0cEwPdM72NYgf5svC_TWS2Uah0QAguLdhO_LTxmM006-wMrK0SMV4MCJCNf7ZbWrW4I&sig=Cg0ArKJSzA1khdfsTiIKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H3 200 container.html Show response
d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CE6 6 KB
3 KB 31ms
30ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:24 GMT
expires: Thu, 27 Jun 2024 16:23:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 creative.js Show response
ads.rubiconproject.com/prebid/ Frame 3CE6 26 KB
9 KB 166ms
32ms Script
text/javascript 104.77.247.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/creative.js
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-247-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8d38fb578a4b1341da1fca57edf617e5a17409068aa07084400f9229561a753a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 19:36:38 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 8941
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CE6 179 KB
56 KB 64ms
58ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame 3CE6 336 KB
114 KB 55ms
50ms Script
application/x-javascript 23.193.121.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.121.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-121-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58b691843c224b0fb4482efa5c50bffe06df252df7c85e3c040a3beb80aa3946

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:52:54 GMT
server: AmazonS3
x-amz-request-id: ARPQJZ45SHXVXBH1
etag: "558536c1bcdfd0228402644e03886534"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24897
accept-ranges: bytes
content-length: 116826
x-amz-id-2: widc96mS58isingTKvqBm4DF8Cfzpoza3+x3a2x5TA29MkyByc+7+m9GWOQcwCrX+kcIQqaCU3Y=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CE6 0
26 B 46ms
43ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssC0KVSMePaVkevnUljR6_locpbS2BAT10G0JrZxEzlsVHhQfs2B7WwVxiMskWkLG3P-q1k3N8GRGvE-0QBxg9X3cthewTqkN6meVUHU7uQzWWMlTPyqZimtTtu7EgT0EKXbpCGrxUeXopGp7PrPWfT0rnHa8Y3MLW8qS2ys7CUcm0JchavzbxwbEGLd8u5fu1AT4XkZ8E0VLpT_Qxh5QJZ5Zdv7iWITtVkJaG1Cz_5nhByZom_ubrWEWZgYB4Bm6qRjLC3ZsGOJTyNUYWC1O0eGzxGi5EzcGNR3itmOXv_hqsI219EXYqSgSM9j_rUBiAFgY-aS5vq9g&sai=AMfl-YS7pjtKfU_Cgp3HPyfgGsUK7tyf8Wm4TZfUOvKRMlQkh6g33J8l9XA0Vc8Akblg4-cEHodVMCy9DV6Zkmo&sig=Cg0ArKJSzOhJncN2CBXAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 413D 68 B
241 B 164ms
43ms Script
text/html 52.204.143.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=1983952271&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MDg1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-KvYj1TPl77BJmR4uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-%2BvQzXjcST%2BDrDg%3D%3D&sc=1&os=1-1g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=NBCUV2&hp=1&ra=1&pxm=5&sgs=3&vb=-1&cm=19&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nbcnews.com&lp=https%3A%2F%2Fwww.nbcnews.com&t=1687969404425&de=706841259084&m=0&ar=43a6e6e8aee-clean&iw=24ddb4a&q=2&cb=0&ym=0&cu=1687969404425&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=35890458%3A3138547590%3A6334817002%3A138438027889&zGSRC=1&zMoatPS=boxinline_bentoarticle_amp&zMoatST=-&zMoatDomain=nbcnews.com&zMoatSubdomain=nbcnews.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatMData=-&zMoatTag=-&zMoatSZ=300x250&zMoatCURL=nbcnews.com&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcnews.com%2F&id=0&ii=3&bo=57191058&bd=21823574394&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=21823574394&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=0%3A119%3A119%3A0%3A0&tz=boxinline_bentoarticle_amp&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=204326&na=1049928165&cs=0&ord=1687969404425&jv=1408227423&callback=DOMlessLLDcallback_85742384
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.143.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-143-235.compute-1.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 3eeaae821811d4b3082b5f9d4d02327f510ee4e43503eb0b8df32c163eae422d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "ba281e3443fddaca1733abedb5404eacf14ef1b1"
content-length: 68
content-type: text/html; charset=UTF-8

GET
H2 200 cache Show response
pg-prebid-server-aws-use1.rubiconproject.com/ Frame 3CE6 7 KB
3 KB 209ms
45ms XHR
application/json 3.221.217.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pg-prebid-server-aws-use1.rubiconproject.com/cache?uuid=d468703a-aee4-4197-972d-fb353384b9ca
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.217.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-217-222.compute-1.amazonaws.com
Software: /
Resource Hash: eedf4450da7b2b6e9e6566cb76bd6a6ca64679060146ce7387b7f34818cad2cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 3234

GET
DATA 200
OK truncated
/ Frame 3CE6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97df80b1954f5e66f5c118702c69673b78abd17f52941d5a910607532c26ff90

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 3CE6 70 B
242 B 50ms
49ms Script
text/html 52.204.143.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=1983952271&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MDg1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-V4106LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-zY02nnduOmx%2BSA%3D%3D&sc=1&os=1-2g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=NBCUV2&hp=1&ra=1&pxm=5&sgs=3&vb=-1&cm=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nbcnews.com&lp=https%3A%2F%2Fwww.nbcnews.com&t=1687969404654&de=5680043304&m=0&ar=43a6e6e8aee-clean&iw=24ddb4a&q=2&cb=0&ym=0&cu=1687969404654&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=5177264069%3A3198638129%3A6295160621%3A138431898896&zGSRC=1&zMoatPS=boxinline_bentoarticle_amp&zMoatST=-&zMoatDomain=nbcnews.com&zMoatSubdomain=nbcnews.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatMData=-&zMoatTag=-&zMoatSZ=300x250&zMoatCURL=nbcnews.com&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcnews.com%2F&id=0&ii=3&bo=57191058&bd=21823574394&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=21823574394&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&tz=boxinline_bentoarticle_amp&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=204326&na=1427374519&cs=0&ord=1687969404654&jv=1481774445&callback=DOMlessLLDcallback_78153362
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.143.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-143-235.compute-1.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: e6548e4dd6e1a59d2062aa9decbe7152fe44ac445105c4a8e016a3663d6ab44b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "05161ad02454d0520430963fcd24058062d5cd08"
content-length: 70
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 413D 43 B
251 B 194ms
52ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=101&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=35890458&L2id=3138547590&L3id=6334817002&L4id=138438027889&S1id=57191058&S2id=21823574394&ord=1687969404425&r=706841259084&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 413D 43 B
251 B 193ms
51ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=277&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=35890458&L2id=3138547590&L3id=6334817002&L4id=138438027889&S1id=57191058&S2id=21823574394&ord=1687969404425&r=706841259084&t=hdn&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3CE6 0
0 42ms
41ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG2WsUrp6WE7VLdbiCnsImfI1yAeKpnzqDybjCLnQlFcqVQDZBBoL6tuKDdNfOaKB0KgZzyO2MNjtTJwCr86d8ODE2B2IRR7rq-Q1nh4hihq4VZ8V8Z8lPzC_1LMoQmW__GO6Hg65EtVPLwOEFVYmm_OIYNx2e-CNkJcvAYNEFQLLLeK4h_gFvGRw27jkXsr6lxXy5r1dCys0EquvwgFL8gAEDxsOAzVkYEV6idShH09q0URMyQXIPhV0t0lMViWyziMAJusADk6O5LltmauJwTdU8--ZLMybnB_Fa0yryqTmuBGSP44eXxtLAN6NpuIrY_fg3cVFm0_jV&sai=AMfl-YR2RTSZu0TZWeHrpz43oe4RoVMntEckEjR3uCwuBVOqQgPR6GIromY8nM_PUe1cKnp5ftrnSgxVjg5HRXs&sig=Cg0ArKJSzJ6xLfr_Ii6IEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 5025 155 KB
51 KB 199ms
127ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=EB7F2C09E0DD3875&u=%7C2uIPFsOlszpFc4H0plTXkdcC8MH0fQilX1ELHJn709A%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6LjxFwO6I_AuZ5eoyomZf5q8-f27TvXh85i1Ub2p7pH5GsEM56cJ3HDa7kgkOY5IrYW0Aa80dcHVfyzgJs1ehvCDlPKM8ZrD39nY3qtRC-MfqJWGvKHgcwqr3wWggGYFmDQqxeDYu4R46vq5jp_p-tIV5OO3jsFnAMByqeN55j73qvwUJCrvJS1yuROZaHh5Djh7_LOTRDOLAlmcYDCkCnNYa7FwGKZ-8JxiP-pwiDQa3_eQG-QdGNMVqCYwEGMML_HFIPTL04L2-nCWYEPnEX4taQBCYDerU0GnTZsGvHFmjf4xR3APdwTWNvlGjhXqhNtl1uts98A7eIbBpqUzAl3xZvJwJve6fcatwV3ydJ1RKym7UvUE-rVTSf68Ib9qIrNf_UvVtzvd9_LnR4C-7KDRqaCEJZkQYAXEmLsy_oR8XCSJZUTNWaDyocTguQMVrXa5jR56FTVJAJjm1Ct3ardhnZD3TPtdF0fwvQ1KEFgFNK9LQpwVYyeoPRTyNt4rh_zudFDvuMI4eckgJiqQXG6Vu7JAEqV8TO-bY5JNR-CCqJrYNHmNJrqB1Zq2l4FRtSXA

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b07658d87571d9b3e5dbc3437c5991a9a37fd3e367b7d7a0ae456a89314360a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=oDiEZXnjXWD1fVYeYnc_fnPsPu2pTXYPIAfqkOg9fDV6ByBprZ7VgmpOsfdM2saEr1Hvvb-v60RRTWNLzYBo54-5kyUcvkyhX3Y_DyGoCg5PnL4ABHvRFL2QuPtpQQpRRP55LvH8MxJdv70MGAktX9ho8vHizdoE-Ou4YN3HAMPe9QV8vKoQcnq6e--OvUL-t5x4B5-4_RwR_Chj0tH-EE2wLpO-ffb2nLAwO0majEM9w2TDiVfCSDs8MNXsBdWUiP4izQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 87265612
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK analytics.js Show response
s.update.rubiconproject.com/2/873648/ Frame 3CE6 6 KB
3 KB 182ms
37ms Script
text/javascript 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.rubiconproject.com/2/873648/analytics.js?ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&di=www.nbcnews.com&ap=&ui=LJFXEETE-4-KK22&pp=24610&pv=405d5349-e004-48a7-b641-447cc095eaa6&gt=us&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-152-154.compute-1.amazonaws.com

Software

Resource Hash

7e1daeefe90896459f6dbb3610ebe95889a0f91a0376dbb7bfc6fba2ab6f7db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2874
Expires: 0

GET
H2 200 event
prebid-server.rubiconproject.com/ Frame 3CE6 86 B
240 B 55ms
40ms Image
image/png 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-server.rubiconproject.com/event?t=win&b=7887bb25-8497-4d95-957d-7e5e0edd35ee&a=24610&aid=c28ff599-669d-46b6-a7e4-3bb87c30673c&ts=1687969402888&bidder=rubicon&f=i&int=dmpbs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 98
expires: 0

GET
H2 200 882e14bb-4537-49f3-a4da-58a9182c2509
beacon-iad3.rubiconproject.com/beacon/d/ Frame 3CE6 43 B
227 B 221ms
34ms Image
image/avif 2602:803:c002:300::76
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-iad3.rubiconproject.com/beacon/d/882e14bb-4537-49f3-a4da-58a9182c2509?oo=0&accountId=24610&siteId=471204&zoneId=2792694&sizeId=15&e=6A1E40E384DA563B20D888B4B0E3EBCA6132BF6EA8358E0552BC1DB7544DD33B7C960940B84C4A1B343238E5958AEFCD635586F96340D433846919A5BA377AB34C133A1672A5358182770F42FBA74DABAE544D7CC2D0A36E763EF405F9CC82F43170DB0EFD1133B11F83B9429F813565C2048055566B4DB82528D770BE9CEFD55236A653F4712C8D5BED9E6C1120A7256AD8F842939E136EA9701449CC743BF23A3C4BDB729F209722AE8BA0CFF896C9016E3DA91955A4BF3AACD9736902D7D5C9BB177357CF799FFDBEC34A07D0B5FF8C885F32A9E1BAD703CB166C1A0C9A163844921B8D2FB42740FAF0BFBB0D7E4E408B83A5A6E7AFF8845C969362535F21A786D037A14E8749A8DA7118BE98144FF0FE017C2B4FF9ED780FC9889F7308EB23A5D3232C526ECF355A9F9DF0E544779ECD9DE7D4DD381AD29E83D5AD324F2004AF66D4B12E2A6B7EB29AA1F2B94E67B34BB121881BBE3227B99BE6975A704F9B03B206017359E6222A97C53EBCF70F4DA78FFA7E2B73DEF165B031FFE863D29327609943F6378893630CEBF0625C672A7AA112313CE2AE4A152E7FD247A5EE550745C8BD67AA6C384B4578FAEA65CF326EE9E1CA21E7A3C1541A03DD85E6950C2852BB6540A2A16D451B134F728BC20C052588C4A515FC7B784AC6D6867D5E79D7E9ACC5C1827CCE5DBC97674724857C926BCC0DDA0D85A9661A6B9DF7263C0F26D38B88BE7E1588DB539F862F8EF5BBBC56EECC5AA1054E89C7C93799CF19056EE4AA78182C98C48009A563164E775D4636F782F3589E1CBAA53179CC868BE6CF8E510DD561B439B24F9BDFEF76E1414235F6D2046C7AC377020058B83DEF0C0ADBD3456D13103FA8E8DD6A339B5B8E501A8CEB1EF3F289DDE075F82A56A0DF360CE5163FCFEDBEFB93F34BC90E0E6BE0B3BC39E114FB54C14337CFBA9E56B7CD5BE954839E0F67A41280EBB7C3D97847D941B32B4A78ABAC8A2D1AE21888E44A81674BE69F4F7CFF0A2C55D59E6C88CA42577C40D1FE645BE6AF7BD1143C6A8739A1F9931977C2188AF3191DB91EA6DF05EE37021D542B3E8A430234E870E583B070087D66347411C1CF9D5C76CCD706BE4ACF0B3F182411FA5FF01446BF7ECE6E4CA4D8C697B765DBB4E74AD6CCFB640F362E67D4C92AB339869CF7864405D635B6C3A919952C47BBAAFD9C8E514B40C7F0E8BD630A9CB89753622D85C3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c002:300::76 , United States, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame 3CE6 0
631 B 161ms
36ms Image
text/plain 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=LJFXEETE-4-KK22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b3266a43228eaeab48f59934ee9159da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 container.html Show response
d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 12D2 6 KB
3 KB 27ms
26ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:24 GMT
expires: Thu, 27 Jun 2024 16:23:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 413D 43 B
251 B 52ms
51ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=479&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=35890458&L2id=3138547590&L3id=6334817002&L4id=138438027889&S1id=57191058&S2id=21823574394&ord=1687969404425&r=706841259084&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=3&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 204 event.gif
beacon.krxd.net/ Frame 413D 0
338 B 123ms
38ms Image
text/plain 54.157.17.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.17.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-17-18.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n038-ash-prod.krxd.net
date: Wed, 28 Jun 2023 16:23:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=61 t=1687969405
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 creative.js Show response
ads.rubiconproject.com/prebid/ Frame 12D2 26 KB
9 KB 34ms
31ms Script
text/javascript 104.77.247.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/creative.js
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-247-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8d38fb578a4b1341da1fca57edf617e5a17409068aa07084400f9229561a753a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 19:36:38 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 8941
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12D2 179 KB
56 KB 61ms
59ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 16:23:24 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame 12D2 336 KB
114 KB 57ms
55ms Script
application/x-javascript 23.193.121.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.121.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-121-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58b691843c224b0fb4482efa5c50bffe06df252df7c85e3c040a3beb80aa3946

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:52:54 GMT
server: AmazonS3
x-amz-request-id: ARPQJZ45SHXVXBH1
etag: "558536c1bcdfd0228402644e03886534"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24897
accept-ranges: bytes
content-length: 116826
x-amz-id-2: widc96mS58isingTKvqBm4DF8Cfzpoza3+x3a2x5TA29MkyByc+7+m9GWOQcwCrX+kcIQqaCU3Y=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 12D2 0
26 B 44ms
42ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxc-J0LJor8VZm5tTC0Qj7OVdJ6BI9PCbx3g_Dmzxd_BQocpMdNQCRT_o5YxoQRBTz9WMjOvv2cc-pgpwcACJWa2BswWz525iHNOab4YOqwR7QHrQNRBgL3eq1gEBB92m3v3nMoCcfKo58PnheOUbA1_ck7_lXNgilvfHaLGchBZu-N7I-EU6TKZxfsggvhtFLVqtIOgK_ScrtFMZYwqoFU9j4SRyv4d4TBoX0I53kXsc0up4kvFuLPOBpqUN67zVTTKtjZHUVVskDER4ayCPFWJYOrIM-A96vmZXM4TuIVtmEYKWr1B5p_Bv_T_A9C7hH74FfSRkX9Q&sai=AMfl-YTYzXjEsoJC-Wu_KUzErYWPMXqIXymHlXV7kaQnlZVI2sLMzniWPkv0__hXmcHr3W_d2Sf9RLfunNjnvYI&sig=Cg0ArKJSzHfh_Zw7CYH2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 cache Show response
pg-prebid-server-aws-use1.rubiconproject.com/ Frame 12D2 5 KB
3 KB 41ms
40ms XHR
application/json 3.221.217.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pg-prebid-server-aws-use1.rubiconproject.com/cache?uuid=99cffc89-821b-4516-bc59-813dfc4642e2
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.217.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-217-222.compute-1.amazonaws.com
Software: /
Resource Hash: 6fa02a11b4699fc722dc629fc4d4e4549a9979150a6a19d21c22a950bdac7d6e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 2873

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 160ms
41ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?oz_pl=1&gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&psv=2.96.0&_x=1
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&di=www.nbcnews.com&ap=&ui=LJFXEETE-4-KK22&pp=24610&pv=405d5349-e004-48a7-b641-447cc095eaa6&gt=us&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.rubiconproject.com/2/2.96.0/ Frame 3CE6 176 KB
53 KB 37ms
37ms Script
text/javascript 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.rubiconproject.com/2/2.96.0/main.js

Requested by

Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&di=www.nbcnews.com&ap=&ui=LJFXEETE-4-KK22&pp=24610&pv=405d5349-e004-48a7-b641-447cc095eaa6&gt=us&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-230-152-154.compute-1.amazonaws.com

Software

Resource Hash

2ece6bd89b2087c1b8fd2a9cafddcef7af5671be5992f0cd99525f7ce3a326f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54224
Expires: Sat, 06 Mar 2055 17:05:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame AC31 281 B
554 B 105ms
31ms Document
text/html 104.66.236.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.66.236.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-66-236-17.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 16:23:25 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame CC49 149 KB
50 KB 110ms
105ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

69d218fe472e2ce205188dd69fbdb32436ebb6ae9a38d6ef8d60332c1b34e31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:25 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=UbOnwXnjXWD1fVYeMx1wrsgL68j6ioRJlSVJaoxS4eERgA_106DTDrb8oi0cwHalsKTfHrMIK76BKEEpdu7-ZoZuNoGJSkd5RzIgPM25daZA_tJvToY_I-oo2UpKW0sTu61r4-1IXDWiYwNkv7pjedX-c7NfiLlwrqyISgjInxI5nJujPP1ULB3ITftUbhrdkyq4fMtlVTWs4lwXFxNtluwp4jsJA0re-H8qL8zRXlyCd5so4q1kBup5cYJ10YE4cazVEQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 65685873
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 371F 281 B
554 B 93ms
33ms Document
text/html 104.66.236.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.66.236.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-66-236-17.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 16:23:25 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 event
prebid-server.rubiconproject.com/ Frame 12D2 86 B
240 B 42ms
37ms Image
image/png 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-server.rubiconproject.com/event?t=win&b=d4462a53-3891-4a54-8a8c-c545d837e706&a=24610&aid=213e71a7-abd6-4bcd-8ed3-185c22be4847&ts=1687969403188&bidder=rubicon&f=i&int=dmpbs
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 98
expires: 0

