www.oxygen.com Open in urlscan Pro
2a02:26f0:ab00:3ba::1af8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-n...
Effective URL:
https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyr...
Submission: On September 05 via api (September 5th 2024, 8:16:43 pm UTC) from US — Scanned from DE

Summary HTTP 136 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 49 IPs in 8 countries across 31 domains to perform 136 HTTP transactions. The main IP is 2a02:26f0:ab00:3ba::1af8, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.oxygen.com. The Cisco Umbrella rank of the primary domain is 513450.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 30th 2024. Valid for: a year.

This is the only time www.oxygen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:ab0... 2a02:26f0:ab00:386::1af8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
47	2a02:26f0:ab0... 2a02:26f0:ab00:3ba::1af8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:350... 2a02:26f0:3500:c89::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:dfad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.41.180.140 23.41.180.140	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.246.157.114 54.246.157.114	16509 (AMAZON-02) (AMAZON-02)
1	23.197.128.254 23.197.128.254	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:400... 2a04:4e42:400::645	54113 (FASTLY) (FASTLY)
1	23.218.50.73 23.218.50.73	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:e30... 2a02:26f0:e300:187::1af8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.163.107.227 54.163.107.227	14618 (AMAZON-AES) (AMAZON-AES)
1	52.209.226.213 52.209.226.213	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.27 63.140.62.27	16509 (AMAZON-02) (AMAZON-02)
4	23.213.169.236 23.213.169.236	16625 (AKAMAI-AS) (AKAMAI-AS)
3	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	104.122.39.115 104.122.39.115	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.245.31.92 18.245.31.92	16509 (AMAZON-02) (AMAZON-02)
1	13.33.173.196 13.33.173.196	16509 (AMAZON-02) (AMAZON-02)
6	54.162.201.242 54.162.201.242	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
2	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	96.46.188.4 96.46.188.4	7979 (SERVERS-COM) (SERVERS-COM)
1	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.229.181.88 54.229.181.88	16509 (AMAZON-02) (AMAZON-02)
1	104.16.223.173 104.16.223.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.156.51.63 54.156.51.63	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	18.195.70.197 18.195.70.197	16509 (AMAZON-02) (AMAZON-02)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	23.213.168.238 23.213.168.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.38.76 104.18.38.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.240.155.108 172.240.155.108	7979 (SERVERS-COM) (SERVERS-COM)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
136	49

1 2a02:26f0:ab00:386::1af8 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.oxygen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a02:26f0:ab00:3ba::1af8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.oxygen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:c89::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:dfad (United States)

ASN13335 (CLOUDFLARENET, US)

commerce.nbcuni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.41.180.140 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-180-140.deploy.static.akamaitechnologies.com

id.nbcuni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mps.nbcuni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f7cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.157.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-157-114.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.128.254 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-128-254.deploy.static.akamaitechnologies.com

www.nbcudigitaladops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.50.73 (Haarlem, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-50-73.deploy.static.akamaitechnologies.com

entitlement.auth.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:e300:187::1af8 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

id.oxygen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.107.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-107-227.compute-1.amazonaws.com

sp.auth.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.226.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-226-213.eu-west-1.compute.amazonaws.com

nbcuni.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-27.data.adobedc.net

nbcume.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.213.169.236 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-169-236.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.122.39.115 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-122-39-115.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-92.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.173.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-173-196.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.162.201.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-201-242.compute-1.amazonaws.com

sp.auth.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.188.4 (United States)

ASN7979 (SERVERS-COM, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.181.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-181-88.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.223.173 (None, )

ASN13335 (CLOUDFLARENET, US)

commerce.nbcuni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.156.51.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-51-63.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a4645e54ca0e9bfe1171994c96538b70.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.70.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-70-197.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.168.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-168-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.155.108 (United States)