GET
H2 200 dbd2b05f-dc32-4fb9-a195-91c5456fb351
beacon-iad3.rubiconproject.com/beacon/d/ Frame 12D2 43 B
75 B 37ms
33ms Image
image/avif 2602:803:c002:300::76
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-iad3.rubiconproject.com/beacon/d/dbd2b05f-dc32-4fb9-a195-91c5456fb351?oo=0&accountId=24610&siteId=471204&zoneId=2792694&sizeId=15&e=6A1E40E384DA563B6FE38192EA4AF27CE9AD89D5C1C2DD4C994AD5D32B3AF9EFDA3EB46876EB895AAC61BF41AA1E0316DEEE952833CFB81CA84DE68D9D8AF8094C133A1672A5358182770F42FBA74DABAE544D7CC2D0A36E377EFB1802906D46A73860945A23C352AE98D2007335A239C46211F1B5FCE1DFAA7B716A8A414BBB75A5B083D8AC4246D0745FA71F05B2575AA13AD28044F549B2464EA2AB524F368832AE3B5D31910E16ACF14D65996D8BA3D229001A311956473F5976FBE2FCFF8081E5FEB7E539AC982F0C56613C9745924CD9CD32B2F9ED2A9D8164FCFE575AA63B8C60FEB9794D8120AE37D712200187F444F661B8EAEE1A008FF7EED308DF539E710F7F746123F923798413A50D3FC2F77C768762DE83B5454595FABF42B5A1C63AA89BE849015C8133BEFA45A859B8D8AEE80365CCE5E66B4B5BF17CE431DADE526B0C2A4EA44A6BB5759A8D47EACE82DDF1CED2DCCDC60D658A4DA03FEBF26952C1EC81E308A22E674E07183DFCAAF50D8D20C1ADE5A8AF3E67537DE109739972DA3D55238EE0BF8C82CA3A213E8F1717B7ACC2DA980959AADFABB3D97650A87F9EC41D0994B0FCA8D812B4A2F79D8FA152D77B06DD962C6C7F27E5FB852621F5C4F0ED8E5420E64792DD50750EF95F7EAFA5A9FE3FBA49E3BEFAAA1CC9857060057F35B16661417CDBE1747B3429F11521C7057292EF2D8202DD5755F6F1D35C66DB7992779C2DC8F7656441FD0F32C98A068B0A61B7EF5F3C6C47B5129B8C5AC50FF187F645CF5BB1F9CB3AD1C656D9B64DAE272DE45B51FB542B4E2C7E525DBFEF8E6026F7A2317CC3283F75EBEFA3F62F60CBC5BBA9A6753CA9AE93E62E5D836AF3D30B043B73BFB07B028F2943A32544993F56C3A1D15D9A3530979AD6FAD37208E4AC9CBA1C36B8DB8CCF37FD339DFED3421C5FD84490F8EBE78AF57A8CE28EC3797B4D7D726F38952C8E79AB727AFECD82A60759AD96BFE8797777C0C1BF38A41C2699061F39F612416594A28BF199B21336C4A6135ED0A4A1608438287614F2A99EBC0B7CE67EC58625EB610FC994377EBA58BC44B1B52457D610CD1B80D6C184BB786CD25F4B67C881D706BE4ACF0B3F18F8CA850563E3AC3A98581EBE11CCE58BDADF2BDE9599B8DB0C35A128C0548041ADA991D8B54F7590225D59952066605757BDC564BDB4D28FD5066459CB7A4AC2173DEEDF607C354DE82A954C1004678A

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c002:300::76 , United States, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame 12D2 0
480 B 39ms
35ms Image
text/plain 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=LJFXEEXW-1I-HNV6
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b3266a43228eaeab48f59934ee9159da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5025 2 KB
1 KB 110ms
39ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=EB7F2C09E0DD3875&u=%7C2uIPFsOlszpFc4H0plTXkdcC8MH0fQilX1ELHJn709A%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6LjxFwO6I_AuZ5eoyomZf5q8-f27TvXh85i1Ub2p7pH5GsEM56cJ3HDa7kgkOY5IrYW0Aa80dcHVfyzgJs1ehvCDlPKM8ZrD39nY3qtRC-MfqJWGvKHgcwqr3wWggGYFmDQqxeDYu4R46vq5jp_p-tIV5OO3jsFnAMByqeN55j73qvwUJCrvJS1yuROZaHh5Djh7_LOTRDOLAlmcYDCkCnNYa7FwGKZ-8JxiP-pwiDQa3_eQG-QdGNMVqCYwEGMML_HFIPTL04L2-nCWYEPnEX4taQBCYDerU0GnTZsGvHFmjf4xR3APdwTWNvlGjhXqhNtl1uts98A7eIbBpqUzAl3xZvJwJve6fcatwV3ydJ1RKym7UvUE-rVTSf68Ib9qIrNf_UvVtzvd9_LnR4C-7KDRqaCEJZkQYAXEmLsy_oR8XCSJZUTNWaDyocTguQMVrXa5jR56FTVJAJjm1Ct3ardhnZD3TPtdF0fwvQ1KEFgFNK9LQpwVYyeoPRTyNt4rh_zudFDvuMI4eckgJiqQXG6Vu7JAEqV8TO-bY5JNR-CCqJrYNHmNJrqB1Zq2l4FRtSXA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 5025 2 KB
1 KB 102ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5025 308 B
636 B 39ms
35ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5025 293 B
621 B 35ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 5025 43 B
348 B 101ms
32ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=avH1kTQkZyt5i9fGuIGw04xtzHxp_xwkcVwh5E_lA4GXJOgnIfIWNDExrx2Wl3LQh6MqZpNRxJkEqZ6XqmX9hvttm4WHn-nUVAcwD_KwosSdW0d_vHX1bZGeF24b0ntktu69NzTqmaAHAs8DuhM1gXRpX_n3NL8AchkWT9xnpS0seePkQpKC-8DD8hm_4C9chiWlRSEtriARbQCmgmAseW775RMJzcKRB7q53VWeWMddNzaUUhZM0TrCCTWXrbkMFSqb88zW7JfLYhSy9n4ZCSWoaf_EJOtD7wbHkEe6CuZz_EX-J6tmJe2PKSnvzprYuw_3MUhUDM_e8mWyOSAuubT7hgn4BOe4V-AeJ8BY30_LhBy2JOTkxm6z7JjI2ifxWuRRvO58ermZGm-MGZ9UrBJCiBmV3ajZoF3lXUa_W2ceAdugiju-O_VxYe-MIkG8qsNz-A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2240655
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame 5025 43 B
611 B 37ms
34ms Image
image/gif 2600:9000:23cb:7200:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=649c5e7c7d316ef9ea85409072d9d1ab&col=262917,0,0,0,10967427,649c5e7c7d316ef9ea85409072d9d1ab
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=EB7F2C09E0DD3875&u=%7C2uIPFsOlszpFc4H0plTXkdcC8MH0fQilX1ELHJn709A%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6LjxFwO6I_AuZ5eoyomZf5q8-f27TvXh85i1Ub2p7pH5GsEM56cJ3HDa7kgkOY5IrYW0Aa80dcHVfyzgJs1ehvCDlPKM8ZrD39nY3qtRC-MfqJWGvKHgcwqr3wWggGYFmDQqxeDYu4R46vq5jp_p-tIV5OO3jsFnAMByqeN55j73qvwUJCrvJS1yuROZaHh5Djh7_LOTRDOLAlmcYDCkCnNYa7FwGKZ-8JxiP-pwiDQa3_eQG-QdGNMVqCYwEGMML_HFIPTL04L2-nCWYEPnEX4taQBCYDerU0GnTZsGvHFmjf4xR3APdwTWNvlGjhXqhNtl1uts98A7eIbBpqUzAl3xZvJwJve6fcatwV3ydJ1RKym7UvUE-rVTSf68Ib9qIrNf_UvVtzvd9_LnR4C-7KDRqaCEJZkQYAXEmLsy_oR8XCSJZUTNWaDyocTguQMVrXa5jR56FTVJAJjm1Ct3ardhnZD3TPtdF0fwvQ1KEFgFNK9LQpwVYyeoPRTyNt4rh_zudFDvuMI4eckgJiqQXG6Vu7JAEqV8TO-bY5JNR-CCqJrYNHmNJrqB1Zq2l4FRtSXA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:7200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
via: 1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: Y3Ky2Lfz52Xnxn0RJfOK5YN5PaXi614le5Nw0EuHcYXcpZHMTKWlXw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 12D2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4ccd6f6f5db788fd75d5abd9c6252c741e542d6668a1064f9556dbae435047c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 12D2 68 B
240 B 47ms
46ms Script
text/html 52.204.143.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=1983952271&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MDg1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-R2Yyp4lKfRkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-1fYb5sLyVy50og%3D%3D&sc=1&os=1-kA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=NBCUV2&hp=1&ra=1&pxm=5&sgs=3&vb=-1&cm=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nbcnews.com&lp=https%3A%2F%2Fwww.nbcnews.com&t=1687969405095&de=630861711718&m=0&ar=43a6e6e8aee-clean&iw=24ddb4a&q=2&cb=0&ym=0&cu=1687969405095&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=5177264069%3A3198638129%3A6295160627%3A138431898899&zGSRC=1&zMoatPS=boxinline_bentoarticle_amp&zMoatST=-&zMoatDomain=nbcnews.com&zMoatSubdomain=nbcnews.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatMData=-&zMoatTag=-&zMoatSZ=300x250&zMoatCURL=nbcnews.com&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcnews.com%2F&id=0&ii=3&bo=57191058&bd=21823574394&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=21823574394&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&tz=boxinline_bentoarticle_amp&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=204326&na=419325417&cs=0&ord=1687969405095&jv=302150984&callback=DOMlessLLDcallback_9458575
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.143.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-143-235.compute-1.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 3f388d2df3884c1215d973564861c4a41befdb92b325d85abe59825391ebcd13

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "c7161e5693a875487bc87c828e7646bc82083c60"
content-length: 68
content-type: text/html; charset=UTF-8

GET
H2 200 dis.aspx Show response
widget.va.us.criteo.com/dis/ Frame 0F7A 28 B
472 B 157ms
32ms Document
text/html 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e7c7d316ef9ea85409072d9d1ab&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Wed, 28 Jun 2023 16:23:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1801729
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5025 12 KB
5 KB 108ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5175698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZ5JHIGkt5z7tJpwNokZcrCquw%2FSdbd3%2BVaQGo5tp9GctdH2Tb1gccvfxzBT0TuVXtH20tMCaoari2UgXShbBbeb7PO7kfPHQDsDOPKk%2FlpFEHHOSpANahPrUboya40kuGKudrw62udi%2BnacDui76WmL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7de7462eead5d153-BUF
expires: Mon, 17 Jun 2024 16:23:25 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AC31 34 KB
10 KB 30ms
30ms Script
text/html 104.66.236.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.66.236.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-66-236-17.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jun 2023 11:16:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68006
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 29 Jun 2023 11:16:51 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 371F 34 KB
10 KB 37ms
29ms Script
text/html 104.66.236.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.66.236.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-66-236-17.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jun 2023 11:16:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68006
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 29 Jun 2023 11:16:51 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CC49 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame CC49 2 KB
1 KB 43ms
42ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CC49 308 B
636 B 41ms
39ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CC49 293 B
621 B 34ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame CC49 43 B
347 B 36ms
35ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=QZsflTQkZyt5i9fGuIGw04xtzHzHhOpICQkrMz-56QINmHVls6Cpbf6rEKLmmVgJNsLlvMfkbyOZw9ItG0Gff8qT1kyOR9E6cgcpHIzEyhiG-0jMz15GjRgX5ufHoLS7MIC7Z2eQFcgNCQvpuLne4iKGB2J-OdZkPQJDH6TI7ugIyDDOF0VCOtZIbTZazTT0tt8ol3xLTz4HR-0Izgp6u2bSPdYOVgeRIfeLvf51rAtg1y2_wP8hqf0S9BZ7gZ7Cch4t7Fm4bxt1glWkPl2x3tjJB734DwX9PYi1Ki_-Em9_MTe16yApBD-jOL18tWbS2EWDE19MCZG56MStwFdQBxtRsEFOg7408opnWNod8K3TirBKWA8-JKZQzNMcqkXgbODWlmqZvIdVDC2OtIjNq2HALJs76B5J13355rui01_WMWda2Sk3Fd--GGIs5wFtAKiWMQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2803493
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame CC49 43 B
611 B 37ms
36ms Image
image/gif 2600:9000:23cb:7200:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=649c5e7ccc286cd81fc77048bdb4deac&col=262917,0,0,0,10967427,649c5e7ccc286cd81fc77048bdb4deac
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:7200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
via: 1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: EbG22GYCVAIeHjqB1HRbRixrQgyUudgAcO-CRS16mCmMF2i8CTpcfA==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff
static.criteo.net/design/dt/ Frame 5025 25 KB
26 KB 119ms
55ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 05 Feb 2021 21:58:27 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"601dbf83-65e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5025 12 KB
6 KB 44ms
43ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 3CE6 43 B
251 B 51ms
50ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=104&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160621&L4id=138431898896&S1id=57191058&S2id=21823574394&ord=1687969404654&r=5680043304&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:25 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 3CE6 43 B
251 B 52ms
51ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=104&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160621&L4id=138431898896&S1id=57191058&S2id=21823574394&ord=1687969404654&r=5680043304&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:25 GMT

GET
H2 204 event.gif
beacon.krxd.net/ Frame 3CE6 0
337 B 38ms
38ms Image
text/plain 54.157.17.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.17.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-17-18.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n006-ash-prod.krxd.net
date: Wed, 28 Jun 2023 16:23:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1687969405
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 41ms
41ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?oz_pl=1&gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&psv=2.96.0&_x=1
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/873648/analytics.js?ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&di=www.nbcnews.com&ap=&ui=LJFXEETE-4-KK22&pp=24610&pv=405d5349-e004-48a7-b641-447cc095eaa6&gt=us&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 dis.aspx Show response
widget.va.us.criteo.com/dis/ Frame 4275 6 KB
3 KB 33ms
33ms Document
text/html 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e7ccc286cd81fc77048bdb4deac&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

64729af3639ad2625f775ce8873b0021e372e05a8076109629b3b48351c37178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Wed, 28 Jun 2023 16:23:25 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 3298652
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CC49 12 KB
5 KB 38ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5175698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiCVqeizYTdzjCsSBZPuhTqpvUKFXN6cGfDzu8ElDHk8QXQc%2BIEBhUE2cofLHks46FQPNdxKSzMGOuCEZC9OdhLBY%2BZYM%2FUOxPxMngool2Dl6joKHW0N37Our3y4QjOC%2BQMBHEmeIqGsutsa2RZjTOrM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7de7462fbae1d153-BUF
expires: Mon, 17 Jun 2024 16:23:25 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CC49 12 KB
6 KB 38ms
37ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5025 14 KB
14 KB 148ms
73ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=132&m=0&partner=40380&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F40380%2F230519%2F0fdf49d0874245eba6652b766f311977_script_logo_cta.png&v=3&w=596&s=FZHg2IjUVtcfoPA9r-VatEld

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

616ca1bba56c0d435c4263e3ae02ccefac37a16fcc2bd00b801ecdd34251a404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 14400
expires: Thu, 13 Jun 2024 01:47:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5025 5 KB
6 KB 153ms
80ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018438930_NEONGREEN_486x648.jpg&v=3&w=400&s=wQWUq_psVGM3Jy8BxC3bBIk4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e683b6bfc800c314892b809acc0e751d7811cd664d97adaf2a02e21d08c42bce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 5574
expires: Thu, 29 Jun 2023 09:24:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5025 7 KB
7 KB 139ms
66ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018513288_JANA_486x648.jpg&v=3&w=400&s=ugGy0ed-mdo9MYICVvrgw8xv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1b0088b0cfe07cb2c34d91350788c79326df42e7c531e335e18439ba5cfd3721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 7022
expires: Thu, 29 Jun 2023 09:01:16 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5025 18 KB
19 KB 125ms
52ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400016665728_NAVYWHITE_486x648.jpg&v=3&w=400&s=kFSZzwsLwQj0eHEiI1WPS1Xb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

19d562a6f2a20a630a21a62519a7f5ae74e2fd6a6ae5a2982f722387ceb8d8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 18822
expires: Wed, 28 Jun 2023 16:25:45 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5025 7 KB
7 KB 156ms
83ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018686330_MULTI_486x648.jpg&v=3&w=400&s=IX0Rtgwsxy_CA9TBR83IYPNX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e7d73f8df31a186663aa8ae7637c931e07d47d136600a3e5be6ae90ba1fe1e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 6730
expires: Thu, 29 Jun 2023 10:04:46 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5025 4 KB
4 KB 170ms
97ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400017911692_BLACK_486x648.jpg&v=3&w=400&s=cREtVr2hye4py5mx0OcBCAlX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

a1beda5e20e7b2ddc1724594db766e243eb33387dc369a3741f3dfffb9ebff66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 3902
expires: Thu, 29 Jun 2023 10:20:18 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame 5025 8 KB
9 KB 78ms
74ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018248259_BURNTHENNABURNTTANGERINE_486x648.jpg&v=3&w=400&s=FNe9ygp8ll9fYXWRgE6EZ2WA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

283cabd4c5a7326589ebe7f98825be7638ca28f87a7a7e3fdb8ffff163f15cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 8654
expires: Thu, 29 Jun 2023 12:12:56 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 5025 0
127 B 102ms
30ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=oDiEZXnjXWD1fVYeYnc_fnPsPu2pTXYPIAfqkOg9fDV6ByBprZ7VgmpOsfdM2saEr1Hvvb-v60RRTWNLzYBo54-5kyUcvkyhX3Y_DyGoCg5PnL4ABHvRFL2QuPtpQQpRRP55LvH8MxJdv70MGAktX9ho8vHizdoE-Ou4YN3HAMPe9QV8vKoQcnq6e--OvUL-t5x4B5-4_RwR_Chj0tH-EE2wLpO-ffb2nLAwO0majEM9w2TDiVfCSDs8MNXsBdWUiP4izQ&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 16:23:25 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5025 2 KB
1 KB 34ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5025 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff
static.criteo.net/design/dt/ Frame CC49 25 KB
26 KB 38ms
36ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 05 Feb 2021 21:58:27 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"601dbf83-65e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame CC49 14 KB
14 KB 108ms
96ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

616ca1bba56c0d435c4263e3ae02ccefac37a16fcc2bd00b801ecdd34251a404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 14400
expires: Thu, 13 Jun 2024 01:47:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame CC49 7 KB
7 KB 119ms
107ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1b0088b0cfe07cb2c34d91350788c79326df42e7c531e335e18439ba5cfd3721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 7022
expires: Thu, 29 Jun 2023 09:01:16 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame CC49 7 KB
7 KB 117ms
106ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e7d73f8df31a186663aa8ae7637c931e07d47d136600a3e5be6ae90ba1fe1e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 6730
expires: Thu, 29 Jun 2023 10:04:46 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame CC49 9 KB
9 KB 97ms
89ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018059499_GREEN_486x648.jpg&v=3&w=400&s=AY0oFxAuF0bh3hUDbZG7jgj_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b41ae19fd6fcdc949f7fde566da906c182ae846c517dd39eed0c2ed1708c64b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 8712
expires: Wed, 28 Jun 2023 16:53:15 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame CC49 0
128 B 36ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=UbOnwXnjXWD1fVYeMx1wrsgL68j6ioRJlSVJaoxS4eERgA_106DTDrb8oi0cwHalsKTfHrMIK76BKEEpdu7-ZoZuNoGJSkd5RzIgPM25daZA_tJvToY_I-oo2UpKW0sTu61r4-1IXDWiYwNkv7pjedX-c7NfiLlwrqyISgjInxI5nJujPP1ULB3ITftUbhrdkyq4fMtlVTWs4lwXFxNtluwp4jsJA0re-H8qL8zRXlyCd5so4q1kBup5cYJ10YE4cazVEQ&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 16:23:25 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CC49 2 KB
1 KB 41ms
34ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CC49 2 KB
1 KB 36ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:25 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 41ms
39ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&sid=AhbnvNQJBZjFwsfC&oz_sc=456c8fc02a3e28dfdb000263&oz_df=1687969405371&oz_l=242&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 3CE6 43 B
251 B 53ms
53ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=332&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160621&L4id=138431898896&S1id=57191058&S2id=21823574394&ord=1687969404654&r=5680043304&t=hdn&os=0&fi2=0&div1=0&ait=0&bedc=1&q=3&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:25 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame AC31
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJFXEETE-4-KK22

0
516 B

728ms
135ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJFXEETE-4-KK22
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 4D398BD56A9B49F6A4B966DDFA09B666 Ref B: NYCEDGE1309 Ref C: 2023-06-28T16:23:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/MwDckO9eLgSHu8NdpQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJFXEETE-4-KK22
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b3266a43228eaeab48f59934ee9159da
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AC31
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/krhP-FzJIni2_vSX7alH8Q?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xH7sKvlE2oJfbPQ8W1Th4TiQuqFBk1LMVk9f2g--~A

42 B
710 B

36ms
35ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xH7sKvlE2oJfbPQ8W1Th4TiQuqFBk1LMVk9f2g--~A
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 28 Jun 2023 16:23:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xH7sKvlE2oJfbPQ8W1Th4TiQuqFBk1LMVk9f2g--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AC31
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24cfb9a4-ca44-4d7c-8790-4c015d723117&gdpr=0&gdpr_consent=&expires=30

42 B
710 B

65ms
35ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24cfb9a4-ca44-4d7c-8790-4c015d723117&gdpr=0&gdpr_consent=&expires=30
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24cfb9a4-ca44-4d7c-8790-4c015d723117&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AC31
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTM0M2UwNWY5ZjYxNjk2ZWM5YWJlYWMyNzRmZGEwNTU1YjgzMmZkMA

170 B
243 B

41ms
40ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTM0M2UwNWY5ZjYxNjk2ZWM5YWJlYWMyNzRmZGEwNTU1YjgzMmZkMA

Protocol

Server

142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTM0M2UwNWY5ZjYxNjk2ZWM5YWJlYWMyNzRmZGEwNTU1YjgzMmZkMA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a414d61fde5a538d1bc5c621aec59518
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame AC31
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBy7khtjKGnJL6P6Hp_c48I&google_cver=1

42 B
710 B

98ms
36ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBy7khtjKGnJL6P6Hp_c48I&google_cver=1
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBy7khtjKGnJL6P6Hp_c48I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame AC31
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rq8GMZwbTZ2MPNERnSn7KA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rq8GMZwbTZ2MPNERnSn7KA