ASN7979 (SERVERS-COM, US)

sync.colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	oxygen.com 1 redirects www.oxygen.com — Cisco Umbrella Rank: 513450 id.oxygen.com	415 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157 a4645e54ca0e9bfe1171994c96538b70.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203	110 KB
8	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1046 events.launchdarkly.com — Cisco Umbrella Rank: 1278	2 KB
8	adobe.com entitlement.auth.adobe.com — Cisco Umbrella Rank: 8906 sp.auth.adobe.com — Cisco Umbrella Rank: 5457	57 KB
6	moatads.com z.moatads.com — Cisco Umbrella Rank: 1247 mb.moatads.com — Cisco Umbrella Rank: 1987 px.moatads.com — Cisco Umbrella Rank: 1015	197 KB
6	nbcuni.com commerce.nbcuni.com — Cisco Umbrella Rank: 105714 id.nbcuni.com — Cisco Umbrella Rank: 20818 mps.nbcuni.com — Cisco Umbrella Rank: 14750	337 KB
5	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 4157 fastlane.rubiconproject.com — Cisco Umbrella Rank: 780 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 4421 eus.rubiconproject.com — Cisco Umbrella Rank: 948	162 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 394 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 999 aax.amazon-adsystem.com — Cisco Umbrella Rank: 501	84 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	55 KB
3	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	16 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 992	31 KB
2	adtrafficquality.google ep1.adtrafficquality.google ep2.adtrafficquality.google	19 KB
2	3lift.com tlx.3lift.com Failed eb2.3lift.com — Cisco Umbrella Rank: 632	444 B
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 744 ads.pubmatic.com — Cisco Umbrella Rank: 855	113 B
2	colossusssp.com colossusssp.com — Cisco Umbrella Rank: 2932 sync.colossusssp.com — Cisco Umbrella Rank: 3082	254 B
2	omtrdc.net nbcume.sc.omtrdc.net — Cisco Umbrella Rank: 27163	490 B
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	181 KB
2	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 319 nbcuni.demdex.net — Cisco Umbrella Rank: 20470	1 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1314	24 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 645	1 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 1124
1	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 2320	682 B
1	criteo.com bidder.criteo.com Failed gum.criteo.com — Cisco Umbrella Rank: 553
1	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 785	539 B
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 1853	262 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 383	745 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	78 KB
1	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 7913	2 KB
1	nbcudigitaladops.com www.nbcudigitaladops.com — Cisco Umbrella Rank: 90657	313 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	235 B
0	krxd.net Failed beacon.krxd.net Failed
136	31

	Domain	Requested by
48	www.oxygen.com	1 redirects www.oxygen.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.oxygen.com pagead2.googlesyndication.com
7	sp.auth.adobe.com	entitlement.auth.adobe.com
4	events.launchdarkly.com	id.nbcuni.com
4	app.launchdarkly.com	id.nbcuni.com
3	c.amazon-adsystem.com	mps.nbcuni.com c.amazon-adsystem.com
3	assets.adobedtm.com	www.oxygen.com assets.adobedtm.com
3	cdn.cookielaw.org	www.oxygen.com cdn.cookielaw.org
2	eb2.3lift.com	1 redirects micro.rubiconproject.com
2	prebid-a.rubiconproject.com	micro.rubiconproject.com
2	px.moatads.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	static.criteo.net	micro.rubiconproject.com static.criteo.net
2	mb.moatads.com	z.moatads.com
2	z.moatads.com	mps.nbcuni.com securepubads.g.doubleclick.net
2	nbcume.sc.omtrdc.net	assets.adobedtm.com www.oxygen.com
2	securepubads.g.doubleclick.net	mps.nbcuni.com securepubads.g.doubleclick.net
2	mps.nbcuni.com	www.oxygen.com mps.nbcuni.com
2	unpkg.com	1 redirects www.oxygen.com
2	id.nbcuni.com	www.oxygen.com id.nbcuni.com
2	commerce.nbcuni.com	www.oxygen.com commerce.nbcuni.com
1	id5-sync.com
1	sync.colossusssp.com	micro.rubiconproject.com
1	js-sec.indexww.com	micro.rubiconproject.com
1	eus.rubiconproject.com	micro.rubiconproject.com
1	ads.pubmatic.com	micro.rubiconproject.com
1	gum.criteo.com	static.criteo.net
1	ep2.adtrafficquality.google	securepubads.g.doubleclick.net
1	a4645e54ca0e9bfe1171994c96538b70.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	g2.gumgum.com	micro.rubiconproject.com
1	htlb.casalemedia.com	micro.rubiconproject.com
1	hbopenbid.pubmatic.com	micro.rubiconproject.com
1	grid.bidswitch.net	micro.rubiconproject.com
1	fastlane.rubiconproject.com	micro.rubiconproject.com
1	ib.adnxs.com	micro.rubiconproject.com
1	colossusssp.com	micro.rubiconproject.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	micro.rubiconproject.com	mps.nbcuni.com
1	www.googletagmanager.com	www.oxygen.com
1	nbcuni.demdex.net	assets.adobedtm.com
1	id.oxygen.com	id.nbcuni.com
1	entitlement.auth.adobe.com	www.oxygen.com
1	jssdkcdns.mparticle.com	www.oxygen.com
1	www.nbcudigitaladops.com	mps.nbcuni.com
1	dpm.demdex.net	assets.adobedtm.com
1	geolocation.onetrust.com	cdn.cookielaw.org
0	beacon.krxd.net Failed
0	tlx.3lift.com Failed	micro.rubiconproject.com
0	bidder.criteo.com Failed	micro.rubiconproject.com
136	51

This site contains links to these domains. Also see Links.

Domain
www.nbcstore.com
www.peacocktv.com
together.nbcuni.com
www.nbcunicareers.com
survey.researchresults.com
www.nbcuniversal.com
www.facebook.com
twitter.com
www.youtube.com
instagram.com
www.snapchat.com

Subject Issuer	Validity	Valid
www.universalstudiosentertainment.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-30`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
commerce.nbcuni.com WE1	`2024-09-04` - `2024-12-03`	3 months	crt.sh
*.nbcuni.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
www.nbcudigitaladops.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
jssdkcdns.mparticle.com Go Daddy Secure Certificate Authority - G2	`2024-05-02` - `2025-06-03`	a year	crt.sh
ssl.adobe.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-26` - `2025-05-27`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.auth.adobe.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-15` - `2025-06-15`	a year	crt.sh
*.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-09`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-20` - `2025-07-21`	a year	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2023-09-08` - `2024-10-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-16` - `2024-10-16`	3 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
casalemedia.com E5	`2024-08-15` - `2024-11-13`	3 months	crt.sh
ie-ad-exch-prd-two-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M03	`2024-07-02` - `2025-08-01`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M03	`2024-07-16` - `2025-08-14`	a year	crt.sh
adtrafficquality.google WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-02` - `2024-11-28`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-26` - `2024-11-20`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
indexww.com WE1	`2024-08-03` - `2024-11-02`	3 months	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
Frame ID: 9213A2DB3DFD20B974762515FEB8044C
Requests: 111 HTTP requests in this frame

Frame: https://sp.auth.adobe.com/entitlement/v4/AccessEnablerProxy.html?a4f31600ce9c60894320
Frame ID: 7C8B9AC137A79DC0E9692515014158C9
Requests: 1 HTTP requests in this frame

Frame: https://nbcuni.demdex.net/dest5.html?d_nsid=0
Frame ID: 65187D772CC1A04DA3B8D484AB78F0DB
Requests: 1 HTTP requests in this frame