43 B
479 B

119ms
114ms

Image
image/gif

67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rq8GMZwbTZ2MPNERnSn7KA

Protocol

HTTP/1.1

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JBQ9W2TE4ZNJA0Q1KHY3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rq8GMZwbTZ2MPNERnSn7KA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AC31
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpGWEVFVEUtNC1LSzIy
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECNiZDuCwfOB6eEBlIzN3og&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGWEVFVEUtNC1LSzIy&google_push=

170 B
188 B

44ms
42ms

Image
image/png

142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGWEVFVEUtNC1LSzIy&google_push=

Protocol

Server

142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpGWEVFVEUtNC1LSzIy&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame AC31
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Gwrp4oQlTIG1EZeDFkOljA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gwrp4oQlTIG1EZeDFkOljA

43 B
479 B

45ms
45ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gwrp4oQlTIG1EZeDFkOljA

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NVFBF39W1PDD4DYHK3CD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Gwrp4oQlTIG1EZeDFkOljA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame E78C
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30

43 B
510 B

44ms
43ms

Image
image/gif

35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30
Date: Wed, 28 Jun 2023 16:23:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E78C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_cm&google_hm=ay10WnlMUkxxVEpVeTZQOVl6b3RZRkxHUzFEcDY4SGZwe...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0

43 B
370 B

585ms
30ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 681674
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E78C
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400

43 B
370 B

507ms
31ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1738576
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 28 Jun 2023 16:23:25 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.246.195; 96.9.246.195; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6925cd8e-67ef-4530-9788-07edc3cb7365
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame E78C
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-U4ttBLqTJUy6P9YzotYFLGS1Dp4d4KqOzNHYxQ
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-U4ttBLqTJUy6P9YzotYFLGS1Dp4d4KqOzNHYxQ

43 B
1 KB

32ms
32ms

Image
image/gif

68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-U4ttBLqTJUy6P9YzotYFLGS1Dp4d4KqOzNHYxQ

Protocol

HTTP/1.1

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:25 GMT
AN-X-Request-Uuid: 14a8ff34-59a6-4691-b6c1-3bae26622a91
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 96.9.246.195; 96.9.246.195; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:25 GMT
AN-X-Request-Uuid: c60de5b6-34cc-4f76-bc4b-214d111bf758
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-U4ttBLqTJUy6P9YzotYFLGS1Dp4d4KqOzNHYxQ
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.246.195; 96.9.246.195; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame E78C 61 B
794 B 754ms
110ms Image
image/gif 96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-BWcQo7qTJUy6P9YzotYFLGS1Dp7tNq6hxurh8A

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 16:23:26 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Wed, 28 Jun 2023 16:23:26 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame E78C 42 B
710 B 146ms
35ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-7iotX7qTJUy6P9YzotYFLGS1Dp622e96l617uQ&expires=30
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame E78C 68 B
602 B 653ms
40ms Image
image/png 3.223.221.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0MID97qTJUy6P9YzotYFLGS1Dp4mN6o7vUiXFA
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.221.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-221-83.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:26 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E78C 43 B
688 B 664ms
31ms Image
image/gif 23.105.12.150
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-gEYlRrqTJUy6P9YzotYFLGS1Dp4SgFd4lbE9UA
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:26 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E78C 0
231 B 127ms
33ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-LE-n87qTJUy6P9YzotYFLGS1Dp6ExFVtp58Ang
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31821

GET
H2 200 um
criteo-sync.teads.tv/ Frame E78C 23 B
278 B 680ms
39ms Image
image/gif 23.200.197.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-BBW99LqTJUy6P9YzotYFLGS1Dp678vNJjllEjg
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-197-46.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Wed, 28 Jun 2023 16:23:26 GMT
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:26 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame E78C
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-SHOKB7qTJUy6P9YzotYFLGS1Dp6sxfbKFBfLqQ&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-SHOKB7qTJUy6P9YzotYFLGS1Dp6sxfbKFBfLqQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

51ms
50ms

Image
image/gif

35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-SHOKB7qTJUy6P9YzotYFLGS1Dp6sxfbKFBfLqQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 28 Jun 2023 16:23:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-SHOKB7qTJUy6P9YzotYFLGS1Dp6sxfbKFBfLqQ&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Wed, 28 Jun 2023 16:23:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/ Frame E78C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PpQMELqTJUy6P9YzotYFLGS1Dp5zqPzsChrnEA
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PpQMELqTJUy6P9YzotYFLGS1Dp5zqPzsChrnEA&verify=true

0
121 B

42ms
42ms

Image
text/plain

34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PpQMELqTJUy6P9YzotYFLGS1Dp5zqPzsChrnEA&verify=true

Protocol

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PpQMELqTJUy6P9YzotYFLGS1Dp5zqPzsChrnEA&verify=true
date: Wed, 28 Jun 2023 16:23:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame E78C 43 B
863 B 664ms
178ms Image
image/gif 202.241.208.53
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-E7ZIbrqTJUy6P9YzotYFLGS1Dp4TW1cfKfPj0g
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.53 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Wed, 28 Jun 2023 16:23:26 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-E7ZIbrqTJUy6P9YzotYFLGS1Dp4TW1cfKfPj0g","cluster_id":0,"gdpr":false,"ipv4":"96.9.246.195","key":"ZJxefsCo5s8AANiCDj4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad166"}
X-SO-Key: ZJxefsCo5s8AANiCDj4AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad166
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad166.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 43
X-SO-LB-Hostname: a-tgng40011.dc2p.scaleout.jp
X-SO-IP: 96.9.246.195

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame E78C 49 B
342 B 115ms
26ms Image
image/gif 195.244.31.11
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-n-1NKLqTJUy6P9YzotYFLGS1Dp6ufx0jAKMmGw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:26 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame E78C
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=awqjq8uwfiIEOhGZefheTNXCNTWxYLhQ

62 B
549 B

264ms
116ms

Image
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=awqjq8uwfiIEOhGZefheTNXCNTWxYLhQ
Protocol: H2
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 28 Jun 2023 16:23:26 GMT
content-length: 62
bk-server: 8f87
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=awqjq8uwfiIEOhGZefheTNXCNTWxYLhQ
date: Wed, 28 Jun 2023 16:23:26 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1893808
content-length: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame E78C
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-JT8_1bqTJUy6P9YzotYFLGS1Dp5sVYTbAofkqg
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-JT8_1bqTJUy6P9YzotYFLGS1Dp5sVYTbAofkqg&C=1

43 B
766 B

31ms
31ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-JT8_1bqTJUy6P9YzotYFLGS1Dp5sVYTbAofkqg&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-JT8_1bqTJUy6P9YzotYFLGS1Dp5sVYTbAofkqg&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame E78C 43 B
614 B 190ms
42ms Image
image/gif 63.251.28.234
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-Oq-qirqTJUy6P9YzotYFLGS1Dp6pxLlZLYoTzQ
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:26 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1687969406575016-70

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E78C
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jKcEE7qTJUy6P9YzotYFLGS1Dp6G2524XUJy2w
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jKcEE7qTJUy6P9YzotYFLGS1Dp6G2524XUJy2w

43 B
448 B

55ms
42ms

Image
image/gif

54.159.205.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jKcEE7qTJUy6P9YzotYFLGS1Dp6G2524XUJy2w
Protocol: H2
Server: 54.159.205.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-205-59.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 16:23:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-jKcEE7qTJUy6P9YzotYFLGS1Dp6G2524XUJy2w
access-control-allow-origin: *
date: Wed, 28 Jun 2023 16:23:26 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame E78C 42 B
274 B 165ms
102ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-NN-E5bqTJUy6P9YzotYFLGS1Dp5zXje7g88xKg
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1

200
OK

28292
i6.liadm.com/s/ Frame E78C
Redirect Chain

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ&_li_chk=true&previous_uuid=d900b3ce6cee4d309e14476c07260280
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ

43 B
549 B

200ms
62ms

Image
image/gif

2600:1f18:ed:550e:4578:8034:184b:4f8b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:4578:8034:184b:4f8b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:27 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 30
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ
Date: Wed, 28 Jun 2023 16:23:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 10

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame E78C 0
968 B 160ms
41ms Image
text/html 3.211.77.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-lHKskLqTJUy6P9YzotYFLGS1Dp4KsvTAefXIgA
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.77.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-77-134.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:26 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 c.gif
c.bing.com/ Frame E78C 42 B
665 B 137ms
39ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-JENqQLqTJUy6P9YzotYFLGS1Dp5AFwdHzfs0Hw
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:26 GMT
last-modified: Tue, 06 Jun 2023 17:31:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5C650F9B654A478AB0895BF145AD6021 Ref B: NYCEDGE1307 Ref C: 2023-06-28T16:23:26Z
etag: "7cd81bb49c98d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame E78C 43 B
540 B 192ms
39ms Image
image/gif 3.225.14.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k--iMcr7qTJUy6P9YzotYFLGS1Dp5MN9OjWflKKQ
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.14.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-14-251.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:26 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame E78C 0
287 B 179ms
45ms Image
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-UsLRvbqTJUy6P9YzotYFLGS1Dp7wSE3ZgGk9mA&initiator=partner
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:26 GMT
Cache-Control: no-cache
X-TraceId: 74402458aacadf21c0eff3f236b65da1
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E78C 42 B
579 B 159ms
23ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-0MsoDLqTJUy6P9YzotYFLGS1Dp5J4aeaIg4Hog
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 16:23:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame E78C 0
0 200ms
0ms Image
application/json 54.145.113.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-qoPCerqTJUy6P9YzotYFLGS1Dp5BxE99QP0rJw
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszpq3WBTB5hz5mM21ZM7xPPULlkVYLTKOWw%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj175Xckngx2_LKmDHsiJ7JtH0z2f9UeOdZlGvzoKFMN6hRo6XAqGDQQleaBLIyrD1kuRpdQwm-nJjCpIwWd5Tv1JHQ3ZZuyy8AhzmCadfJuYe673Lkqy4Jd1evKrTSVPtRPd7laZhowiAeXtiRCWqbCgAGbR71D8sY6uomrOYAAnln0lpz5gM52voeiHIKMUIfjai6X_AXI8xy7bVNvWOF76G6acI26TUKyyipysh3qituzUUVT4qwMsnpesnLcvva1kjMVY6L2ILpjHJc-b98O0_HkSXssray2yKqgrEua35A9GreVcp5glXKvcR9uAWfi1QC0HVfln-jP6cIbWVTaeBsSYZqzrJ7qE660QDcZVaUiOs8QZ4UJ3yV-zljlrE3LhetEy6OXB3nvxwOFc3z21ex_YZ61isBTDv9AF1DBkQc9DRL7JPRybxTw5KiSwu9qvgsD-1J8QzgAZe4n5XLmxFUyLjG_O12UIgh1AzA3L7OJsUzEhT2TRr4l3LCFzfcRwucRAjVcwt4HePktXQu5c_-VbpwLZO7TFNQUCG1trKY4RSF6r8lc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.145.113.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-113-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2

204

/
s.ad.smaato.net/c/ Frame E78C
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-IAZryrqTJUy6P9YzotYFLGS1Dp5yKgylN4C5vQ
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-IAZryrqTJUy6P9YzotYFLGS1Dp5yKgylN4C5vQ&cookieCheck=1

0
554 B

46ms
23ms

Image
text/plain

2600:9000:2209:4400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-IAZryrqTJUy6P9YzotYFLGS1Dp5yKgylN4C5vQ&cookieCheck=1
Protocol: H2
Server: 2600:9000:2209:4400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:26 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: ec65pKwlXbRcad8SlRVx1ZmajX9bYpt4v2WyBCdzScenIh1ErKaw0w==

Redirect headers

date: Wed, 28 Jun 2023 16:23:26 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-IAZryrqTJUy6P9YzotYFLGS1Dp5yKgylN4C5vQ&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: cpB1Ckaw57oz7eSnFyPl0MZUNGXmRcCR4UCv_ALcJDiuytuTT1yW4g==

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame E78C 95 B
528 B 151ms
43ms Image
image/png 34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=2052&ta_partner_did=k-FtocWbqTJUy6P9YzotYFLGS1Dp4glTj0DlZGww&ta_format=png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
date: Wed, 28 Jun 2023 16:23:26 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
BLOB 200
OK 83f91d53-24c1-4e9a-beb0-553b4f82e2bb
https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/ Frame A4A9 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/83f91d53-24c1-4e9a-beb0-553b4f82e2bb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 40ms
39ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&sid=AhbnvNQJBZjFwsfC&oz_sc=456c8fc02a3e28dfdb000263&oz_df=1687969405653&oz_l=4344&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 12D2 43 B
251 B 56ms
52ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=35&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160627&L4id=138431898899&S1id=57191058&S2id=21823574394&ord=1687969405095&r=630861711718&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:25 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 12D2 43 B
251 B 54ms
51ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=35&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160627&L4id=138431898899&S1id=57191058&S2id=21823574394&ord=1687969405095&r=630861711718&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:25 GMT

GET
H2 204 event.gif
beacon.krxd.net/ Frame 12D2 0
337 B 41ms
38ms Image
text/plain 54.157.17.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.17.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-17-18.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n035-ash-prod.krxd.net
date: Wed, 28 Jun 2023 16:23:25 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1687969405
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 12D2 0
0 43ms
42ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4yf-G1ra8gI9WohiTXQ2hDnKl4WT8873fEYy5f8zMv0xAdW6LD0Dh7xSCLsuedO-_VDf1w0MnnumJgqZhyC2OKKl1D2nJEt5to95Zgf55aU5FNV0pLSs5vW76f7acyO-iITf_TsTfi8Pvb_xPDLVtxBAWVeAFQgfheRlkjl-tYqNxVkdCHwBFtlmle2IN5T5WJJx4xul1_RuRpfJ_kevsQ23z1ReQgSFCDoHV1-0xZSPg6j8Y05F9pNifIlXGYSjGhUsH-xYA3NSiOqB4uvv9gP9nX3fgIs47SlecQHncP5RHGacO0uXIAbYWgf65ke0U20XDvdjKowq6&sai=AMfl-YTkgT12fwFc-YzKDQncUFdQFJf90_5-5F8YClthZNm-J_MDd8W-95SM4XEFZtOm0_yzW3inIoqooCwlBH0&sig=Cg0ArKJSzF6tr9NcZDc_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 16:23:25 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 40ms
39ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&sid=AhbnvNQJBZjFwsfC&oz_sc=456c8fc02a3e28dfdb000263&oz_df=1687969405860&oz_l=929&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 12D2 43 B
251 B 53ms
52ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=201&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160627&L4id=138431898899&S1id=57191058&S2id=21823574394&ord=1687969405095&r=630861711718&t=hdn&os=0&fi2=0&div1=0&ait=0&bedc=1&q=3&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:25 GMT

GET
BLOB 200
OK ffee1fb9-24e1-4dca-80be-fb1b440899ef
https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/ Frame 3CE6 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/ffee1fb9-24e1-4dca-80be-fb1b440899ef
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ed52a25fb6bb9fa0efad8cd024e6f650b7827c4cdf7f5285cab8c328b76ab0e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 817
Content-Type

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 42ms
40ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&sid=AhbnvNQJBZjFwsfC&oz_sc=456c8fc02a3e28dfdb000263&oz_df=1687969406357&oz_l=4639&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 49ms
42ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&sid=AhbnvNQJBZjFwsfC&oz_sc=456c8fc02a3e28dfdb000263&oz_df=1687969406524&oz_l=2265&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 45ms
44ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&sid=AhbnvNQJBZjFwsfC&oz_sc=456c8fc02a3e28dfdb000263&oz_df=1687969406681&oz_l=470&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame E78C
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=DMxwX1YF5oC0pZtrNQ3Y5s7NrjoUM-CM
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DMxwX1YF5oC0pZtrNQ3Y5s7NrjoUM-CM

42 B
940 B

50ms
49ms

Image
image/gif

54.147.140.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DMxwX1YF5oC0pZtrNQ3Y5s7NrjoUM-CM

Protocol

HTTP/1.1

Server

54.147.140.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-140-130.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v049-04585719e.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: cWNz32wrT4o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-va6-1-v049-0189be607.edge-va6.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: cp5E1paISvw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=DMxwX1YF5oC0pZtrNQ3Y5s7NrjoUM-CM
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame E78C
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=vz0RCIsUAcDFv2O3EW1A_vhB-R9WZ2pg

43 B
657 B

418ms
63ms

Image
image/gif

108.138.128.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=vz0RCIsUAcDFv2O3EW1A_vhB-R9WZ2pg
Protocol: H2
Server: 108.138.128.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-21.jfk50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:27 GMT
via: 1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK50-P4
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: 35boXUZeei7kZIENr6IfK9sfDV6JnkGiiM51z3N1pcD-xr8KBjInpw==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=vz0RCIsUAcDFv2O3EW1A_vhB-R9WZ2pg
date: Wed, 28 Jun 2023 16:23:26 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1229146
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 41ms
39ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&sid=AhbnvNQJBZjFwsfC&oz_sc=456c8fc02a3e28dfdb000263&oz_df=1687969409292&oz_l=1094&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:28 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 413D 43 B
251 B 51ms
50ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5159&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=35890458&L2id=3138547590&L3id=6334817002&L4id=138438027889&S1id=57191058&S2id=21823574394&ord=1687969404425&r=706841259084&t=page5&os=0&fi2=0&div1=0&ait=0&bedc=1&q=4&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:29 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 3CE6 43 B
251 B 52ms
51ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5027&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160621&L4id=138431898896&S1id=57191058&S2id=21823574394&ord=1687969404654&r=5680043304&t=page5&os=0&fi2=0&div1=0&ait=0&bedc=1&q=4&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:30 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 12D2 43 B
251 B 50ms
50ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5079&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160627&L4id=138431898899&S1id=57191058&S2id=21823574394&ord=1687969405095&r=630861711718&t=page5&os=0&fi2=0&div1=0&ait=0&bedc=1&q=4&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:30 GMT

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 40ms
39ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&sid=AhbnvNQJBZjFwsfC&oz_sc=456c8fc02a3e28dfdb000263&oz_df=1687969410990&oz_l=270&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:30 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 1x1-tk2023-headshot.jpg
media-cldnry.s-nbcnews.com/image/upload/t_focal-100x100,f_auto,q_auto:best/newscms/2023_17/3604300/ 2 KB
3 KB 33ms
32ms Image
image/webp 2600:141b:13:7a2::a1d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media-cldnry.s-nbcnews.com/image/upload/t_focal-100x100,f_auto,q_auto:best/newscms/2023_17/3604300/1x1-tk2023-headshot.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2600:141b:13:7a2::a1d Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

cloudinary /

Resource Hash

d05126c9c177d10b4243b3d8064f504972e70cfbf49ba1dcbda323bef3df88bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 1
date: Wed, 28 Jun 2023 16:23:31 GMT
strict-transport-security: max-age=2628000 ; preload
cache-tag: 242196196480470175496606451249433746228,490724587139607064145970157502573773245,7831a46e631c715519da9d0ce0a38b6b
content-disposition: inline; filename="1x1-tk2023-headshot.webp"
content-length: 2400
x-served-by: cache-iad-kjyo7100046-IAD
last-modified: Mon, 24 Apr 2023 20:01:21 GMT
server: cloudinary
x-timer: S1687965464.049383,VS0,VE2
etag: "7fa6d80fb3ff406f8bb809ae85bfe129"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, private, max-age=31553626
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
expires: Thu, 27 Jun 2024 21:17:17 GMT

GET
H3 200 container.html Show response
d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB97 6 KB
3 KB 25ms
25ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:24 GMT
expires: Thu, 27 Jun 2024 16:23:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D02 6 KB
3 KB 25ms
24ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:24 GMT
expires: Thu, 27 Jun 2024 16:23:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 frame.html Show response
d-37003659051456368343.ampproject.net/2305252018001/ Frame 48E3 507 B
278 B 27ms
26ms Document
text/html 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d-37003659051456368343.ampproject.net/2305252018001/frame.html

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c8ea97a6e509de6a7d37457efb443bcd14bec9428b5e0ad081582d2fc35e02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 214
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:22 GMT
expires: Thu, 27 Jun 2024 16:23:22 GMT
last-modified: Mon, 05 Jun 2023 21:28:00 GMT
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 creative.js Show response
ads.rubiconproject.com/prebid/ Frame FB97 26 KB
9 KB 165ms
165ms Script
text/javascript 104.77.247.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/creative.js
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-247-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8d38fb578a4b1341da1fca57edf617e5a17409068aa07084400f9229561a753a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 19:36:38 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 8941
expires: Wed, 28 Jun 2023 16:23:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB97 179 KB
56 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 16:23:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame FB97 336 KB
114 KB 57ms
56ms Script
application/x-javascript 23.193.121.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.121.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-121-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58b691843c224b0fb4482efa5c50bffe06df252df7c85e3c040a3beb80aa3946