Frame: https://a4645e54ca0e9bfe1171994c96538b70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7F9E276F12843D7CD7C6C20307095748
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstCi_B25d3afegpaSb9NVyViNQf5Mtt9igrRLQme1jxsHeJbuKPiHQ3Mfees7j2NDbXcQCYUP4Vn_7j4Q_d7YdyYM1BypTNDPfAEffAkzoOQTTzpnM-R0XC_YWbxwIOIzD_WW591OkP8iT2Ue4Dx2P7QP6_QTtWCgZK0fXBtkq9uOO7NKA1otjsbLVV0vvtWoIrBd4ZzxGTs3wiTuW1EDN_k1BSJiTZF4utSQscCcGuPfuoGepTXAKAg_2OzZiRC_YPLH9dh4ODH04I8mIiMF5gy8XuIAF4Zx4Tc_Y_ocRkju2VUIna6MgkjCbmpytCf0oGC3J6SO2b44RZZUcn3AsJbQvFHFD8uSUD_-_biuk4&sig=Cg0ArKJSzBErxMjhvi5QEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 62AE96AE64A9C3E72B812C0C2747B9D0
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.oxygen.com&us_privacy=1---
Frame ID: ECD3697306AF885390A59DA57D7902CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F18A978C5B80470CF12CB56037B06CFF
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Frame ID: CF7E1B0210636E7615AB8B6A3B8C49C6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162862&us_privacy=1---
Frame ID: 2EC625B6795016A03B07334653B5FD55
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 0226AF65DB3FB1944AEF0E1676497231
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B82BB5B6DFD01D70F745B47C81477C74
Requests: 1 HTTP requests in this frame

Frame: https://sync.colossusssp.com/iframe?pbjs=1&coppa=0
Frame ID: DDDC91712D20468F899A8D5146C9F310
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found | Oxygen Official Site

Page URL History Show full URLs

http://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidenc... HTTP 307
https://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidenc... HTTP 307
http://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidenc... HTTP 301
https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-f... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

136
Requests

95 %
HTTPS

35 %
IPv6

31
Domains

51
Subdomains

49
IPs

8
Countries

1776 kB
Transfer

5522 kB
Size

44
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nbcstore.com/pages/oxygen
Title: Shop Oxygen

Search URL Search Domain Scan URL

URL: https://www.peacocktv.com/?cid=20200101evergreensymedit104&utm_source=oxygen&utm_medium=symphony_editorial_brandawareness_globalnavlink&utm_campaign=20200101evergreen&utm_term=oxygenvisit&utm_content=oxygenglobalnav
Title: Peacock

Search URL Search Domain Scan URL

URL: https://together.nbcuni.com/advertise/?utm_source=oxygen&utm_medium=referral&utm_campaign=property_ad_pages&utm_content=header
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.nbcunicareers.com/?search_type=criteria&country=&state=all&city=all&keywords=oxygen
Title: Careers

Search URL Search Domain Scan URL

URL: https://survey.researchresults.com/survey/selfserve/53b/g012/180201?kssrc=40#?
Title: Viewer's Voice

Search URL Search Domain Scan URL

URL: https://together.nbcuni.com/advertise/?utm_source=oxygen&utm_medium=referral&utm_campaign=property_ad_pages&utm_content=footer
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies#accordionheader2
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy?brandA=Oxygen&intake=Oxygen
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/notrtoo?brandA=Oxygen&intake=Oxygen
Title: Your Privacy Choice

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/california-consumer-privacy-act?brandA=Oxygen&intake=Oxygen
Title: CA Notice

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.facebook.com/oxygennetwork
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/oxygen
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/OxygenTV
Title: YouTube

Search URL Search Domain Scan URL

URL: https://instagram.com/oxygen
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/add/oxygentv
Title: Snapchat

Search URL Search Domain Scan URL

URL: http://www.nbcuniversal.com/
Title: A Division of NBCUniversal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas HTTP 307
https://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas HTTP 307
http://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas HTTP 301
https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://unpkg.com/launchdarkly-js-client-sdk@3.2.0 HTTP 302
https://unpkg.com/launchdarkly-js-client-sdk@3.2.0/dist/ldclient.min.js

Request Chain 131

https://eb2.3lift.com/sync?us_privacy=1---& HTTP 302
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

136 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request -nasyrovas Show response
www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/
Redirect Chain

http://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
https://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
http://www.oxygen.com//snapped//season/-34//videos//private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