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:52:54 GMT
server: AmazonS3
x-amz-request-id: ARPQJZ45SHXVXBH1
etag: "558536c1bcdfd0228402644e03886534"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24889
accept-ranges: bytes
content-length: 116826
x-amz-id-2: widc96mS58isingTKvqBm4DF8Cfzpoza3+x3a2x5TA29MkyByc+7+m9GWOQcwCrX+kcIQqaCU3Y=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FB97 0
26 B 51ms
50ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_ZK0B2ah3exVS2xmgtIhpyNoLf4IiXk3DdZE-Bc1rFlVca1MKBSGZcoU63XDpEVAjGow5Vw6915kRXO_vPqRa6h3bu7ngIcv9YknVNDOV4ND4yi8uHVYUcekZ4TdMLfOEza8pwCPyV82h1MYkfacpmX-WblzlTcB46DxvA7PdqTVW2hydP-lPOumb-rme_7i3xTEVQdAKGbbTGNH0pK_5EWl6hK4FGLjQdBm7tBPRiApLSf2Itwur0fRmU-aIKqgMsEMXYaoRRt8oqib3KEV1zAHOOOjaBfletxYcJTUn020gzmO-Xt5R7r3rC0VVcxZl30sHJ6Aw8w&sai=AMfl-YTvOFdjghojEkrketRkHRC0KQHDve78X6hb5OWsXq3VyqxgcqRyXh5EA-di5IEvw30pQRAlqs9jK8v0L9Q&sig=Cg0ArKJSzGcPkQaDjYReEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
ads.rubiconproject.com/prebid/ Frame 4D02 26 KB
9 KB 147ms
146ms Script
text/javascript 104.77.247.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/creative.js
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.247.148 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-77-247-148.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8d38fb578a4b1341da1fca57edf617e5a17409068aa07084400f9229561a753a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 19:36:38 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 8941
expires: Wed, 28 Jun 2023 16:23:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D02 179 KB
56 KB 81ms
80ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57261
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687779365227900"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 16:23:32 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame 4D02 336 KB
114 KB 62ms
61ms Script
application/x-javascript 23.193.121.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.193.121.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-193-121-161.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 58b691843c224b0fb4482efa5c50bffe06df252df7c85e3c040a3beb80aa3946

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:52:54 GMT
server: AmazonS3
x-amz-request-id: ARPQJZ45SHXVXBH1
etag: "558536c1bcdfd0228402644e03886534"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24889
accept-ranges: bytes
content-length: 116826
x-amz-id-2: widc96mS58isingTKvqBm4DF8Cfzpoza3+x3a2x5TA29MkyByc+7+m9GWOQcwCrX+kcIQqaCU3Y=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D02 0
26 B 47ms
46ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv9BwI9uDJR_C1SRuNfGMFypjQSTbwCqX-Q4aeg9St7vCVyz-g_kMbshV5ieYqvd-6EfeeUmXsyDQDS43cnbEo-z2UP7YqqmE2niT4jWoZRRSiEaHr-dGmvf5G-sUezHg9hEmTYFokBB1bJPeuVJiCzWmllgW5P7q87Tn1WqMX4En9WtBB7oTkhnkyhABAp5jgCnBtvDwKayZSJlWa8N_j5Qo5QSSEV3oefz_n6bt84mCydSi4FtLfV4upC1rZ7wGPvH8gcy-nv6FbZGyN1P_w42woYwWE4hqvRwWZJhhYlKKvvnaQw1L9yXXlQKVpuy08DZQXypfpjrw&sai=AMfl-YQO0w6h4BhDW8H5v4PsBt-US0AFx-aNJ5vu4J1seve_5IJfvuZpsgQnLR5V8bg6oyJwtpPJZd7flaxdjpA&sig=Cg0ArKJSzPnhORlC-hRvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 taboola.mjs Show response
3p.ampproject.net/2305252018001/vendor/ Frame 48E3 20 KB
7 KB 26ms
25ms Script
text/javascript 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2305252018001/vendor/taboola.mjs

Requested by

Host: d-37003659051456368343.ampproject.net
URL: https://d-37003659051456368343.ampproject.net/2305252018001/frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea80afd281a3a0254cd4ad4d4a10035f73d0f0bb6223337d5d0879e3814d31e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 23 Jun 2023 21:04:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 415130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7126
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Jun 2024 21:04:42 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/nbcnews/ Frame 48E3 633 KB
69 KB 73ms
18ms Script
application/javascript 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Requested by: Host: 3p.ampproject.net
URL: https://3p.ampproject.net/2305252018001/vendor/taboola.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e751f5e1534bf1e93512fa46a6e8fbbd6b4572349754aebea5530f047907b29a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: J.0kBwzOsd9UsYy_Tp.g16sEMOFme6A5
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 16:23:32 GMT
x-amz-request-id: XEHXD85K0PT18Y9H
age: 25069
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 69711
x-amz-id-2: /ZdN3LUaiFPI7NWpSuMA5zLpbUEf3D6i8nBq7XkTJ7xKUuWjr3h/Yc3w5qHkN5HkFBGwMF22suM=
x-served-by: cache-yyz4557-YYZ
last-modified: Wed, 28 Jun 2023 09:25:34 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687969412.212860,VS0,VE0
etag: "6b3bc35dd4d7fe0a82b157443c103a01"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 38
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 175

GET
H2 200 cache Show response
pg-prebid-server-aws-use1.rubiconproject.com/ Frame 4D02 5 KB
3 KB 42ms
41ms XHR
application/json 3.221.217.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pg-prebid-server-aws-use1.rubiconproject.com/cache?uuid=6c2c9e20-a72d-4143-89c4-a4fba6102f3f
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.217.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-217-222.compute-1.amazonaws.com
Software: /
Resource Hash: d0ea00c72f2e2b9d54af4da852d996e66fe2d8ac9d9710c5e35437e6f61ecad9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 2875

GET
DATA 200
OK truncated
/ Frame 4D02 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae929f1512409c37c97529b7831aaa566333bd68e7b4179c212a5510f79bc13c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame 4D02 70 B
242 B 48ms
47ms Script
text/html 52.204.143.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=1983952271&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MDg1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-%2BsYfbxsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-7NEJVCAZgVLOGg%3D%3D&sc=1&os=1-3g%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=NBCUV2&hp=1&ra=1&pxm=5&sgs=3&vb=-1&cm=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nbcnews.com&lp=https%3A%2F%2Fwww.nbcnews.com&t=1687969412253&de=912101448048&m=0&ar=43a6e6e8aee-clean&iw=24ddb4a&q=2&cb=0&ym=0&cu=1687969412253&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=5177264069%3A3198638129%3A6295160624%3A138431898893&zGSRC=1&zMoatPS=boxinline_bentoarticle_amp&zMoatST=-&zMoatDomain=nbcnews.com&zMoatSubdomain=nbcnews.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatMData=-&zMoatTag=-&zMoatSZ=300x250&zMoatCURL=nbcnews.com&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcnews.com%2F&id=0&ii=3&bo=57191058&bd=21823574394&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=21823574394&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&tz=boxinline_bentoarticle_amp&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=204326&na=147951655&cs=0&ord=1687969412253&jv=1855039709&callback=DOMlessLLDcallback_32989973
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.143.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-143-235.compute-1.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: e53d6ba894f7695b77d09199a06bf026ea913bb129f45dd63a5994004485999a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "07b601415360a20f068dd17549f9fe3e1ee015bc"
content-length: 70
content-type: text/html; charset=UTF-8

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame E9CE 141 KB
48 KB 133ms
133ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

53313fb1a03750a571a4357939d40ae80dde0b7577bb72d99d9d179707980302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:32 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=XOCI2XnjXWD1fVYeidO8boyRrjqB1ASypzVuSm30pjiQ0Az4xX9sFMMcvH5Mtw0j2kgafSjvkxWPXEaBRGsru8vItKWx26LN3VJeQb9wpXIhiwVA7-Wlm4BFj9rsmKBZK4CQhp_rC_E7uXOPWVECndrVugMWiN2gpAFE9hAJY2lXtDfP0fv3g6HykzvcdzRi1_QyfUZncqzDUElg7HgAVBgbYDYVB_YKSkP9Yck5J9WNf1ojMKTacubm3Kj75CYPqVXCmg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 96991406
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 33A7 281 B
554 B 31ms
30ms Document
text/html 104.66.236.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.66.236.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-66-236-17.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 16:23:32 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 event
prebid-server.rubiconproject.com/ Frame 4D02 86 B
240 B 41ms
39ms Image
image/png 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-server.rubiconproject.com/event?t=win&b=e2192d7d-4f6e-4074-b9e4-ce4196f0e13a&a=24610&aid=86e683e9-435f-4ffd-8584-6ebb6c16f58a&ts=1687969402916&bidder=rubicon&f=i&int=dmpbs
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 98
expires: 0

GET
H2 200 d001733d-50f9-4804-9c5e-ec3398a4f102
beacon-iad3.rubiconproject.com/beacon/d/ Frame 4D02 43 B
98 B 36ms
34ms Image
image/avif 2602:803:c002:300::76
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-iad3.rubiconproject.com/beacon/d/d001733d-50f9-4804-9c5e-ec3398a4f102?oo=0&accountId=24610&siteId=471204&zoneId=2792694&sizeId=15&e=6A1E40E384DA563BF8B1E14DDA34A39DAE478E13D29E27C9E6C42AB6ABA27E0D44215DA778BE1DCAE420F04B5FBB444DCEBEA27FBC6B867E2E04DCC8D32C3CFFF2668D6126B4385769E772B347FC21101C1A0D8ED96AFF5692CF5AC42D8C1A8334A0A86DB1E2FA0B4BA8DB5A77B11C073D460B7AB3139EE3A03673F84F2632055CC823E0467B71ADBEAFFCC9958E18164AD95AAE3D807EB0396CF6F8EAEA780F60FE303656EB041CBC0A3527F46D4F74BBBFED449DED8A710545861DEDBF671709E4A37E5AF01B8CAAC001EA533775E3578B56FBC51F601014DA1EE3E590BD64B4493EFF7E098DC76EFA64FC99486D8318A7946E1D2833EEFEF75D56C3DDDBFBCA242C689333C8447DA0035DFAF91B18B3AEC13AADBBE54A3A76A04AF133D88561AC2726A89C8923B85E5FCFE83CFE4313EFAE9DDF4506C91807B1B96C1723D4FA1F40D2D6C6A14DB080E263238F5EE29A6361FC0CEE435EE74E0B6F504A7D2970126F530EA620A50C892005E70E1772732CA0930AB1C44D4FDA0D9917206D788DA2C8B3E0B2A9B5883E1F4D36214376F7B52A93E73FC5159C2D75A4F9045570964A01E8655FE94F1305FEE1EF64DAF83517AA6A2EB886C2CB9118834B970541E4F1F0E96EB8550C7A4AC0E81AF49D0D32BFEA75039F2BEEE4887222338B77ADCFFE7C33DDDFAD9AF00392E99983C5B68215742DBD8CC1849C77B9F0A197C49893A23F301778A4C46B1BD62B73BB2791ED4401A5E3365662E57FC7BFD6F552D56771133137F096CBC49955FDE4F7049D3427DD5AB98C5E8908AEC6511612E4E8F99F9D4B8FEAC4A6D7CA83417E6A7D582F2A64B74C0620F62B3AE06A6E627EBE1CC7C1E4615D516E10C8866EB00EC17D540E3C03D6A5234F94704F188177686F10CAB7338DF90BA911D52E927CAB7CB2B6AC3328D98714A494FFE492092125EA7AC2DBE0C89178639784BDD76C5009B4A60B63B37E65420DACE30DB4D98C7438CDBB57A691285DFB3D9E1EA97196F27BEF86BF5F404BF1794D9A260B974D5DBCE121EC7F52DD2D4718C7D49790FE2848DC751D91F13C428DE50689196E25F06A7C4399725F666A56D9F8103C727E8C04702B452523C1B7D3CF10140C4AC6FAE359DEBAB00E643CE6DADF2BDE9599B8DB20601B3DD71E9B23AF8E56C3B3C13C3EC9C78B5F3840474FBB0A152B93F97E3B8B9A15B41471E748D0CDCBA356336947E82A954C1004678A

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c002:300::76 , United States, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame 4D02 0
480 B 38ms
36ms Image
text/plain 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=LJFXEETJ-1A-2BU
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a414d61fde5a538d1bc5c621aec59518
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cache Show response
pg-prebid-server-aws-use1.rubiconproject.com/ Frame FB97 5 KB
3 KB 44ms
44ms XHR
application/json 3.221.217.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pg-prebid-server-aws-use1.rubiconproject.com/cache?uuid=ba56775c-9ba9-4c2a-b7a9-27d3ac81759f
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.217.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-217-222.compute-1.amazonaws.com
Software: /
Resource Hash: 743956a1bceb0c9da30c868332b2c2239c338194950f019b0b293b741258f073

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 2879

GET
H2 200 impl.20230628-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 48E3 784 KB
163 KB 20ms
20ms Script
application/javascript 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2f0cd5c2a5f6d95ba5e342e533d01a20829e7ecb820943b20d35ee0b7404d81c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 4BNsD6ispdS0uNJMNn.qACs9b7OGIqnY
content-encoding: br
via: 1.1 varnish
date: Wed, 28 Jun 2023 16:23:32 GMT
x-amz-request-id: 83HF8527R1F9MXDX
age: 25933
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 166041
x-amz-id-2: HJnHdqWJ78flgPs8MRqOZ5iOPOLS6XAfkkqQPBsZ7w2V7VxAt1CE8aUGpkOBSHXlPxdaxsasHSo=
x-served-by: cache-yyz4557-YYZ
last-modified: Wed, 28 Jun 2023 09:10:55 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687969412.396106,VS0,VE0
etag: "3b26469e6b15f25e09ba22a5c74da8d6"
vary: Accept-Encoding
content-type: application/javascript
abp: 63
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 19808

GET
H2 200 load.js Show response
pm-widget.taboola.com/nbcnews/ Frame 48E3 4 KB
2 KB 47ms
46ms Script
application/javascript 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/nbcnews/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 98ede3a2d98265e9da0d21301bb49ce0d2cbef85c30d8001db81bffe1c3bb625

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: x6TyvVez.LJ_8b6E32A8n0a_dyJkrBPE
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 28 Jun 2023 16:23:32 GMT
x-amz-request-id: KR4V52NBMZ61HRY9
age: 31
x-cache: HIT, HIT
content-length: 1349
x-amz-id-2: 0Zws4X1/tKAEVoMSgQcDPldxcQwBiWq4TWOmlXNl8PTDbaUTpmwLBwUDirH6THK3tbQffSN1/BU=
x-served-by: cache-bur-kbur8200148-BUR, cache-yyz4557-YYZ
last-modified: Wed, 21 Jun 2023 22:18:12 GMT
server: AmazonS3
x-timer: S1687969412.401221,VS0,VE3
etag: "d4dce373c3c7abaf0886abad6dd1253b"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 301690, 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 48E3 4 KB
2 KB 35ms
35ms Script
application/javascript 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-90.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 03:21:33 GMT
content-encoding: gzip
via: 1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P5
age: 46920
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: L6yVqZb6t0z4mvgQgBh-bFQX4inJFyAk_9B6x9uth3Jl6bkmlx-Fiw==

GET
DATA 200
OK truncated
/ Frame FB97 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 255c9fbca8db24e75829c892cad03140cfd08b5b2ffe99401262089d88a476c1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n.js Show response
geo.moatads.com/ Frame FB97 70 B
242 B 46ms
44ms Script
text/html 52.204.143.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=1983952271&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MDg1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-SRU9GJ%2BZ4ONI7%2BlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-Xl%2FyVCAZgVLOGg%3D%3D&sc=1&os=1-NA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=NBCUV2&hp=1&ra=1&pxm=5&sgs=3&vb=-1&cm=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.nbcnews.com&lp=https%3A%2F%2Fwww.nbcnews.com&t=1687969412390&de=212695063966&m=0&ar=43a6e6e8aee-clean&iw=24ddb4a&q=2&cb=0&ym=0&cu=1687969412390&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=5177264069%3A3198638129%3A6295160627%3A138431898896&zGSRC=1&zMoatPS=boxinline_bentoarticle_amp&zMoatST=-&zMoatDomain=nbcnews.com&zMoatSubdomain=nbcnews.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=na&zMoatMSafety=-&zMoatMGV_MAX=na&zMoatMMV=-&zMoatMGV=-&zMoatMData=-&zMoatTag=-&zMoatSZ=300x250&zMoatCURL=nbcnews.com&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcnews.com%2F&id=0&ii=3&bo=57191058&bd=21823574394&zMoatOrigSlicer1=57191058&zMoatOrigSlicer2=21823574394&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&tz=boxinline_bentoarticle_amp&iq=na&tt=na&tu=&tp=&jk=-1&jm=-1&fs=204326&na=208064285&cs=0&ord=1687969412390&jv=1358111169&callback=DOMlessLLDcallback_86889641
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.143.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-143-235.compute-1.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: b0151d9f7ba3e1d415f26218b5c6d37ae73c776d8942d1abc8a55e0f2cacbab3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "a14c841f8cc6b794767a39610f4b5de8c2bc591c"
content-length: 70
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 33A7 34 KB
10 KB 34ms
33ms Script
text/html 104.66.236.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.66.236.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-66-236-17.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jun 2023 11:16:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67999
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 29 Jun 2023 11:16:51 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame C5A8 154 KB
52 KB 98ms
98ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszrZ9ddRR%2B4BgMOsVR5YMSLSGiSXcxNYOyI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj7RzAZ7q3qM1J43OZvGEZwG2jwkJK6dLPjwkahxptuUKWub2B_mg0Ocxn3HnBZRdKgSTTG6ki-F3azyf66iXE3hWGFr6O5goN0ZPfDV44mSQvHE509BpapWvP8QZzumakgIdU4d4KSLYSmYYhXbBp0OPAZXDpoZ8fPNlLcMR0v7qqk1WDZwTpI6LD98k11EpGNFAmYLJnrotrG2M3WJXsw9UYuemV856UlAdAYcCypPr8d9Oxa8gNf2QDuir7Q6QhCulh4jorrWWw5I-V14dgdjwbJNo-uSHTolUrI1GRoFnIAj5RcXfIdrIVkPO31HvidQ9TAUopRrfNqx4D5Qo7nnXsY6skyX258Pm8JsNQA_MrhZRZKqZxEbxf7eYo8IjG-6bmKE9su5liVwLI5zPxe94o7wjsgb8-rhb5E16VktcX__5yPExxTV0bPHlumlyQkDJAmiENEjP4ubX6PbTh4E0L8_EJJkMcqbZ4SHbbrjmXgk6jBbU6uP_zW9jma7tdiSPpZGq4pCRzen6GSLomQ7nh7xbroNwaeWMMtsA0yAIQ8yu-798ga8

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e8b7d263f1499cea8b587690e1d9309f520b0b00adc0f226376d0a209405ea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 28 Jun 2023 16:23:32 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=ULGe23njXWD1fVYe34ztp5xw9uZkAD3RZZ3q09mdZ968fRqxVwKhbNVqNuO2HlB16qw9mnuYfZ9u9m32tRYKg3pG0O7rb14gpE4dOK1on2qUrIl1Ymyyrdoca7NiG8QLf6u1t2B3imM_mKbDJlwqNcAK0rVFF9H6WS-WK6KsJkDxVJ-K8LaZZ647TJ4KA4J9raSh-7JdFvxYrBF2M2l1z19AQaUSVtSiCsaxYYhxe2yvE8pYuek8TgjdeKkaE4CZQOAlqA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 59855430
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 970D 281 B
554 B 30ms
29ms Document
text/html 104.66.236.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/creative.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.66.236.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-66-236-17.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 16:23:32 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 event
prebid-server.rubiconproject.com/ Frame FB97 86 B
240 B 38ms
36ms Image
image/png 50.16.161.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-server.rubiconproject.com/event?t=win&b=e1f28768-4e6f-46b4-a5c4-7dbacdc6a0aa&a=24610&aid=22bc294f-4cd0-46e4-ad88-363719e21040&ts=1687969402922&bidder=rubicon&f=i&int=dmpbs
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.161.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-161-49.compute-1.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 98
expires: 0

GET
H2 200 4ffe6c13-2197-45e3-af04-d7d47dc8e1e2
beacon-iad3.rubiconproject.com/beacon/d/ Frame FB97 43 B
75 B 34ms
33ms Image
image/avif 2602:803:c002:300::76
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-iad3.rubiconproject.com/beacon/d/4ffe6c13-2197-45e3-af04-d7d47dc8e1e2?oo=0&accountId=24610&siteId=471204&zoneId=2792694&sizeId=15&e=6A1E40E384DA563B40ABE39A41EA4C7B215F92AD4A3374F13C40FBA9ABACC44CC01B09CBA622D889D887F60A8F8DEF3C95A02E49E002FB20DDE142315D12B360F2668D6126B4385769E772B347FC21101C1A0D8ED96AFF5698C67C446CF213125469413F1C365F67855719E6E5EFC50D08DB70760B3FDF276BED42266D6F0772E9ACDF418EF1E0BE2569BE0DF0DF93FD0417C4504082B63765840BB4257A93C837CD95506D6BA26E484CF9D6E8BBE8FB08B62CA0556AF0F8830A24E3005FA648D97DF66D67B63DAE03D3F1BD3C1EFFBBFC73566FCAD985BFA0589696BD4170AF30E5329F3D13B734ED19C5D3EF72CA906EE6267BCBB96CD781CFD81A5C4D6051CE929E34B6D787A701AD5BD066A6042D74FA89142BFEBD93508685022226F53E3284A3D0CEE33339622BAFA2ED6D04DA1BAAACB124831C37F4C399ED44171E8E12714A20517D5A20B665AEB4687958568DB52A529CDED9E121161E78556DAAFB132B3567A5B5F7F26AADECF2EDB6012394B9A8CAC8D2A532B9176257FF72915B7CB17EE36B5E2FDBDEE73E5D69FDD20CF5733A160786974BA34B26A348FF550A6DFE6942CA6E74221F732F6D568725717F99E1B9F54FCD3E2808A24188F7F15959D7AADA68451BA0ABEA19C82E9646FB7E235186DBC63D901103B6035476EBEDADCDAFDFB0294BBBC4E12307D2ECD52CDA7F95D2A7B98EAF090B13F0B86FE20DEB9455FAA54E2413B0082B8E2DFA82A33ADC2691A7C48B77F78F6B9655F166E25B3D8AB1B5CEF2E2774BCFE556F36817CAFF4F382E9DFA134034508C16909F6BDA2BBC441FFEFEE8DA4774193EB98B4915626987FEA6142F6BA053AAE8713704695BA11A489A55A9D8E59ACB1FB430B9E96937A7F3378473E34AFE70D39E0DE4D40F4F056FE26203295DC18264473B18136F14935BD1EB25464533932ED6144F91D271C09EEB2FC7D55F8983B344D804001FD36F1993EB0E4B36ED6781D2DAC9398D67540AD99261FD8EA731615A5D2BF79BDD96C4E9E007F9EAE7D5A88E1A367825BB253B519868F4787F8F16EE3F3F597DDC48FFEF5F97D441B2834CB9A6E8D169306E780285BAE61BEC040138BDB7702B452523C1B7D35DC66B5DC7AFBE318CC9722F7740BD96743BABEFB35B996724F5207A2458AD77B27AAF7707D79285387BE28895883742EAF751719FA12712FAACD2D5CFA3107F00751B6D8663AD1CCDA10306204D320B