71 KB
72 KB

1796ms
1789ms

Document
text/html

2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

6bcf099ecde527bf061d4f5cd88d73a093e7e4cbcb6f087b1cc4523b6d03f68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
access-control-allow-origin: *
cache-control: must-revalidate, no-cache, private
cache-tags: MISS
content-language: en
content-length: 73212
content-type: text/html; charset=UTF-8
date: Thu, 05 Sep 2024 20:16:31 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
permissions-policy: unload=()
server: Apache
speculation-rules: "/speculationrules/speculationrules.json"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
x-content-type-options: nosniff
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 10 (https://www.drupal.org)
x-pubstack: local
x-varnish: 470738

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Methods: GET,POST,OPTIONS,HEAD,PUT,POST
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Thu, 05 Sep 2024 20:16:29 GMT
Location: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
Server: AkamaiGHost

GET
H2 200 speculationrules.json
www.oxygen.com/speculationrules/ 1 KB
827 B 136ms
134ms Other
application/speculationrules+json 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/speculationrules/speculationrules.json

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

cc2c9183cccef0703755bc55631ee3a1a7162ba12eeedc9b733d54a1b338d1c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
Origin: https://www.oxygen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 302
x-pubstack: local
last-modified: Tue, 27 Aug 2024 10:03:16 GMT
server: Apache
x-ttl: 31536000.000
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: application/speculationrules+json
x-varnish: 393254 917508
access-control-allow-origin: *
cache-control: public, max-age=900
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 1

GET
H2 200 icon-profile.min.svg
www.oxygen.com/themes/custom/lifestyle/images/identity/ 321 B
695 B 168ms
166ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/identity/icon-profile.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

d49c1786730d767fc4295bdb04c0e7566b75bc00f3db3157efcd1cde3aa07c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 202
x-pubstack: local
last-modified: Fri, 12 Jul 2024 08:48:28 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 48336846 43360018
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 56

GET
H2 200 icon-profile-dark.min.svg
www.oxygen.com/themes/custom/lifestyle/images/identity/ 318 B
695 B 112ms
108ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/identity/icon-profile-dark.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

f65441e290e57f17ebde690299c3ad642cd72792fe47171afb08f8763695318c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 197
x-pubstack: local
last-modified: Sun, 11 Aug 2024 00:09:36 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 11174248
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 primary-menu-arrow.min.svg
www.oxygen.com/themes/custom/lifestyle/images/ 180 B
593 B 117ms
112ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/primary-menu-arrow.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7c552bd91f390484f30d95b8b520ff1ae8d03d16d9139b298a6ff2350dac359f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 120
x-pubstack: local
last-modified: Sat, 13 Jul 2024 21:22:48 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 42327037
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 primary-menu-arrow-dark.min.svg
www.oxygen.com/themes/custom/lifestyle/images/ 180 B
676 B 116ms
112ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/primary-menu-arrow-dark.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

165d36362ebf1325dcd5c62de9c2a23cf2031a1852a22a3d5bae958cb9eaf6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 160
x-pubstack: local
last-modified: Tue, 27 Aug 2024 10:03:17 GMT
server: Apache
x-ttl: 31536000.000
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 6919293 7471181
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 6

GET
H2 200 SourceSansPro-Regular-subset.woff2
www.oxygen.com/themes/custom/lifestyle/fonts/sourcesanspro/ 23 KB
23 KB 142ms
141ms Font
font/woff2 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/themes/custom/lifestyle/fonts/sourcesanspro/SourceSansPro-Regular-subset.woff2

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

44b96fb83bb4676a14f7a865db31d3eb008df09d0920329872d823578625d885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
Origin: https://www.oxygen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-content-type-options: nosniff
x-age: 0
x-ah-environment: prod
content-length: 23480
x-pubstack: local
last-modified: Tue, 19 Dec 2023 13:55:16 GMT
server: Apache
x-ttl: 1209600.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: font/woff2
x-varnish: 23117330
access-control-allow-origin: *
cache-control: public, max-age=31622400
x-drupal-cache-control: max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 css_cvd4n7iAONk8u5cGWql0dHPOUd1Wgw5G9UVfQxbfNIc.css
www.oxygen.com/sites/oxygen/files/css/ 23 KB
5 KB 134ms
132ms Stylesheet
text/css 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/files/css/css_cvd4n7iAONk8u5cGWql0dHPOUd1Wgw5G9UVfQxbfNIc.css?delta=0&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

6526a020e0ee9b26754794fba1f44fb0a83cccfb15d51306cd67606b9c26d1ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 5115
x-pubstack: local
last-modified: Sat, 24 Aug 2024 08:07:34 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: text/css
x-varnish: 18553821 18940390
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 14

GET
H2 200 css_V01SJKS__TKEt3EKsLMw9VOVHqn5xMFqGETY6a0bgJM.css
www.oxygen.com/sites/oxygen/files/css/ 249 KB
40 KB 171ms
170ms Stylesheet
text/css 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/files/css/css_V01SJKS__TKEt3EKsLMw9VOVHqn5xMFqGETY6a0bgJM.css?delta=1&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

8bc833ce3bb4ee1da2d8942fca3456b9a541a3cefa930873cadbd19c6c4b17be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 40177
x-pubstack: local
last-modified: Thu, 29 Aug 2024 19:14:36 GMT
server: Apache
x-ttl: 31536000.000
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: text/css
x-varnish: 3427915
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/46202808-818f-44c0-9697-5db18b97ba59/ 20 KB
7 KB 716ms
125ms Script
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/46202808-818f-44c0-9697-5db18b97ba59/otSDKStub.js

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f632fdf18f5e60ef9445f170f83c237254548d9edfb59f82ace1fde3a1926174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/
Origin: https://www.oxygen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Sep 2024 20:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 80632
content-md5: lP+OeR0fn0NqffkspxduJw==
content-length: 6864
x-ms-lease-status: unlocked
last-modified: Mon, 13 May 2024 18:34:50 GMT
server: cloudflare
etag: 0x8DC737B5FEBA156
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e36b31bf-501e-009b-4664-a5cc51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8be8e5c78d331e20-FRA
expires: Fri, 06 Sep 2024 20:16:31 GMT

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 299ms
108ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 54704
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4c2e5fc1-a01e-0036-7308-7cb4f3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8be8e5c50ebe37f8-FRA

GET
H2 200 js_TfVM_lnuLmGMC7t8ZWtOHXp4Z_A2nPVwiiww7HS2fXI.js Show response
www.oxygen.com/sites/oxygen/files/js/ 5 KB
2 KB 249ms
248ms Script
text/javascript 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/files/js/js_TfVM_lnuLmGMC7t8ZWtOHXp4Z_A2nPVwiiww7HS2fXI.js?scope=header&delta=0&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

cbfff9e7d08a2cdce05469336a67dbccd311b7ec9c4829e4d8a2aca7a2d7321b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 1892
x-pubstack: local
last-modified: Tue, 27 Aug 2024 12:00:47 GMT
server: Apache
x-ttl: 31536000.000
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: text/javascript
x-varnish: 4292956
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 launch-91f258f2c619.min.js Show response
assets.adobedtm.com/a2ef59fba8e9/ddcbb8243fe4/ 131 KB
41 KB 330ms
93ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a2ef59fba8e9/ddcbb8243fe4/launch-91f258f2c619.min.js
Requested by: Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 52d59f83d5ca58488d2caf040213b671cbb4cb8258167b8cffb9c17caeb56fd7

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: gzip
last-modified: Wed, 27 Sep 2023 18:46:02 GMT
server: AkamaiNetStorage
etag: "28b9f4e31088ac888aeb891cb2bc1e35:1695840362.202339"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.oxygen.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 41369
expires: Thu, 05 Sep 2024 21:16:32 GMT

GET
H2 200 bootstrap.js Show response
commerce.nbcuni.com/public/widget/latest/ 207 KB
63 KB 707ms
145ms Script
text/javascript 2606:4700::6810:dfad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://commerce.nbcuni.com/public/widget/latest/bootstrap.js