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c002:300::76 , United States, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:31 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 204
No Content register
token.rubiconproject.com/ Frame FB97 0
480 B 36ms
35ms Image
text/plain 8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/register?khaos=LJFXEETD-28-8AT1
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a414d61fde5a538d1bc5c621aec59518
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E9CE 2 KB
1 KB 33ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame E9CE 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E9CE 308 B
636 B 36ms
35ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E9CE 293 B
621 B 32ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame E9CE 43 B
347 B 33ms
32ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=ZfNmhzQkZyt5i9fGuIGw04xtzHx4iE44y6qjFyPYFlU8K_6VQAhVhQJTe3kyEPLacSe-CXSkxGWbEOlsLhurFJFOP5yQOy5goObV8PrHomFWCsTKelaC3qu3gK1mH1LtToOtRRJTwuj98wlfctgOVpxWMq17WME64wYOuCHFPwEB5CA7dV79tGDDx-6MOK1w0Wr6j4q0J1k1OhwuRIxxH9YdVaIauxN1tnSkRG7kGKKmJc9iv0bBIuyED8s7DmyXe0Zqx9R78UjK_sHwhLej2eUTMiDsmk6Hr4Yw1j_Vqcm3mgEZW2Mal3T7zCKfeDyQ8wgwrgDSjkQeuVz-XBoJXOoWJC1IN9EQKJMT-CtbsVfWLXWlObKEJB03uEEFHwD27xM8KAEb-7dx-7XAPsblcnnpGe3ho_mlC0G5URHUdwwDnFK4XV07JBHqzljceOEhbCc3Pg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2550800
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame E9CE 43 B
611 B 37ms
36ms Image
image/gif 2600:9000:23cb:7200:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=649c5e8457788476627ebced5f067c43&col=262917,0,0,0,10967427,649c5e8457788476627ebced5f067c43
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:7200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
via: 1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: Ueyj9TvLYodvh3kS8sRXZrO2ACStQcTAZ6slV6bzA3e5mk3P15ZkSg==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 970D 34 KB
10 KB 33ms
33ms Script
text/html 104.66.236.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.66.236.17 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-66-236-17.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jun 2023 11:16:51 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=67999
Connection: keep-alive
Content-Length: 10113
Expires: Thu, 29 Jun 2023 11:16:51 GMT

GET
H2 200 dis.aspx Show response
widget.va.us.criteo.com/dis/ Frame BF18 6 KB
3 KB 35ms
34ms Document
text/html 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9c69cd3a629efdb85b2d2dbcc616fdd98881a85f4f3badd737f915370a747067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Wed, 28 Jun 2023 16:23:31 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 3456029
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E9CE 12 KB
5 KB 43ms
42ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5175705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxv9ZHs1%2F2srL7ECUg%2FmOsncm6Hqd3QKjd2j1xlGSdaaYmuh6FsUP4LzBym0YruhkixW2FoRkWSys3fbrMBvv4grvk%2FNTZyZ7zdFr%2FuCMCs7cNZ5AQNVT6cCttFCW%2BEjo9XjuOyTvaFNQ3ptCxFyS3QX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7de7465c6997d15f-BUF
expires: Mon, 17 Jun 2024 16:23:32 GMT

GET
H2 200 95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff
static.criteo.net/design/dt/ Frame E9CE 25 KB
26 KB 41ms
40ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 05 Feb 2021 21:58:27 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"601dbf83-65e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E9CE 12 KB
6 KB 38ms
37ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 48E3 73 B
313 B 32ms
32ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

b9393c34f97a01f0e4c1f696ed96a0adda0c5f15fef27eaf8119720de817d4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 624144
expires: 60

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C5A8 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszrZ9ddRR%2B4BgMOsVR5YMSLSGiSXcxNYOyI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj7RzAZ7q3qM1J43OZvGEZwG2jwkJK6dLPjwkahxptuUKWub2B_mg0Ocxn3HnBZRdKgSTTG6ki-F3azyf66iXE3hWGFr6O5goN0ZPfDV44mSQvHE509BpapWvP8QZzumakgIdU4d4KSLYSmYYhXbBp0OPAZXDpoZ8fPNlLcMR0v7qqk1WDZwTpI6LD98k11EpGNFAmYLJnrotrG2M3WJXsw9UYuemV856UlAdAYcCypPr8d9Oxa8gNf2QDuir7Q6QhCulh4jorrWWw5I-V14dgdjwbJNo-uSHTolUrI1GRoFnIAj5RcXfIdrIVkPO31HvidQ9TAUopRrfNqx4D5Qo7nnXsY6skyX258Pm8JsNQA_MrhZRZKqZxEbxf7eYo8IjG-6bmKE9su5liVwLI5zPxe94o7wjsgb8-rhb5E16VktcX__5yPExxTV0bPHlumlyQkDJAmiENEjP4ubX6PbTh4E0L8_EJJkMcqbZ4SHbbrjmXgk6jBbU6uP_zW9jma7tdiSPpZGq4pCRzen6GSLomQ7nh7xbroNwaeWMMtsA0yAIQ8yu-798ga8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame C5A8 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C5A8 308 B
636 B 34ms
33ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C5A8 293 B
621 B 35ms
34ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame C5A8 43 B
347 B 35ms
35ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=8tw8ajQkZyt5i9fGuIGw04xtzHxtmpv7SobUZAUeRkV9TB81jDJqdRYKIoRpqVQTbmtst3t6jOT5wOzcpyA7SFmMOQ1E0yPvQxFHk-76CCJSII6wkamp1nf7GJdT0u64t6bQvLn4yOR9g84pM7JQEDX5qhpQO2pMWjjkeEMDmzgNulksg4ZLk9kX15vW8GcT1XQQIsnImCEuSDYaw51C-l4hAHiuOESHZ4DmVvcsVXOtqNP2URQiJi4nasEMV_l_Dd2YFSRJ8HEcwykPfrt9ORoV8Zfa2GuBYww2ZR-rm-ZZ1ogJmrSiOvDu90TE1gSxN_EPmFD5Y_JJ3O5t3IHiWnSnrt3Ma8Y_n28QSC7CM4m1Utg3g3uWSZEedso0bKDFu9UOCOZF2-Rh8wPucadPV65Pz2xBg5lBmXcM9UvYe8Tu5fFE3La9w4YD-KPZf5wwH83KKg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3909944
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
d.agkn.com/pixel/8538/ Frame C5A8 43 B
612 B 36ms
35ms Image
image/gif 2600:9000:23cb:7200:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/8538/?che=649c5e8411167f89a34d125cfdd56e8a&col=262917,0,0,0,10967427,649c5e8411167f89a34d125cfdd56e8a
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszrZ9ddRR%2B4BgMOsVR5YMSLSGiSXcxNYOyI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj7RzAZ7q3qM1J43OZvGEZwG2jwkJK6dLPjwkahxptuUKWub2B_mg0Ocxn3HnBZRdKgSTTG6ki-F3azyf66iXE3hWGFr6O5goN0ZPfDV44mSQvHE509BpapWvP8QZzumakgIdU4d4KSLYSmYYhXbBp0OPAZXDpoZ8fPNlLcMR0v7qqk1WDZwTpI6LD98k11EpGNFAmYLJnrotrG2M3WJXsw9UYuemV856UlAdAYcCypPr8d9Oxa8gNf2QDuir7Q6QhCulh4jorrWWw5I-V14dgdjwbJNo-uSHTolUrI1GRoFnIAj5RcXfIdrIVkPO31HvidQ9TAUopRrfNqx4D5Qo7nnXsY6skyX258Pm8JsNQA_MrhZRZKqZxEbxf7eYo8IjG-6bmKE9su5liVwLI5zPxe94o7wjsgb8-rhb5E16VktcX__5yPExxTV0bPHlumlyQkDJAmiENEjP4ubX6PbTh4E0L8_EJJkMcqbZ4SHbbrjmXgk6jBbU6uP_zW9jma7tdiSPpZGq4pCRzen6GSLomQ7nh7xbroNwaeWMMtsA0yAIQ8yu-798ga8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:7200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
via: 1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: V1KpP0u6l8vtUcaGmbz9yVIzirkLojXWwNQJ8YNPz4rkHOLuz9QFzw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame E9CE 14 KB
14 KB 34ms
33ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

616ca1bba56c0d435c4263e3ae02ccefac37a16fcc2bd00b801ecdd34251a404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 14400
expires: Thu, 13 Jun 2024 01:47:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame E9CE 7 KB
7 KB 31ms
29ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e7d73f8df31a186663aa8ae7637c931e07d47d136600a3e5be6ae90ba1fe1e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 6730
expires: Thu, 29 Jun 2023 10:04:46 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame E9CE 7 KB
7 KB 38ms
37ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1b0088b0cfe07cb2c34d91350788c79326df42e7c531e335e18439ba5cfd3721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 7022
expires: Thu, 29 Jun 2023 09:01:16 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame E9CE 18 KB
19 KB 37ms
36ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

19d562a6f2a20a630a21a62519a7f5ae74e2fd6a6ae5a2982f722387ceb8d8d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 18822
expires: Wed, 28 Jun 2023 16:25:45 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame E9CE 0
127 B 31ms
31ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=XOCI2XnjXWD1fVYeidO8boyRrjqB1ASypzVuSm30pjiQ0Az4xX9sFMMcvH5Mtw0j2kgafSjvkxWPXEaBRGsru8vItKWx26LN3VJeQb9wpXIhiwVA7-Wlm4BFj9rsmKBZK4CQhp_rC_E7uXOPWVECndrVugMWiN2gpAFE9hAJY2lXtDfP0fv3g6HykzvcdzRi1_QyfUZncqzDUElg7HgAVBgbYDYVB_YKSkP9Yck5J9WNf1ojMKTacubm3Kj75CYPqVXCmg&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E9CE 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E9CE 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 pmk-20220605.65.js Show response
pm-widget.taboola.com/nbcnews/ Frame 48E3 86 KB
24 KB 21ms
21ms Script
application/javascript 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/nbcnews/pmk-20220605.65.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/nbcnews/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52ce588d419f161973f6cc1a4ca9fc84b793538df3861a44f6a377ae53a0e0bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: EdBJr.qv33bgnjTpZOVhjjXoRIzR1JrH
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 28 Jun 2023 16:23:32 GMT
x-amz-request-id: RM5VFA3AGKVJZYHF
age: 583514
x-cache: HIT, HIT
content-length: 24038
x-amz-id-2: hrta1+Lk9F6NDUARRrqUK06M83bertsCmgSnCn/UhIKA8gsARH6NOv60bcdA1364Iq2Aea5MBlY=
x-served-by: cache-bur-kbur8200080-BUR, cache-yyz4557-YYZ
last-modified: Wed, 21 Jun 2023 22:18:11 GMT
server: AmazonS3
x-timer: S1687969413.690419,VS0,VE0
etag: "969eab12343f46999db23903d58f1bfe"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 23, 6648

GET
H2 204 b
sb.scorecardresearch.com/ Frame 48E3 0
320 B 42ms
41ms Image
text/plain 18.164.96.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1687969412680&ns_c=UTF-8&ns_if=1&c3=1&c7=https%3A%2F%2Fd-37003659051456368343.ampproject.net%2F2305252018001%2Fframe.html&c8=&c9=https%3A%2F%2Fwww.nbcnews.com%2F
Requested by: Host: d-37003659051456368343.ampproject.net
URL: https://d-37003659051456368343.ampproject.net/2305252018001/frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-90.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
via: 1.1 9750f5ee94b45ad0faba87b3fac2aad6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P5
x-amz-cf-id: 1TEsLsH_2cdmBkm1OuGSV0bBl6JCyLUfN5pDCSA-8VHsyHq-I-KU3A==
x-cache: Miss from cloudfront

GET
H2 200 dis.aspx Show response
widget.va.us.criteo.com/dis/ Frame A1A9 6 KB
3 KB 34ms
34ms Document
text/html 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

224f9c75efa48af11efcc1a4e725b8c2a74cb6e3a30966397ddbe82fe2b34e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Wed, 28 Jun 2023 16:23:32 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 3531019
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C5A8 12 KB
5 KB 38ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5175705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQcOGzuquVLac197WReo%2FY7760aTeYEUl5EVNRYofrb%2Bj8yAcD4pTMs84HOiLkpPsZOvZ7xktrX4B2t9t5oAsXf%2By3eOudwkePJ5TT%2B9pMYlUlv4douB0o3Tm%2FKLNB41gyNWHqvRPVMxCMvQp1kVZZJp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7de7465d69a7d15f-BUF
expires: Mon, 17 Jun 2024 16:23:32 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C5A8 12 KB
6 KB 40ms
36ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff
static.criteo.net/design/dt/ Frame C5A8 25 KB
26 KB 37ms
36ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/95f88fc626f1432fa432382e4bfd47db_tradegothiclt-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 05 Feb 2021 21:58:27 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"601dbf83-65e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 json Show response
trc.taboola.com/nbcnews/trc/3/ Frame 48E3 13 KB
6 KB 424ms
413ms XHR
application/javascript 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/nbcnews/trc/3/json?tim=16%3A23%3A32.733&lti=deflated&data=%7B%22id%22%3A769%2C%22ii%22%3A%22%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1687944329124%2C%22vi%22%3A1687969412729%2C%22cv%22%3A%2220230628-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341%22%2C%22vpi%22%3A%22%2Fnews%2Famp%2Frcna91341%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A560%2C%22dw%22%3A1600%2C%22dh%22%3A560%2C%22ad%22%3A%7B%22sdkd%22%3A%7B%22os%22%3A%22AMP%22%2C%22osv%22%3A%221%22%2C%22sdkt%22%3A%22Taboola%20AMP%20Driver%22%2C%22sdkv%22%3A%221%22%7D%7D%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-feed-2x1%3Aabp%3D0%22%2C%22uip%22%3A%22Mobile%20Below%20Article%20Thumbnails%20AMP%20-Bento%22%2C%22orig_uip%22%3A%22Mobile%20Below%20Article%20Thumbnails%20AMP%20-Bento%22%2C%22cd%22%3A0%2C%22mw%22%3A1600%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341%2CMobile%20Below%20Article%20Thumbnails%20AMP%20-Bento%3Dthumbnails-feed-2x1%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230628-3-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: d6fc5751f9da22fb3eee81ee31843ab42f32a54b15e0010dcdf3770c98e5669c

Request headers

Referer: https://d-37003659051456368343.ampproject.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 392
date: Wed, 28 Jun 2023 16:23:33 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 16071
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-yyz4557-YYZ
server: nginx
x-timer: S1687969413.756855,VS0,VE392
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://d-37003659051456368343.ampproject.net
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 14 KB
14 KB 33ms
32ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

616ca1bba56c0d435c4263e3ae02ccefac37a16fcc2bd00b801ecdd34251a404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 14400
expires: Thu, 13 Jun 2024 01:47:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 2 KB
2 KB 156ms
153ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400016031175_ICEBLUE_486x648.jpg&v=3&w=400&s=dBExsugaW_Ld2hlPEdMJNw4I&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

3695624c38415de8dc3be7fb8a11faffd822b377963f215d628daab0e80ac003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 2338
expires: Wed, 28 Jun 2023 23:46:27 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 17 KB
17 KB 37ms
34ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018292626_MULTI_486x648.jpg&v=3&w=400&s=LZ-2Cg21Qr7OgN11gHkmlt54&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

acab483d9c3a7d68c4ead76018249b6821dbf97288f8d122318435c28062aad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 16960
expires: Wed, 28 Jun 2023 17:32:12 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 15 KB
15 KB 38ms
35ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018986919_DENIM_486x648.jpg&v=3&w=400&s=40wSd4uYmvhtNjQYCx5mHyTv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

302bbfb91b5de1567628a98197f1d9b21bd7a5afdaa149ae41e5b4b38d6cf514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 15200
expires: Thu, 29 Jun 2023 14:01:15 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 11 KB
12 KB 41ms
38ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018660971_KATESPADEGREEN_486x648.jpg&v=3&w=400&s=2aSM720s798NCoXEKeub25t6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

066866c737617733af0eb2d9fda6bc08f1741ca85b6d49087fcaa5b129900ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 11598
expires: Thu, 29 Jun 2023 15:42:48 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 5 KB
5 KB 43ms
40ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400017892321_486x648.jpg&v=3&w=400&s=5UCSojicFj0Dgjq1lIo3jxo3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

891d27667e75e04e845549bd850d7614fe1c315367055c70e093bbf7a678bff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 5038
expires: Wed, 28 Jun 2023 16:26:03 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 18 KB
18 KB 46ms
44ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400016544874_REDMULTI_486x648.jpg&v=3&w=400&s=881tiFa4vECyDCWie5bcUHc7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

193c37aae8da3c8b0d2620b6811df5e9d84a75fc904f507a11d2ade4d84fb292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 18116
expires: Thu, 29 Jun 2023 15:24:24 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 6 KB
7 KB 41ms
39ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018939044_TURQUOISE_486x648.jpg&v=3&w=400&s=9M6miAquaD1UN9ip-TTlFKIM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

76da43a79a4ff0683d3df6d8036b7e93b4bfbe06e5dd388de815b816cafa0573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 6596
expires: Thu, 29 Jun 2023 01:24:34 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 4 KB
4 KB 45ms
43ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400010956797_WHITEPARISBLUE_486x648.jpg&v=3&w=400&s=tJuAv4iZf6-rZ7-xIp1A3NPX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d563c10575ccc46cf05c5874f27320588e0e6849064c1d4df9c1f2f72f31418f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 4406
expires: Thu, 29 Jun 2023 00:26:38 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame C5A8 19 KB
19 KB 50ms
48ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=40380&q=80&r=0&u=https%3A%2F%2Fimage.s5a.com%2Fis%2Fimage%2Fsaks%2F0400018951107_GERANIUM_486x648.jpg&v=3&w=400&s=fNDfKxuYVgLEuOv04x3ZM5y9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

8d6d9159f628878660f3f321da7b7c84a3fc244c3eb30fd67f06a4a0e59e621a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86400
content-length: 19416
expires: Thu, 29 Jun 2023 04:42:07 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame C5A8 0
127 B 30ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=ULGe23njXWD1fVYe34ztp5xw9uZkAD3RZZ3q09mdZ968fRqxVwKhbNVqNuO2HlB16qw9mnuYfZ9u9m32tRYKg3pG0O7rb14gpE4dOK1on2qUrIl1Ymyyrdoca7NiG8QLf6u1t2B3imM_mKbDJlwqNcAK0rVFF9H6WS-WK6KsJkDxVJ-K8LaZZ647TJ4KA4J9raSh-7JdFvxYrBF2M2l1z19AQaUSVtSiCsaxYYhxe2yvE8pYuek8TgjdeKkaE4CZQOAlqA&sds=2&rev=87007&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C5A8 2 KB
1 KB 31ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C5A8 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Jun 2024 16:23:32 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 0118 43 B
235 B 291ms
290ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 0118
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_cm&google_hm=ay10WnlMUkxxVEpVeTZQOVl6b3RZRkxHUzFEcDY4SGZwe...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0

43 B
370 B

31ms
30ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1180454
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 0118
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400

43 B
370 B

34ms
34ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2614313
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 28 Jun 2023 16:23:32 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.246.195; 96.9.246.195; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: af7b4959-5224-42db-99f9-ad8192c260fa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 0118 61 B
630 B 120ms
112ms Image
image/gif 96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-BWcQo7qTJUy6P9YzotYFLGS1Dp7tNq6hxurh8A

Requested by

Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 16:23:32 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Wed, 28 Jun 2023 16:23:32 GMT

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 0118 68 B
606 B 53ms
45ms Image
image/png 3.223.221.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0MID97qTJUy6P9YzotYFLGS1Dp4mN6o7vUiXFA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.221.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-221-83.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 0118 43 B
429 B 130ms
124ms Image
image/gif 23.105.12.150
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-gEYlRrqTJUy6P9YzotYFLGS1Dp4SgFd4lbE9UA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:31 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 um
criteo-sync.teads.tv/ Frame 0118 23 B
163 B 46ms
39ms Image
image/gif 23.200.197.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-BBW99LqTJUy6P9YzotYFLGS1Dp678vNJjllEjg
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-197-46.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Wed, 28 Jun 2023 16:23:32 GMT
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 0118 37 B
354 B 59ms
52ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-SHOKB7qTJUy6P9YzotYFLGS1Dp6sxfbKFBfLqQ&dongle=013b
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame 0118 43 B
925 B 1033ms
1027ms Image
image/gif 202.241.208.53
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-E7ZIbrqTJUy6P9YzotYFLGS1Dp4TW1cfKfPj0g
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.53 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:33 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-E7ZIbrqTJUy6P9YzotYFLGS1Dp4TW1cfKfPj0g","cluster_id":0,"gdpr":false,"ipv4":"96.9.246.195","key":"ZJxefsCo5s8AANiCDj4AAAAA","privacy_sensitive":false,"uid":"ZJxefsCo5s8AANiCDj4AAAAA","upstream_id":"m-ad166"}
X-SO-Key: ZJxefsCo5s8AANiCDj4AAAAA
X-SO-Upstream-ID: m-ad166
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad166.dc4p.scaleout.jp
X-SO-UID: ZJxefsCo5s8AANiCDj4AAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 96.9.246.195
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 850
X-SO-LB-Hostname: a-tgng40011.dc2p.scaleout.jp

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 0118 49 B
201 B 33ms
26ms Image
image/gif 195.244.31.11
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-n-1NKLqTJUy6P9YzotYFLGS1Dp6ufx0jAKMmGw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 0118
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=5TcYSXJIEwrVJs273_-bSz1TDcIy8vin

62 B
454 B

258ms
257ms

Image
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=5TcYSXJIEwrVJs273_-bSz1TDcIy8vin
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control: max-age=0, no-cache, no-store
content-length: 62
bk-server: a175
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=5TcYSXJIEwrVJs273_-bSz1TDcIy8vin
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 4686546
content-length: 0

GET
H/1.1 200
OK rum
r.casalemedia.com/ Frame 0118 43 B
632 B 86ms
26ms Image
image/gif 192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-JT8_1bqTJUy6P9YzotYFLGS1Dp5sVYTbAofkqg
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame 0118 43 B
615 B 39ms
33ms Image
image/gif 63.251.28.234
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-Oq-qirqTJUy6P9YzotYFLGS1Dp6pxLlZLYoTzQ
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:32 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1687969412822005-265

GET
H2 200 match
ad.360yield.com/ Frame 0118 43 B
447 B 51ms
44ms Image
image/gif 54.159.205.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jKcEE7qTJUy6P9YzotYFLGS1Dp6G2524XUJy2w
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.205.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-205-59.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 16:23:32 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 0118 42 B
106 B 116ms
109ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-NN-E5bqTJUy6P9YzotYFLGS1Dp5zXje7g88xKg
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1 200
OK 28292
i.liadm.com/s/ Frame 0118 43 B
563 B 52ms
47ms Image
image/gif 3.229.170.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.170.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-170-24.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:32 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 4
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 0118 42 B
174 B 48ms
42ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-JENqQLqTJUy6P9YzotYFLGS1Dp5AFwdHzfs0Hw
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
last-modified: Tue, 06 Jun 2023 17:31:18 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FCC8B8B8027C4D1A926CF2A22C77A244 Ref B: NYCEDGE1307 Ref C: 2023-06-28T16:23:32Z
etag: "7cd81bb49c98d91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2 200 1017
jadserve.postrelease.com/suid/ Frame 0118 43 B
624 B 46ms
40ms Image
image/gif 3.225.14.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=k--iMcr7qTJUy6P9YzotYFLGS1Dp5MN9OjWflKKQ
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8457788476627ebced5f067c43&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.14.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-14-251.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 0118 43 B
398 B 117ms
30ms Image
image/gif 2600:1f18:612b:4200:180a:bb6b:7eca:821b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-b65lj7qTJUy6P9YzotYFLGS1Dp6RO0AK8DO8mg
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:180a:bb6b:7eca:821b -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 28 Jun 2023 16:23:32 GMT
server: nginx
content-type: image/gif

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame 0118 68 B
259 B 366ms
219ms Image
image/jpeg 2600:141b:e800:39::17c6:d61a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-l5_H57qTJUy6P9YzotYFLGS1Dp52tvbG6VGzdA

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:e800:39::17c6:d61a -, , ASN (),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Wed, 28 Jun 2023 16:23:33 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.17.245:80
content-length: 68
x-xss-protection: 1; mode=block

GET
H2 200 pixelCt.tpmn
ad.tpmn.co.kr/ Frame 0118 170 B
712 B 269ms
202ms Image
image/png 34.102.166.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-JBgXNrqTJUy6P9YzotYFLGS1Dp7njFWIkgGhrA
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.166.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
vary: accept-encoding
content-type: image/png;charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 0118 43 B
637 B 227ms
40ms Image
image/gif 34.202.209.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-z8IKKbqTJUy6P9YzotYFLGS1Dp4QhMMq7vwXMw&pn_id=criteo&ext=1
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.209.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 0118 43 B
1 KB 34ms
32ms Image
image/gif 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-U4ttBLqTJUy6P9YzotYFLGS1Dp4d4KqOzNHYxQ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:32 GMT
AN-X-Request-Uuid: 884d9dd6-f086-4a71-ba4e-d8348eaeedc9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.246.195; 96.9.246.195; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 0118 42 B
710 B 36ms
36ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-7iotX7qTJUy6P9YzotYFLGS1Dp622e96l617uQ&expires=30
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 0118 0
230 B 38ms
33ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-LE-n87qTJUy6P9YzotYFLGS1Dp6ExFVtp58Ang
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31751

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 0118 0
311 B 52ms
47ms Image
text/plain 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PpQMELqTJUy6P9YzotYFLGS1Dp5zqPzsChrnEA

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 0118 0
967 B 48ms
43ms Image
text/html 3.211.77.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-lHKskLqTJUy6P9YzotYFLGS1Dp4KsvTAefXIgA
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.77.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-77-134.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 0118 0
287 B 293ms
293ms Image
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-UsLRvbqTJUy6P9YzotYFLGS1Dp7wSE3ZgGk9mA&initiator=partner
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=B56708A3154CDD7F&u=%7C2uIPFsOlszo7stG42EF%2FwD7L2mtUQy29E%2FPfMR0tImI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj_DO16EZemlnrb2sz_iuwYhXwX3CUipp9aImdg1OncYCOY3-7KOJPbjuwSH0vgWxRZGJXgq-U6ByN6y5DJxOD_wV87Rt1IvHdPZTS7i5Vj8c0rp_ZmJ14bVoHM7FUzQAspzgSBr4X8DdFQGcQ8HiMgFL3gWwbIAxspdTQ0pGA7QSbHJXHj4U6uXGuSEpSXV1jyn2f_B8DVcR3iUEAaj02sHzJoy81bCKusSQbxRxLMIbqDNePYb4QYRRHL3Yq3KeEUlWqXu9MOo5PxYy1opyGszqNoW59cNhZfYOTCl0Wc6saMQi5gWuk7nEVLMU_BgXY_sYPbTJuGU0xUS2__9TAL6mzEl1GuAo2jXcfLOEhrY1KdcHY9u4_TEeod02SfUcVlDWP7_nJRB3rEFri_AHql-7FIdVYFvi4Dxgy8SgrCaICsHhZAKS_IHuSsPSHeGrkd-cOqBb7vY-ZjgyPK5amD_3VwN1DXp3f60mqyeY5YgUeTIvuWd0QED6nGoB47doDtkbw-bVXRIdqvN1r0VcaAt0-iCcajg_7FF3yFdEfKzRiUPA67A-1hI
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:33 GMT
Cache-Control: no-cache
X-TraceId: e2f2407fb2ec1085f2ff830bc937ee3a
Content-Length: 0

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame E9CE 14 KB
14 KB 32ms
32ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

616ca1bba56c0d435c4263e3ae02ccefac37a16fcc2bd00b801ecdd34251a404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 14400
expires: Thu, 13 Jun 2024 01:47:43 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame CC49 0
127 B 32ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 4D02 43 B
251 B 55ms
50ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=39&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160624&L4id=138431898893&S1id=57191058&S2id=21823574394&ord=1687969412253&r=912101448048&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:32 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 4D02 43 B
251 B 56ms
51ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=39&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160624&L4id=138431898893&S1id=57191058&S2id=21823574394&ord=1687969412253&r=912101448048&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:32 GMT

GET
H2 204 event.gif
beacon.krxd.net/ Frame 4D02 0
337 B 43ms
38ms Image
text/plain 54.157.17.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.17.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-17-18.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n031-ash-prod.krxd.net
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1687969412
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame B0A3 42 B
428 B 47ms
29ms Image
image/gif 8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-0MsoDLqTJUy6P9YzotYFLGS1Dp5J4aeaIg4Hog
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 28 Jun 2023 14:10:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 1
tapestry.tapad.com/tapestry/ Frame B0A3 95 B
335 B 64ms
46ms Image
image/png 34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tapestry.tapad.com/tapestry/1?ta_partner_id=2052&ta_partner_did=k-FtocWbqTJUy6P9YzotYFLGS1Dp4glTj0DlZGww&ta_format=png

Requested by

Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/png
date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame B0A3 43 B
292 B 48ms
30ms Image
image/gif 2600:1f18:612b:4200:180a:bb6b:7eca:821b

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-b65lj7qTJUy6P9YzotYFLGS1Dp6RO0AK8DO8mg
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:180a:bb6b:7eca:821b -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 28 Jun 2023 16:23:32 GMT
server: nginx
content-type: image/gif

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame B0A3 68 B
259 B 246ms
224ms Image
image/jpeg 2600:141b:e800:39::17c6:d61a

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-l5_H57qTJUy6P9YzotYFLGS1Dp52tvbG6VGzdA

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:e800:39::17c6:d61a -, , ASN (),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Wed, 28 Jun 2023 16:23:33 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.83.149:80
content-length: 68
x-xss-protection: 1; mode=block

GET
H2 200 pixelCt.tpmn
ad.tpmn.co.kr/ Frame B0A3 170 B
421 B 221ms
203ms Image
image/png 34.102.166.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-JBgXNrqTJUy6P9YzotYFLGS1Dp7njFWIkgGhrA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.166.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
vary: accept-encoding
content-type: image/png;charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame B0A3 43 B
636 B 142ms
41ms Image
image/gif 34.202.209.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-z8IKKbqTJUy6P9YzotYFLGS1Dp4QhMMq7vwXMw&pn_id=criteo&ext=1
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.209.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame B0A3 43 B
235 B 146ms
46ms Image
image/gif 35.211.178.172
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-mURAvrqTJUy6P9YzotYFLGS1Dp5zRvHKmRlEvQ&expires=30
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 172.178.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame B0A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_cm&google_hm=ay10WnlMUkxxVEpVeTZQOVl6b3RZRkxHUzFEcDY4SGZwe...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0

43 B
369 B

32ms
31ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 965648
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-tZyLRLqTJUy6P9YzotYFLGS1Dp68HfpyicTVqA&google_gid=CAESEMD1JTbxjvdSwY4zwP9029M&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame B0A3
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400

43 B
370 B

31ms
30ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400

Requested by

Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1380009
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 28 Jun 2023 16:23:32 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.246.195; 96.9.246.195; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e01634d6-2a89-414a-9f8f-1333fb01e454
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4753582124059338400
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame B0A3 43 B
1 KB 48ms
34ms Image
image/gif 68.67.160.75
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-U4ttBLqTJUy6P9YzotYFLGS1Dp4d4KqOzNHYxQ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.75 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:32 GMT
AN-X-Request-Uuid: 0bfca977-1097-4d9e-9db5-6668a59be362
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.246.195; 96.9.246.195; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame B0A3 61 B
630 B 129ms
113ms Image
image/gif 96.17.64.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-BWcQo7qTJUy6P9YzotYFLGS1Dp7tNq6hxurh8A

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-17-64-29.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 28 Jun 2023 16:23:33 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Wed, 28 Jun 2023 16:23:33 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame B0A3 42 B
710 B 50ms
37ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-7iotX7qTJUy6P9YzotYFLGS1Dp622e96l617uQ&expires=30
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame B0A3 68 B
607 B 57ms
42ms Image
image/png 3.223.221.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-0MID97qTJUy6P9YzotYFLGS1Dp4mN6o7vUiXFA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.221.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-221-83.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame B0A3 43 B
429 B 47ms
32ms Image
image/gif 23.105.12.150
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-gEYlRrqTJUy6P9YzotYFLGS1Dp4SgFd4lbE9UA
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.105.12.150 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 um
criteo-sync.teads.tv/ Frame B0A3 23 B
163 B 55ms
40ms Image
image/gif 23.200.197.46
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-BBW99LqTJUy6P9YzotYFLGS1Dp678vNJjllEjg
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.197.46 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-200-197-46.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Wed, 28 Jun 2023 16:23:32 GMT
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame B0A3 37 B
354 B 67ms
52ms Image
image/gif 35.71.139.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-SHOKB7qTJUy6P9YzotYFLGS1Dp6sxfbKFBfLqQ&dongle=013b
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK idsync
tg.socdm.com/aux/ Frame B0A3 43 B
925 B 991ms
631ms Image
image/gif 202.241.208.53
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-E7ZIbrqTJUy6P9YzotYFLGS1Dp4TW1cfKfPj0g
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.53 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:33 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-E7ZIbrqTJUy6P9YzotYFLGS1Dp4TW1cfKfPj0g","cluster_id":0,"gdpr":false,"ipv4":"96.9.246.195","key":"ZJxefsCo5s8AANiCDj4AAAAA","privacy_sensitive":false,"uid":"ZJxefsCo5s8AANiCDj4AAAAA","upstream_id":"m-ad166"}
X-SO-Key: ZJxefsCo5s8AANiCDj4AAAAA
X-SO-Upstream-ID: m-ad166
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad166.dc4p.scaleout.jp
X-SO-UID: ZJxefsCo5s8AANiCDj4AAAAA
Connection: keep-alive
Content-Length: 43
X-SO-IP: 96.9.246.195
X-SO-Cluster-ID: 0
Server: nginx
Content-Type: image/gif
Cache-Control: private
X-SO-Ads-Time: 453
X-SO-LB-Hostname: a-tgng40018.dc2p.scaleout.jp

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame B0A3 49 B
181 B 42ms
27ms Image
image/gif 195.244.31.11
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-n-1NKLqTJUy6P9YzotYFLGS1Dp6ufx0jAKMmGw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:32 GMT
x-content-type-options: nosniff
server: ayl-lb-usa02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 49
expires: 0

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame B0A3
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=4lCz3Bi_Knp4pA13uHn8LrHV-ewskviB

62 B
454 B

207ms
206ms

Image
image/gif

173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=4lCz3Bi_Knp4pA13uHn8LrHV-ewskviB
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control: max-age=0, no-cache, no-store
content-length: 62
bk-server: 9fc7
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=4lCz3Bi_Knp4pA13uHn8LrHV-ewskviB
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 797587
content-length: 0

GET
H/1.1 200
OK rum
r.casalemedia.com/ Frame B0A3 43 B
632 B 36ms
25ms Image
image/gif 192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-JT8_1bqTJUy6P9YzotYFLGS1Dp5sVYTbAofkqg
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

GET
H/1.1 200 user-registering
ads.stickyadstv.com/ Frame B0A3 43 B
616 B 45ms
34ms Image
image/gif 63.251.28.234
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-Oq-qirqTJUy6P9YzotYFLGS1Dp6pxLlZLYoTzQ
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.251.28.234 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 16:23:32 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1687969412943083-294

GET
H2 200 match
ad.360yield.com/ Frame B0A3 43 B
446 B 56ms
44ms Image
image/gif 54.159.205.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-jKcEE7qTJUy6P9YzotYFLGS1Dp6G2524XUJy2w
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.159.205.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-205-59.compute-1.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 28 Jun 2023 16:23:32 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 200 sync
matching.ivitrack.com/ Frame B0A3 42 B
58 B 117ms
106ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-NN-E5bqTJUy6P9YzotYFLGS1Dp5zXje7g88xKg
Requested by: Host: widget.va.us.criteo.com
URL: https://widget.va.us.criteo.com/dis/dis.aspx?pu=5360&cb=649c5e8411167f89a34d125cfdd56e8a&r=https%3a%2f%2fd6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com%2f&crossorigin=false
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H/1.1 200
OK 28292
i.liadm.com/s/ Frame B0A3 43 B
563 B 46ms
46ms Image
image/gif 3.229.170.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-KD21drqTJUy6P9YzotYFLGS1Dp4i4oq1m4IRPQ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.170.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-170-24.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:33 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 pixel_sync
trends.revcontent.com/cm/ Frame B0A3 0
0 49ms
39ms Image
application/json 54.145.113.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-qoPCerqTJUy6P9YzotYFLGS1Dp5BxE99QP0rJw
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszrZ9ddRR%2B4BgMOsVR5YMSLSGiSXcxNYOyI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj7RzAZ7q3qM1J43OZvGEZwG2jwkJK6dLPjwkahxptuUKWub2B_mg0Ocxn3HnBZRdKgSTTG6ki-F3azyf66iXE3hWGFr6O5goN0ZPfDV44mSQvHE509BpapWvP8QZzumakgIdU4d4KSLYSmYYhXbBp0OPAZXDpoZ8fPNlLcMR0v7qqk1WDZwTpI6LD98k11EpGNFAmYLJnrotrG2M3WJXsw9UYuemV856UlAdAYcCypPr8d9Oxa8gNf2QDuir7Q6QhCulh4jorrWWw5I-V14dgdjwbJNo-uSHTolUrI1GRoFnIAj5RcXfIdrIVkPO31HvidQ9TAUopRrfNqx4D5Qo7nnXsY6skyX258Pm8JsNQA_MrhZRZKqZxEbxf7eYo8IjG-6bmKE9su5liVwLI5zPxe94o7wjsgb8-rhb5E16VktcX__5yPExxTV0bPHlumlyQkDJAmiENEjP4ubX6PbTh4E0L8_EJJkMcqbZ4SHbbrjmXgk6jBbU6uP_zW9jma7tdiSPpZGq4pCRzen6GSLomQ7nh7xbroNwaeWMMtsA0yAIQ8yu-798ga8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.145.113.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-113-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 204 /
s.ad.smaato.net/c/ Frame B0A3 0
373 B 35ms
25ms Image
text/plain 2600:9000:2209:4400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-IAZryrqTJUy6P9YzotYFLGS1Dp5yKgylN4C5vQ
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszrZ9ddRR%2B4BgMOsVR5YMSLSGiSXcxNYOyI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj7RzAZ7q3qM1J43OZvGEZwG2jwkJK6dLPjwkahxptuUKWub2B_mg0Ocxn3HnBZRdKgSTTG6ki-F3azyf66iXE3hWGFr6O5goN0ZPfDV44mSQvHE509BpapWvP8QZzumakgIdU4d4KSLYSmYYhXbBp0OPAZXDpoZ8fPNlLcMR0v7qqk1WDZwTpI6LD98k11EpGNFAmYLJnrotrG2M3WJXsw9UYuemV856UlAdAYcCypPr8d9Oxa8gNf2QDuir7Q6QhCulh4jorrWWw5I-V14dgdjwbJNo-uSHTolUrI1GRoFnIAj5RcXfIdrIVkPO31HvidQ9TAUopRrfNqx4D5Qo7nnXsY6skyX258Pm8JsNQA_MrhZRZKqZxEbxf7eYo8IjG-6bmKE9su5liVwLI5zPxe94o7wjsgb8-rhb5E16VktcX__5yPExxTV0bPHlumlyQkDJAmiENEjP4ubX6PbTh4E0L8_EJJkMcqbZ4SHbbrjmXgk6jBbU6uP_zW9jma7tdiSPpZGq4pCRzen6GSLomQ7nh7xbroNwaeWMMtsA0yAIQ8yu-798ga8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:4400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
via: 1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR53-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: phIbL_T_8jykdJm2Y_WVpFgASVTEgc4A8xeIqLYMOV260S8WoJsNyQ==

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame B0A3 0
230 B 44ms
34ms Image
text/plain 141.226.224.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-LE-n87qTJUy6P9YzotYFLGS1Dp6ExFVtp58Ang
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszrZ9ddRR%2B4BgMOsVR5YMSLSGiSXcxNYOyI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj7RzAZ7q3qM1J43OZvGEZwG2jwkJK6dLPjwkahxptuUKWub2B_mg0Ocxn3HnBZRdKgSTTG6ki-F3azyf66iXE3hWGFr6O5goN0ZPfDV44mSQvHE509BpapWvP8QZzumakgIdU4d4KSLYSmYYhXbBp0OPAZXDpoZ8fPNlLcMR0v7qqk1WDZwTpI6LD98k11EpGNFAmYLJnrotrG2M3WJXsw9UYuemV856UlAdAYcCypPr8d9Oxa8gNf2QDuir7Q6QhCulh4jorrWWw5I-V14dgdjwbJNo-uSHTolUrI1GRoFnIAj5RcXfIdrIVkPO31HvidQ9TAUopRrfNqx4D5Qo7nnXsY6skyX258Pm8JsNQA_MrhZRZKqZxEbxf7eYo8IjG-6bmKE9su5liVwLI5zPxe94o7wjsgb8-rhb5E16VktcX__5yPExxTV0bPHlumlyQkDJAmiENEjP4ubX6PbTh4E0L8_EJJkMcqbZ4SHbbrjmXgk6jBbU6uP_zW9jma7tdiSPpZGq4pCRzen6GSLomQ7nh7xbroNwaeWMMtsA0yAIQ8yu-798ga8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31737