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:dfad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42d31f199b2de8b56a1d3d581eb3bc45cf9e6dafb23c05b44ee7a314fcfa76c6

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https:; style-src data: 'unsafe-inline' https:; font-src data: https:; connect-src https: wss: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content; img-src data: blob: https:
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https:; style-src data: 'unsafe-inline' https:; font-src data: https:; connect-src https: wss: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content; img-src data: blob: https:
via: 1.1 b5831686bbaffa69458853f1db0eca2a.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: AMS1-P3
age: 29586
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cdn-cache-control: no-cache, max-age=0
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 03 Sep 2024 06:33:40 GMT
server: cloudflare
etag: W/"c3bf85ea069b3be70b2f0fc70c1975da"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=300, s-maxage=86400
cf-ray: 8be8e5cbfabe1901-FRA
x-amz-cf-id: vm2m9c1-Qm3cpxGboNCoJL42jxwcLOTm_1OZXRPSfpKKZch9aA07Lg==

GET
H2 200 js__peu56Bz5w25Otvk93TIIGcwOvrxeY5QPWgfNqVa-ic.js Show response
www.oxygen.com/sites/oxygen/files/js/ 2 KB
2 KB 166ms
165ms Script
text/javascript 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/files/js/js__peu56Bz5w25Otvk93TIIGcwOvrxeY5QPWgfNqVa-ic.js?scope=header&delta=3&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

f44cc25fbe81a357930bd3ac6468186336fc5316a68e6e00afddf55437e74ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 1108
x-pubstack: local
last-modified: Tue, 27 Aug 2024 12:00:47 GMT
server: Apache
x-ttl: 31536000.000
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: text/javascript
x-varnish: 3705983
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 X200ASBB20010AH.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/424/487/ 4 KB
4 KB 430ms
429ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/424/487/X200ASBB20010AH.jpg?itok=Z1bC0FB3

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8eaecff2ad243d178ae8a2cf268401f2bfde56bf408ae46c05c7e3232325e02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Fri, 23 Aug 2024 20:48:35 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1470571
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 3961
expires: Sun, 22 Sep 2024 20:46:02 GMT

GET
H2 200 KOBK_Bonus_Prod107_Air107_proxy_SD_thumb_1.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/223/318/ 3 KB
3 KB 420ms
419ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/223/318/KOBK_Bonus_Prod107_Air107_proxy_SD_thumb_1.jpg?itok=vtgLwxqT

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2f4d0cd65275676ab860a3bdfa7e762dbd5b5f71f463ea1335a31d4e2dd19f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Tue, 18 Jun 2024 14:48:25 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=413766
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2624
expires: Tue, 10 Sep 2024 15:12:37 GMT

GET
H2 200 GOMC01_bonus_VMO01_101_1_proxy_SD_thumb_4.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/428/891/ 3 KB
3 KB 422ms
422ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/428/891/GOMC01_bonus_VMO01_101_1_proxy_SD_thumb_4.jpg?itok=TvKdUVR-

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2dbaf281a07480a2ee51ce6af229860143af16490a20ada947c52f84fa4114ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Mon, 26 Aug 2024 01:04:44 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1658796
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2810
expires: Wed, 25 Sep 2024 01:03:07 GMT

GET
H2 200 XYSPD3410H_VRO10_SNEAK_PEEK_1_proxy_SD_1920x1080_218083909868.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/245/631/ 2 KB
3 KB 411ms
410ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/245/631/XYSPD3410H_VRO10_SNEAK_PEEK_1_proxy_SD_1920x1080_218083909868.jpg?itok=JCGPZTk-

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3d05c37943bf10fb6f953d085c4a9cf00399955d33b7af085e1006fb503e89ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Sun, 01 Sep 2024 23:04:51 GMT
x-serial: 898
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2256357
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2377
expires: Tue, 01 Oct 2024 23:02:28 GMT