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame B0A3 0
17 B 53ms
43ms Image
text/plain 34.200.65.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-PpQMELqTJUy6P9YzotYFLGS1Dp5zqPzsChrnEA

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-200-65-202.compute-1.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame B0A3 0
967 B 50ms
41ms Image
text/html 3.211.77.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-lHKskLqTJUy6P9YzotYFLGS1Dp4KsvTAefXIgA
Requested by: Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=431C02F1B861F249&u=%7C2uIPFsOlszrZ9ddRR%2B4BgMOsVR5YMSLSGiSXcxNYOyI%3D%7C&c1=mOd7Dh6zPV-ibPduKMA2S1B7ad7mtjPQqsReDUrnLI6q8ZjvoWn7ovI7O9PeeGSGHptM_F4EJ0PttGzvjfG3K-8yTCetcFO9A5SEsq-ycv9EkOoa-B6Lj7RzAZ7q3qM1J43OZvGEZwG2jwkJK6dLPjwkahxptuUKWub2B_mg0Ocxn3HnBZRdKgSTTG6ki-F3azyf66iXE3hWGFr6O5goN0ZPfDV44mSQvHE509BpapWvP8QZzumakgIdU4d4KSLYSmYYhXbBp0OPAZXDpoZ8fPNlLcMR0v7qqk1WDZwTpI6LD98k11EpGNFAmYLJnrotrG2M3WJXsw9UYuemV856UlAdAYcCypPr8d9Oxa8gNf2QDuir7Q6QhCulh4jorrWWw5I-V14dgdjwbJNo-uSHTolUrI1GRoFnIAj5RcXfIdrIVkPO31HvidQ9TAUopRrfNqx4D5Qo7nnXsY6skyX258Pm8JsNQA_MrhZRZKqZxEbxf7eYo8IjG-6bmKE9su5liVwLI5zPxe94o7wjsgb8-rhb5E16VktcX__5yPExxTV0bPHlumlyQkDJAmiENEjP4ubX6PbTh4E0L8_EJJkMcqbZ4SHbbrjmXgk6jBbU6uP_zW9jma7tdiSPpZGq4pCRzen6GSLomQ7nh7xbroNwaeWMMtsA0yAIQ8yu-798ga8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.77.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-211-77-134.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

POST
H/1.1 200
OK postback Show response
s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/ Frame 3CE6 0
145 B 44ms
39ms XHR
text/plain 34.230.152.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.rubiconproject.com/2/2.96.0/873648/AhbnvNQJBZjFwsfC/postback?gt=us&ci=873648&di=www.nbcnews.com&ap=&pv=405d5349-e004-48a7-b641-447cc095eaa6&pp=24610&c1=2792694&c2=15&sr=magnite.com&dt=8736481481318196516000&ti=882e14bb-4537-49f3-a4da-58a9182c2509&si=471204&ui=LJFXEETE-4-KK22&sid=AhbnvNQJBZjFwsfC&oz_sc=456c8fc02a3e28dfdb000263&oz_df=1687969412874&oz_l=324&cv=3
Requested by: Host: s.update.rubiconproject.com
URL: https://s.update.rubiconproject.com/2/2.96.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.230.152.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-230-152-154.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 28 Jun 2023 16:23:32 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame FB97 43 B
251 B 59ms
52ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=30&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160627&L4id=138431898896&S1id=57191058&S2id=21823574394&ord=1687969412390&r=212695063966&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:33 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame FB97 43 B
251 B 59ms
52ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=30&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160627&L4id=138431898896&S1id=57191058&S2id=21823574394&ord=1687969412390&r=212695063966&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:33 GMT

GET
H2 204 event.gif
beacon.krxd.net/ Frame FB97 0
337 B 46ms
40ms Image
text/plain 54.157.17.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Requested by: Host: d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
URL: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.17.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-17-18.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n037-ash-prod.krxd.net
date: Wed, 28 Jun 2023 16:23:33 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1687969413
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4D02 0
0 44ms
41ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQhAZr47qI9kwb2OQ_2G-sYggRd6ziJCnfmUrMjY2y69haFuIYVCYzfHQMhJdklfezXv6VJVwMxMBGTSGwZFflIeEHIxA5bFDDhxcudSyqSS7IFAU5H6yLHyoK2NMjoka4LA1hmWW7A-KA-M0M3lpJ3Vftbm82WqsrgvwJVIw2cWxmaV6c-k4jAodExMtllbO-wFNWJ5JPN2ZMigsSslHF1ZyasdHVdNrvoxHpdoBjWr3CyC168333w1oCRw0z28bfdNuHX31E0N_BEmFc6QeJlMtv0mvrpx-8Li52m7iii9X3YSNL23vbxpe-TrrlWN66FncASfWzMKL3&sai=AMfl-YS49CJ9WagCxAItYoi5zIZeCLxDU7kvN5cJHMc3ZnuLFN0YsANxmDYf7eI9f8yD59e8rUOqDLLL1jaznxQ&sig=Cg0ArKJSzFzeM8-R5nXkEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 16:23:33 GMT

GET
H/1.1 200
OK /
srv.pixel.parsely.com/plogger/ 43 B
260 B 122ms
40ms Image
image/gif 34.231.207.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://srv.pixel.parsely.com/plogger/?rand=1687969413002&idsite=nbcnews.com&url=https%3A%2F%2Fwww.nbcnews.com%2Fnews%2Famp%2Frcna91341&urlref=&screen=1600x1200%7C1600x1200%7C24&title=%E2%80%98We%E2%80%99re%20Coming%20For%20Your%20Children%E2%80%99%20chant%20at%20NYC%20Drag%20March%20elicits%20outrage%2C%20but%20activists%20say%20it%E2%80%99s%20taken%20out%20of%20context&date=1687969413003&ampid=amp-jSubJ1geQOXJTrrBiJJQWQ&action=heartbeat&tt=5&inc=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.231.207.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-207-29.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nbcnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 16:23:33 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 28-Jun-2023 16:23:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 4D02 43 B
251 B 55ms
50ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=217&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160624&L4id=138431898893&S1id=57191058&S2id=21823574394&ord=1687969412253&r=912101448048&t=hdn&os=0&fi2=0&div1=0&ait=0&bedc=1&q=3&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FB97 0
0 42ms
42ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhD5h_pYOs_BJZT9exKe8je5Xpk4hUa0arDCfWIaAq_TsCa1ztnAua7H89Ym_jdhmQOckOrbGWtqZVxgj2XVFXjs942EIpLDtuBfU4oGqJdx7ywE09LVqDhYMyrF8NteShMayzBWC58GN7TwGUhyT8y9uI9E7pUuRkuZsJte8HJzxMmU7GrCrizm-mKO0kWCJ1laMTLt0NmxKPhpsRIaLfU5TyFns2V1bDQXTnJpEynkD8-2d1tcsVs5NTYCY4egqFyBSKyya7Jza73zLvBm6KkAQvuF4ND3UWeHcrfYEJ36h6YfIZYUYW2uFw6awzQi6Mc8ouAzO0aJ2-&sai=AMfl-YTelA2eCL01js1bwaWP7Y3mitSGQs9hSvP6zbMtKKh5468htx-p0DRLZpqQ76S0T_6A46b4ZqQa9o_xiw4&sig=Cg0ArKJSzExv6XKpNfZJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 16:23:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Jun 2023 16:23:33 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame FB97 43 B
251 B 53ms
52ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=200&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=5177264069&L2id=3198638129&L3id=6295160627&L4id=138431898896&S1id=57191058&S2id=21823574394&ord=1687969412390&r=212695063966&t=hdn&os=0&fi2=0&div1=0&ait=0&bedc=1&q=3&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:33 GMT

GET
H2 200 userx.20230628-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 48E3 17 KB
6 KB 20ms
19ms Script
application/javascript 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230628-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcnews/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7955a616e04f3801e3fff07b410d915a89f19d35ee54940d076387440a9ca409

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: YCtETaZZJTJQse4jr16gUHxB8XiCzXjr
content-encoding: gzip
via: 1.1 varnish
date: Wed, 28 Jun 2023 16:23:33 GMT
x-amz-request-id: 65VG7AM2HJ2S11QW
age: 4693
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: q3Bf2F8wplOClUTg85VwJQMaSRqakAD7uP1v25DD/4AawEkEI+TUkzMVE/Pd53rP24I9ZKM89i8=
x-served-by: cache-yyz4557-YYZ
last-modified: Wed, 28 Jun 2023 15:05:19 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1687969413.212093,VS0,VE0
etag: "4b725d75507974c1ccfcec4dced1d05b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 79
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 932

GET
H2 204 abtests
ch-trc-events.taboola.com/nbcnews/log/3/ Frame 48E3 0
363 B 382ms
27ms Image
text/plain 141.226.124.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-trc-events.taboola.com/nbcnews/log/3/abtests?route=US:CH:V&tvi2=10443&lti=deflated&ri=0662a9c933bcc8485b90623e4719c18b&sd=v2_dcdd8be2cf61bd55871a67f0abc3c05f_9b86c917-4ee1-4547-8a5c-1ef9a504e763-tuctb95e3fd_1687969412_1687969412_CNawjgYQvNg9GPnsxJaQMSABKAMw4QE4kaQOQJ-FD0jMzNkDUOEEWABgAGiA-Zzk5-vX-PYBcAE&ui=9b86c917-4ee1-4547-8a5c-1ef9a504e763-tuctb95e3fd&pi=/nbc-out/nbc-out-proud/re-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&wi=-3682984337948684421&pt=text&vi=1687969412729&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1687969413189%7D&tim=16%3A23%3A33.190&id=307&llvl=2&cv=20230628-3-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=HEIp__e5sxfOo6t-xuO6kEtGE8WStFHx
dpm.demdex.net/ Frame 0118
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=HEIp__e5sxfOo6t-xuO6kEtGE8WStFHx

42 B
940 B

45ms
44ms

Image
image/gif

54.147.140.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=HEIp__e5sxfOo6t-xuO6kEtGE8WStFHx

Protocol

HTTP/1.1

Server

54.147.140.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-140-130.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v049-05d4e4ced.edge-va6.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rAzQktMXTzw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=HEIp__e5sxfOo6t-xuO6kEtGE8WStFHx
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 731510
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=28645&dpuuid=I548HqGRU2-cV-qeS5vCPlpoXHGW7ttH
dpm.demdex.net/ Frame B0A3
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=I548HqGRU2-cV-qeS5vCPlpoXHGW7ttH

42 B
941 B

332ms
286ms

Image
image/gif

54.147.140.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=28645&dpuuid=I548HqGRU2-cV-qeS5vCPlpoXHGW7ttH

Protocol

HTTP/1.1

Server

54.147.140.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-140-130.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-va6-2-v049-0e5e2fec0.edge-va6.demdex.com 52 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: BXxb7sOrQSw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=I548HqGRU2-cV-qeS5vCPlpoXHGW7ttH
date: Wed, 28 Jun 2023 16:23:32 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 685523
content-length: 0

GET
H2

200

g.pixel
aa.agkn.com/adscores/ Frame 0118
Redirect Chain

https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Ya4yh6IjhlG1aI_pXMxGUchhiuBdJtkb

43 B
656 B

46ms
45ms

Image
image/gif

108.138.128.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Ya4yh6IjhlG1aI_pXMxGUchhiuBdJtkb
Protocol: H2
Server: 108.138.128.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-21.jfk50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:33 GMT
via: 1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: JFK50-P4
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: bCvBlUYvaBsBVoQDOnqx2Mf_-5HVRo1lrWATRLmPLk5LGOA4gggFWA==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=Ya4yh6IjhlG1aI_pXMxGUchhiuBdJtkb
date: Wed, 28 Jun 2023 16:23:33 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1004190
content-length: 0

GET
H2 204 social
ch-trc-events.taboola.com/nbcnews/log/3/ Frame 48E3 0
362 B 29ms
29ms Image
text/plain 141.226.124.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-trc-events.taboola.com/nbcnews/log/3/social?route=US:CH:V&tvi2=10443&lti=deflated&ri=0662a9c933bcc8485b90623e4719c18b&sd=v2_dcdd8be2cf61bd55871a67f0abc3c05f_9b86c917-4ee1-4547-8a5c-1ef9a504e763-tuctb95e3fd_1687969412_1687969412_CNawjgYQvNg9GPnsxJaQMSABKAMw4QE4kaQOQJ-FD0jMzNkDUOEEWABgAGiA-Zzk5-vX-PYBcAE&ui=9b86c917-4ee1-4547-8a5c-1ef9a504e763-tuctb95e3fd&pi=/nbc-out/nbc-out-proud/re-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&wi=-3682984337948684421&pt=text&vi=1687969412729&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fd-37003659051456368343.ampproject.net%2F2305252018001%2Fframe.html%22%2C%22rref%22%3A%22https%3A%2F%2Fwww.nbcnews.com%2F%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=16%3A23%3A34.177&id=3365&llvl=2&cv=20230628-3-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-37003659051456368343.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 28 Jun 2023 16:23:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ Frame 413D 43 B
251 B 51ms
50ms Image
image/gif 184.84.133.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=10189&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=nbcnews.com&L1id=35890458&L2id=3138547590&L3id=6334817002&L4id=138438027889&S1id=57191058&S2id=21823574394&ord=1687969404425&r=706841259084&t=page10&os=0&fi2=0&div1=0&ait=0&bedc=1&q=5&nu=0&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.84.133.161 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-84-133-161.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 16:23:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 28 Jun 2023 16:23:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mps.nbcuni.com
URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Domain: mps.nbcuni.com
URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Domain: mps.nbcuni.com
URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Domain: mps.nbcuni.com
URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Domain: mps.nbcuni.com
URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Domain: mps.nbcuni.com
URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

76 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mps.nbcuni.com/request/page/json	1970-01-20 12:54:15	Name: adEdition Value: US
mps.nbcuni.com/request/page/json	1970-01-20 12:54:15	Name: geoEdition Value: us
i.liadm.com/s	1970-01-20 13:36:01	Name: _li_ss Value: CgsKCQj_____BxC-FQ
i6.liadm.com/s	1970-01-20 13:36:01	Name: _li_ss Value: CgA
.nbcnews.com/	1969-12-31 23:59:59	Name: nbcnews_geolocation Value: us
.nbcnews.com/	1969-12-31 23:59:59	Name: ng_geolocation Value: US
www.nbcnews.com/	1970-01-20 13:07:13	Name: akaas_NBCNews Value: 1688833401~rv=19~id=9ea012f175e043ce31ed1d7ee26b0326~rn=
.nbcnews.com/	1970-01-20 21:38:25	Name: _s Value: amp-Fmz87_aPfU56GpV3-2szVw
.nbcnews.com/	1970-01-20 21:38:25	Name: _ga Value: amp-lTQUeOAHimqc8XVW7FQl9A
.nbcnews.com/	1970-01-20 21:38:25	Name: adobe_amp_id Value: amp-UUXQAAW9ZSVhwg4a-SIoAA
.nbcnews.com/	1970-01-20 21:38:25	Name: _parsely_visitor Value: amp-jSubJ1geQOXJTrrBiJJQWQ
.nbcnews.com/	1970-01-20 21:38:25	Name: comScore Value: amp-lqbnu99wL4a5huHWGSuInw
.nbcnews.com/	1970-01-20 21:38:25	Name: mparticle_amp_id Value: amp-HA4LxJLuiVT2q1SF-WUlYA
.scorecardresearch.com/	1970-01-20 22:28:49	Name: UID Value: 1086d52293bfb679de5c3681687969403
.doubleclick.net/	1970-01-20 22:28:49	Name: IDE Value: AHWqTUmWs_Uufi-v3Wn6JwYfru1KjwNBozrp-LjcEA2UTX5DNhAEpE_ZYMnOKKOdKHs
.agkn.com/	1970-01-20 21:38:25	Name: ab Value: 0001%3A08CjPijEqNEnp9hj3kdEPGZ3lZ5ubXR%2F
.doubleclick.net/	1970-01-20 12:52:50	Name: test_cookie Value: CheckForPermission
.rubiconproject.com/	1970-01-20 21:38:25	Name: khaos Value: LJFXEETE-4-KK22
.krxd.net/	1970-01-20 17:12:01	Name: _kuid_ Value: PpIJM0ph
.criteo.com/	1970-01-20 22:14:25	Name: uid Value: c23303ec-1280-4661-9ba4-f0c6eb8c922b
.agkn.com/	1970-01-20 21:38:25	Name: u Value: C\|0EAAsLxr8LC8a_QAAAAACAQAxAAAAALsSb4b__x7__________wAAAAUUyVF6AAAAIDuMqnEAAAABeZWi6gA
.adsrvr.org/	1970-01-20 21:39:51	Name: TDID Value: 24cfb9a4-ca44-4d7c-8790-4c015d723117
.taboola.com/	1970-01-20 21:38:25	Name: t_gid Value: 9b86c917-4ee1-4547-8a5c-1ef9a504e763-tuctb95e3fd
.adnxs.com/	1970-01-20 15:02:25	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2In=pK.8)!]tbPl@/D!9hy6]/Cr.ZYspwRZdL'B`-lQD4=wGI/lxw]7pW/]cf0s?bCsA<hUkdB>zPk9S'a.RbpRzqF1`*benE-0+$_
.adsrvr.org/	1970-01-20 21:39:51	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCPKpu4TB__s7EAUYBSABKAIyCwjo4Yex1__7OxAFOAE.
.adnxs.com/	1970-01-20 15:02:25	Name: uuid2 Value: 4753582124059338400
.amazon-adsystem.com/	1970-01-20 22:28:49	Name: ad-privacy Value: 0
.bidswitch.net/	1970-01-20 21:38:25	Name: tuuid Value: 14d01565-556f-4216-8b49-f91159f4d81e
.bidswitch.net/	1970-01-20 21:38:25	Name: c Value: 1687969406
.bidswitch.net/	1970-01-20 21:38:25	Name: tuuid_lu Value: 1687969406
match.sharethrough.com/	1970-01-20 13:02:54	Name: AWSALBCORS Value: yt0D1I3bfCpmRD7WRrkhaNMTuGsl7WVA9Nb1NOmsZkp70onqs3R/tfjf6J0NXpgMRMQdTGTxOCtmtO8No6HyIfMDb/vBJUI10GfMcsT9uBpz9skWdMyUaI8N9uiL
.sharethrough.com/	1970-01-20 13:36:01	Name: stx_user_id Value: 221e65cf-9ee7-4fbe-aa01-687f57d9663d
.smartadserver.com/	1970-01-20 22:23:03	Name: pid Value: 7338257504666785570
.smartadserver.com/	1970-01-20 22:23:03	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 21:39:51	Name: csync Value: 79:k-gEYlRrqTJUy6P9YzotYFLGS1Dp4SgFd4lbE9UA
.teads.tv/	1970-01-20 21:36:59	Name: tt_viewer Value: ecb96cb4-7ce2-4aa0-83a4-0f9d193908ed
.3lift.com/	1970-01-20 15:02:25	Name: tluid Value: 2139654212516272527053
.yahoo.com/	1970-01-20 21:38:47	Name: A3 Value: d=AQABBH5enGQCEKtCgtH4Tz4eS5UlJdDdaRwFEgEBAQGvnWSmZNxH0iMA_eMAAA&S=AQAAAqcuVdclRc4ZAYOPoWcnZV0
.analytics.yahoo.com/	1970-01-20 21:38:25	Name: IDSYNC Value: 18zh~2ch4
.media.net/	1970-01-20 21:38:25	Name: visitor-id Value: 3309710066573144000V10
.media.net/	1970-01-20 13:36:01	Name: data-c-ts Value: 1687969406
.media.net/	1970-01-20 13:36:01	Name: data-c Value: k-BWcQo7qTJUy6P9YzotYFLGS1Dp7tNq6hxurh8A~~3
.omnitagjs.com/	1970-01-20 13:36:01	Name: ayl_visitor Value: 2b1f46690b6a93490c4adc3068a91c1b
.linkedin.com/	1970-01-20 21:38:25	Name: bcookie Value: "v=2&c9c548d5-1762-4676-8fb9-8c91d3b612fb"
.linkedin.com/	1970-01-20 12:54:15	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2954:u=1:x=1:i=1687969406:t=1688055806:v=2:sig=AQHaFVMMbhtBtMxJy2ZdNALRGgOWESYJ"
.socdm.com/	1970-01-20 22:28:49	Name: SOC Value: ZJxefsCo5s8AANiCDj4AAAAA
.360yield.com/	1970-01-20 15:02:25	Name: tuuid Value: fbd6b346-cf19-479d-b5c6-300d1be72c29
.360yield.com/	1970-01-20 15:02:25	Name: tuuid_lu Value: 1687969406
.casalemedia.com/	1970-01-20 21:38:25	Name: CMID Value: ZJxeftvsEU4OzXy6LeZcFwAA
.casalemedia.com/	1970-01-20 15:02:25	Name: CMPS Value: 1321
.casalemedia.com/	1970-01-20 15:02:25	Name: CMPRO Value: 1321
.bing.com/	1970-01-20 22:14:25	Name: MUID Value: 020C77300FF460D80FB6640E0E206106
.c.bing.com/	1970-01-20 13:02:54	Name: MR Value: 0
exchange.mediavine.com/	1970-01-20 13:12:59	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%221c3b4010-15d0-11ee-b96b-fd049d9a37c0%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 13:12:59	Name: mv_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%221c3b4010-15d0-11ee-b96b-fd049d9a37c0%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 13:12:59	Name: am_tokens Value: %7B%22mv_uuid%22%3A%221c3b4010-15d0-11ee-b96b-fd049d9a37c0%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 13:12:59	Name: am_tokens_invalidate-verizon-pushes Value: %7B%22mv_uuid%22%3A%221c3b4010-15d0-11ee-b96b-fd049d9a37c0%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/	1970-01-20 13:12:59	Name: criteo Value: %7B%22id%22%3A%22k-lHKskLqTJUy6P9YzotYFLGS1Dp4KsvTAefXIgA%22%2C%22version%22%3A%22criteo%22%7D
.360yield.com/	1970-01-20 15:02:25	Name: um Value: !38,VUcLClJvpNetC2.Y56bghMYyzCE6KfWWChGRLPuLWaVf7JCsHBuZqzOEBeEs9u6WNQ3xY3vu,1695745406
.360yield.com/	1970-01-20 15:02:25	Name: umeh Value: !38,0,1750177406,-1
.postrelease.com/	1970-01-20 21:38:25	Name: visitor Value: 52719efb-8d33-40a8-93de-528bf80b4a42
.postrelease.com/	1970-01-20 21:38:25	Name: status Value: 0
.smaato.net/	1970-01-20 13:23:03	Name: SCM Value: 768a064
.liadm.com/	1970-01-20 22:28:49	Name: lidid Value: d900b3ce-6cee-4d30-9e14-476c07260280
.bluekai.com/	1970-01-20 17:12:01	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 17:12:01	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LD6LnXy3+YQ+EXF65wUwz/2vEz+/e4snzwRnYSI/21A/O9eSNhqK
.bluekai.com/	1970-01-20 17:12:01	Name: bku Value: uUW99c8K7sESip9T
.pubmatic.com/	1970-01-20 13:36:01	Name: KRTBCOOKIE_97 Value: 3385-uid:k-0MsoDLqTJUy6P9YzotYFLGS1Dp5J4aeaIg4Hog&KRTB&23144-uid:k-0MsoDLqTJUy6P9YzotYFLGS1Dp5J4aeaIg4Hog&KRTB&23286-uid:k-0MsoDLqTJUy6P9YzotYFLGS1Dp5J4aeaIg4Hog&KRTB&23287-uid:k-0MsoDLqTJUy6P9YzotYFLGS1Dp5J4aeaIg4Hog
.pubmatic.com/	1970-01-20 13:36:01	Name: PugT Value: 1687969405
.smaato.net/	1970-01-20 13:07:56	Name: SCM1001851 Value: 768a064
.tapad.com/	1970-01-20 14:19:13	Name: TapAd_TS Value: 1687969406786
.tapad.com/	1970-01-20 14:19:13	Name: TapAd_DID Value: bc4a9202-9aa2-42ff-985a-4f65c94e8524
.amazon-adsystem.com/	1970-01-20 17:22:06	Name: ad-id Value: AyiCI6XTtkxRlEaLzjOyMyQ
.rubiconproject.com/	1970-01-20 21:38:25	Name: audit Value: 1\|jxiuepg8R95qfu8cYVtFmusuctNIo1HW2wcIU3tGPCiFQXC9JARqfnFVEhRP/M6HHcGbVvOKm6sizXmmrSrFbdFmRRNMd5/3Dzb3jBx2k5zQaJxpxnco7bKpUjWTmmg0
.demdex.net/	1970-01-20 17:12:01	Name: demdex Value: 39492945816639440332278992890498468287
.dpm.demdex.net/	1970-01-20 17:12:01	Name: dpm Value: 39492945816639440332278992890498468287

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.nbcnews.com/news/amp/rcna91341 Message: Access to fetch at 'https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com' from origin 'https://www.nbcnews.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www-nbcnews-com.cdn.ampproject.org' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.nbcnews.com/news/amp/rcna91341 Message: Access to fetch at 'https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com' from origin 'https://www.nbcnews.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www-nbcnews-com.cdn.ampproject.org' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.nbcnews.com/news/amp/rcna91341 Message: Access to fetch at 'https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com' from origin 'https://www.nbcnews.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www-nbcnews-com.cdn.ampproject.org' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.nbcnews.com/news/amp/rcna91341 Message: Access to fetch at 'https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com' from origin 'https://www.nbcnews.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www-nbcnews-com.cdn.ampproject.org' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.nbcnews.com/news/amp/rcna91341 Message: Access to fetch at 'https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com' from origin 'https://www.nbcnews.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www-nbcnews-com.cdn.ampproject.org' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.nbcnews.com/news/amp/rcna91341 Message: Access to fetch at 'https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com' from origin 'https://www.nbcnews.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'https://www-nbcnews-com.cdn.ampproject.org' that is not equal to the supplied origin. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://mps.nbcuni.com/request/page/json/amp?path=/news/amp/ncna1000858&site=nbcnews-bento&type=amparticle&cat=amp\|news&field[slotname]=amparticle&field[context]=amp&field[platform]=mobile&field[canurl]=https%3A%2F%2Fwww.nbcnews.com%2Fnbc-out%2Fnbc-out-proud%2Fre-coming-children-chant-nyc-drag-march-elicits-outrage-activists-say-rcna91341&__amp_source_origin=https%3A%2F%2Fwww.nbcnews.com Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://ads.rubiconproject.com/prebid/creative.js(Line 8) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
worker	error	URL: blob:https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/83f91d53-24c1-4e9a-beb0-553b4f82e2bb Message: Mixed Content: The page at 'blob:https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/83f91d53-24c1-4e9a-beb0-553b4f82e2bb' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/83f91d53-24c1-4e9a-beb0-553b4f82e2bb Message: Mixed Content: The page at 'blob:https://d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com/83f91d53-24c1-4e9a-beb0-553b4f82e2bb' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=2628000 ; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3p.ampproject.net
aa.agkn.com
aamt.nbcnews.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.tpmn.co.kr
ade.clmbtech.com
ads.rubiconproject.com
ads.stickyadstv.com
ads.us.criteo.com
adservice.google.com
beacon-iad3.rubiconproject.com
beacon.krxd.net
c.bing.com
cat.va.us.criteo.com
cdn.ampproject.org
cdn.taboola.com
cdnjs.cloudflare.com
ch-trc-events.taboola.com
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csm.us.criteo.net
d-37003659051456368343.ampproject.net
d.agkn.com
d6ec04e22546fdd2765ea2e43bd3467d.safeframe.googlesyndication.com
dis.criteo.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
geo.moatads.com
gum.criteo.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
imageproxy.us.criteo.net
jadserve.postrelease.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
media-cldnry.s-nbcnews.com
mps.nbcuni.com
nbcnews.app.link
nbcudisplay.s.moatpixel.com
nodeassets.nbcnews.com
pg-prebid-server-aws-use1.rubiconproject.com
pixel.rubiconproject.com
pixels.mparticle.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
px.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.amazon-adsystem.com
s.update.rubiconproject.com
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
srv.pixel.parsely.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tags.bluekai.com
tapestry.tapad.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trends.revcontent.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.va.us.criteo.com
www.googletagservices.com
www.nbcnews.com
x.bidswitch.net
z.moatads.com
mps.nbcuni.com
104.66.236.17
104.77.247.148
108.138.128.21
141.226.124.48
141.226.224.48
142.250.81.226
151.101.193.44
173.223.57.84
18.164.96.90
18.164.98.157
184.84.133.161
192.40.39.223
195.244.31.11
202.241.208.53
209.54.182.161
23.105.12.150
23.193.121.161
23.200.197.46
2600:141b:13:7a2::a1d
2600:141b:9000:59e::2506
2600:141b:e800:39::17c6:d61a
2600:141b:e800:c93::2506
2600:1f18:4e9:5a07:911:ca5:2fec:7420
2600:1f18:612b:4200:180a:bb6b:7eca:821b
2600:1f18:ed:550e:4578:8034:184b:4f8b
2600:9000:210b:b400:19:9934:6a80:93a1
2600:9000:2209:4400:1b:5138:8a40:93a1
2600:9000:23cb:7200:19:fc2c:a140:93a1
2602:803:c002:300::76
2606:4700::6811:190e
2607:f8b0:4006:80f::2003
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:822::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::4
2620:100:a001::9
2620:100:a001::c
2620:1ec:21::14
2620:1ec:c11::200
2a04:4e42:400::645
3.211.77.134
3.221.217.222
3.223.221.83
3.225.14.251
3.229.170.24
34.102.166.132
34.111.113.62
34.117.157.22
34.200.65.202
34.202.209.8
34.230.152.154
34.231.207.29
35.211.178.172
35.71.131.137
35.71.139.29
50.16.161.49
52.204.143.235
54.145.113.152
54.147.140.130
54.157.17.18
54.159.205.59
63.140.38.178
63.251.28.234
67.220.228.200
68.67.160.75
68.67.179.113
70.42.32.63
74.119.119.147
74.119.119.150
8.28.7.83
8.43.72.97
8.43.72.98
96.17.64.29
00d25aa07f76ff0f5073084904ea375bbc3ed81c1229aceb16fc41b1e9da1fa8
04481f4f519b299b81a540a46e23cbbb0d9732c4a809cd3fa0926e0b824d11d3
066866c737617733af0eb2d9fda6bc08f1741ca85b6d49087fcaa5b129900ff8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a07f342a5b9e423663ca0a6de79fdcaadb51c5de1be6fea8dd3b48fac1aa192
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ed1f166939bdd2358e771b548ee2be36d1850979732c1485373ad4f562dc8bc
0ed52a25fb6bb9fa0efad8cd024e6f650b7827c4cdf7f5285cab8c328b76ab0e
14aeb3d2618c2abae5865921104ee6ec915be2f0678ec82880f5cd2aceee7c08
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1937c96fa2830c8283a2e05bb905ff5720ea65552577791cf1e5272e9c881d11
193c37aae8da3c8b0d2620b6811df5e9d84a75fc904f507a11d2ade4d84fb292
19d562a6f2a20a630a21a62519a7f5ae74e2fd6a6ae5a2982f722387ceb8d8d2
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b0088b0cfe07cb2c34d91350788c79326df42e7c531e335e18439ba5cfd3721
1bdf7c616ffcf31914947a4c74c6e545bda502495eedc4136f94eb3d0317ce5d
1eaf39da4a7bc521968553ccb045aaae4c3609d0f714197db1855e4b47bf31d4
224f9c75efa48af11efcc1a4e725b8c2a74cb6e3a30966397ddbe82fe2b34e18
2254976bba5b90609720c29fcf13bd161708599fa80c7bc0235fdd65d8a08ff6
255c9fbca8db24e75829c892cad03140cfd08b5b2ffe99401262089d88a476c1
28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0
283cabd4c5a7326589ebe7f98825be7638ca28f87a7a7e3fdb8ffff163f15cf8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ece6bd89b2087c1b8fd2a9cafddcef7af5671be5992f0cd99525f7ce3a326f5
2f0cd5c2a5f6d95ba5e342e533d01a20829e7ecb820943b20d35ee0b7404d81c
2f73d3574008396117cb50a903ded55f288e3eb9d4767b131113d5a25d0a9983
302bbfb91b5de1567628a98197f1d9b21bd7a5afdaa149ae41e5b4b38d6cf514
307e208c84dc2189af056ef899123539cf4d3e9cdb131bee08e111c170d456eb
314ba74b337fd26849597311f798c9241edf19026a0bb311582916a8be9d7c13
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3695624c38415de8dc3be7fb8a11faffd822b377963f215d628daab0e80ac003
39cd29361b7f6839c498541926a32e1dd1e5ea0f98d1aa31c1e4fdd4cd6cb1c4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eeaae821811d4b3082b5f9d4d02327f510ee4e43503eb0b8df32c163eae422d
3f388d2df3884c1215d973564861c4a41befdb92b325d85abe59825391ebcd13
3f906aef93053307e6aca22cf447466627a0b3dad0900275849804b4c2b1effb
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
418023d3bc67bd9a048e3d0d4cbc678c58b2acc7fe3e67eefa44e08bb541350d
447c1d9ef45c3c4d49424f5b2a2cb8d4b1c1f4e81368fcdc4e5ccae51c1e88d8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48bd7f11cc08563640c65390bc9fa76c301ba34d5edbca13836850ce6ec15e4f
49cdc361ce4f9beadb896676f96309c5dcc6477cd9df82ed5eef42d770e745b0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2da0ccaa34f56912080e74e8d710e1d71198698d054472c032007b9bd96886
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52ce588d419f161973f6cc1a4ca9fc84b793538df3861a44f6a377ae53a0e0bf
53313fb1a03750a571a4357939d40ae80dde0b7577bb72d99d9d179707980302
547bfe45786020d5e9de262b053fecc7e9031cac23695f136d411b67e604c90e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
581a8c4764e258df94bff79f71dba5ff9380f43af67d63dabdc2f77dd6167147
58b691843c224b0fb4482efa5c50bffe06df252df7c85e3c040a3beb80aa3946
5e6ee43758f4521237af4059fea23a5e002c080bf62465f021e53c3315b45ffb
5ed5c4089864b01e87b2f702813aad69f02a330abc2a228d51025800447411b4
5ee01918f0cf6938c5ef120611f77319898096045ff10aa1d2bd5bd8f2fe23c2
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
616ca1bba56c0d435c4263e3ae02ccefac37a16fcc2bd00b801ecdd34251a404
64729af3639ad2625f775ce8873b0021e372e05a8076109629b3b48351c37178
657a4a4522867de195bdbde74ec9bec30c0cf50684cdadb31241ddfd903422c8
697e0f3f0d843572999b03d112efb43d6b9576d733e9f024607ee088f9034a3c
69d218fe472e2ce205188dd69fbdb32436ebb6ae9a38d6ef8d60332c1b34e31b
6b913d6f06cebe5484a2bf0de91fa809e331c5b4c7885a8bb67e971f1be57c48
6fa02a11b4699fc722dc629fc4d4e4549a9979150a6a19d21c22a950bdac7d6e
6fce5e2d3b54be3de1e77402ea2d9c69d355054b288b523b47fa00738fe38df7
6fcf7505598f44c875256639e01d50b8e539073a4af0461839483a4cd3842032
70562640a5faa0735554738e5b62b97428b04ca2b25b873cc07ca648e481ce67
71fec08136db4f39744016e39725613faa040db5da9f01cbcdf3b1ef6e5000d1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
739c4dde65957335a549174395d628d6e6a3709f84b7bef055c65428e4836950
743956a1bceb0c9da30c868332b2c2239c338194950f019b0b293b741258f073
76da43a79a4ff0683d3df6d8036b7e93b4bfbe06e5dd388de815b816cafa0573
7955a616e04f3801e3fff07b410d915a89f19d35ee54940d076387440a9ca409
7bb224f5380f47477290ca81a6b9cfbb49797c07e14df932c7dd97025dedc191
7c8ea97a6e509de6a7d37457efb443bcd14bec9428b5e0ad081582d2fc35e02a
7e1daeefe90896459f6dbb3610ebe95889a0f91a0376dbb7bfc6fba2ab6f7db3
83340911733e4ae3c55fc3763d089fa38e427248ac4833ee3209c5c5f7f385dd
85443ac3a02a300f58a9ecdbcf74ff7ca8416b480232f570f22002f0bd4057b4
891d27667e75e04e845549bd850d7614fe1c315367055c70e093bbf7a678bff2
89e7c9cb5faf5db96026ad7ae318dee7b6ecf65c601a0237b8d3bdce03593a36
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d38fb578a4b1341da1fca57edf617e5a17409068aa07084400f9229561a753a
8d6d9159f628878660f3f321da7b7c84a3fc244c3eb30fd67f06a4a0e59e621a
8e9b3dc41928550a6a5f2294cb7bb92ba7e4ae20198486ce269415ee43543420
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
94baf7f0ddcb1cfd1f4a33d91a486b47295fae1b0b06942993ecc844add6608b
96443831f40e48742d7bd299ef80326751b06bbf7954edf4e61ec3c0eef40733
973236f90702b605aec5c2d48dc1f9699002fa9d81a341b045d1afebc0ca7522
97df80b1954f5e66f5c118702c69673b78abd17f52941d5a910607532c26ff90
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ede3a2d98265e9da0d21301bb49ce0d2cbef85c30d8001db81bffe1c3bb625
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c69cd3a629efdb85b2d2dbcc616fdd98881a85f4f3badd737f915370a747067
a05fe2886d9376972b756947caf7358383300c71f126f2a4583bef5347fe19a9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1beda5e20e7b2ddc1724594db766e243eb33387dc369a3741f3dfffb9ebff66
a285256cf50d15e16185e51140b7ea234589ed02bdbe465f7488844c3de5fc2b
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
acab483d9c3a7d68c4ead76018249b6821dbf97288f8d122318435c28062aad9
ae929f1512409c37c97529b7831aaa566333bd68e7b4179c212a5510f79bc13c
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0151d9f7ba3e1d415f26218b5c6d37ae73c776d8942d1abc8a55e0f2cacbab3
b07658d87571d9b3e5dbc3437c5991a9a37fd3e367b7d7a0ae456a89314360a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e601b0beafd141f8a9d9921956c3700aef2f2c4dcddbf58b54b0e821e2479a
b41ae19fd6fcdc949f7fde566da906c182ae846c517dd39eed0c2ed1708c64b4
b4ccd6f6f5db788fd75d5abd9c6252c741e542d6668a1064f9556dbae435047c
b9393c34f97a01f0e4c1f696ed96a0adda0c5f15fef27eaf8119720de817d4b3
ba4a0ee9d98bebc7f0b92077dcb305255986e2d3d9c7c637cc27fe30a9cc16e4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cdd152da46fe3cee3e804d967f5dead6756bfb9698b157766bbbdc0ab5ce9b0c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05126c9c177d10b4243b3d8064f504972e70cfbf49ba1dcbda323bef3df88bf
d0ea00c72f2e2b9d54af4da852d996e66fe2d8ac9d9710c5e35437e6f61ecad9
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1c2b37ceec567b3c16bcf46bbe4f6ee5c5436e211948953c8c51e138906e5d4
d2152d607f4a55ad438903d9c843f7b848b82ff71481d5d63a56b4f4a81be3d9
d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716
d563c10575ccc46cf05c5874f27320588e0e6849064c1d4df9c1f2f72f31418f
d5816a251bf54c5599d5c5b3364578825a2af2246f889f11bbe81a3ed1a24e5b
d6fc5751f9da22fb3eee81ee31843ab42f32a54b15e0010dcdf3770c98e5669c
d871f6175a528a2ac9fde32ef1ad780873c903da5f8f6275d34532e8df2ed849
dbe481406fb7e2d84d9b87bbbc336ec8d7ea62c9978d8fa36d2171d7d2f4b6cb
dcb5397cfd68a54fdcb6460acf73f830f5d4715be88af81e072966f605e5810b
de41278b639e6af44f3621cb961e3cc315ea5185bd3f71f3b8746f8a6c23abb1
de437aee914ab9d1756acaa06d55bead60a11839cb50cb5cfcf6e2172cde90ef
e03a2722836ae8b3a6c5431b9333661d1af26b9b2e5b9894d9fb22d3e30b76be
e09aff711f9a8726b0482c4d5f57b3d7ecc8e820f825ab0ece7a03d069472837
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53d6ba894f7695b77d09199a06bf026ea913bb129f45dd63a5994004485999a
e6548e4dd6e1a59d2062aa9decbe7152fe44ac445105c4a8e016a3663d6ab44b
e683b6bfc800c314892b809acc0e751d7811cd664d97adaf2a02e21d08c42bce
e751f5e1534bf1e93512fa46a6e8fbbd6b4572349754aebea5530f047907b29a
e7d73f8df31a186663aa8ae7637c931e07d47d136600a3e5be6ae90ba1fe1e5e
e8b7d263f1499cea8b587690e1d9309f520b0b00adc0f226376d0a209405ea20
ea80afd281a3a0254cd4ad4d4a10035f73d0f0bb6223337d5d0879e3814d31e9
eedf4450da7b2b6e9e6566cb76bd6a6ca64679060146ce7387b7f34818cad2cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16a502ef7b322dc11da3c4b0dbfa9ff3cb7801c1b80e94c4094af9a194a9f08
fae28fcab23026155838be7a52d391f3ed4e25769a154c2d15265b7adf26bfb0

www.nbcnews.com Open in urlscan Pro 2600:141b:e800:c93::2506 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

364 Requests

89 %HTTPS

35 %IPv6

54 Domains

83 Subdomains

77 IPs

4 Countries

3987 kBTransfer

8984 kBSize

76 Cookies

32 Outgoing links

Redirected requests

364 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nbcnews.com Open in urlscan Pro
2600:141b:e800:c93::2506 Public Scan

Screenshot
Live screenshot

Full Image

364
Requests

89 %
HTTPS

35 %
IPv6

54
Domains

83
Subdomains

77
IPs

4
Countries

3987 kB
Transfer

8984 kB
Size

76
Cookies

364 HTTP transactions
10 data transactions