GET
H2 200 KillerRelationship_sneakpeek_305_1_proxy_SD_thumb_3.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/141/551/ 2 KB
3 KB 426ms
426ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/141/551/KillerRelationship_sneakpeek_305_1_proxy_SD_thumb_3.jpg?itok=LPFYxsuC

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

be540728f9ac612ecb44dcab0a8117af8868cb5ef061fbfe2d987d7aa57227cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Wed, 04 Sep 2024 01:05:03 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2436531
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2383
expires: Fri, 04 Oct 2024 01:05:22 GMT

GET
H2 200 PKTV-00081004-000243853_noEndScreen_proxy_SD_1920x1080_218586693633.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/383/243/ 3 KB
4 KB 447ms
447ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/383/243/PKTV-00081004-000243853_noEndScreen_proxy_SD_1920x1080_218586693633.jpg?itok=3GFW1zFR

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e72c6c1f60b9f4e27244f3727840c8a0fdcd844b9c4a9d6b65faaaff8ee38af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Wed, 04 Sep 2024 16:05:35 GMT
x-serial: 2003
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2490649
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 3538
expires: Fri, 04 Oct 2024 16:07:20 GMT

GET
H2 200 RMOA_sneakpeek_303_3_proxy_SD_thumb_1.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/245/131/ 3 KB
4 KB 411ms
411ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/245/131/RMOA_sneakpeek_303_3_proxy_SD_thumb_1.jpg?itok=2PJ0WA5-

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0d72c8a4a6334322e9ae32ccb173b3d9363a4df19a8e676bb92206bb35b0140e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Sun, 01 Sep 2024 02:07:01 GMT
x-serial: 1927
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2181020
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 3443
expires: Tue, 01 Oct 2024 02:06:51 GMT

GET
H2 200 SBB_204_WEB_BONUS_2_proxy_SD_thumb_2.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/245/631/ 5 KB
5 KB 544ms
543ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/245/631/SBB_204_WEB_BONUS_2_proxy_SD_thumb_2.jpg?itok=Lvdr_7vA

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f241ecc7d29e920e548b5989e51b3cc78575b70a055ea42a1a376ec2d51559fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Mon, 02 Sep 2024 00:06:15 GMT
x-serial: 1257
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2260193
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 5009
expires: Wed, 02 Oct 2024 00:06:24 GMT

GET
H2 200 XYDAT_sneakpeek_1313_1_proxy_SD_thumb_1.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/484/47/ 3 KB
3 KB 508ms
507ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/484/47/XYDAT_sneakpeek_1313_1_proxy_SD_thumb_1.jpg?itok=09HIcT-I

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b4d365afe6b1d4fcdb52277ae138e391fd83d15b2043c91a9e46b61974a4f40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Thu, 22 Aug 2024 21:55:28 GMT
x-serial: 898
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1388294
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 3082
expires: Sat, 21 Sep 2024 21:54:45 GMT

GET
H2 200 XYSPD3410H_VRO10_SNEAK_PEEK_2_proxy_SD_1920x1080_218083909924.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/246/107/ 3 KB
3 KB 484ms
484ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/246/107/XYSPD3410H_VRO10_SNEAK_PEEK_2_proxy_SD_1920x1080_218083909924.jpg?itok=nwstxwk_

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7b88605c77ab0be603f355be1736db258d99d72b97481f447f71986edbc276fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Sun, 01 Sep 2024 23:04:52 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2256483
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2575
expires: Tue, 01 Oct 2024 23:04:34 GMT

GET
H2 200 RMOA_bonus_305_1_proxy_SD_thumb_4.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/723/311/ 4 KB
4 KB 486ms
486ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/723/311/RMOA_bonus_305_1_proxy_SD_thumb_4.jpg?itok=GstW6Z09

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c946146c5ed4c863577632f9fd37baf27ac5b902c365cce3c6e1453a060b9480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Sun, 25 Aug 2024 02:10:30 GMT
x-serial: 1355
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1576310
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 4165
expires: Tue, 24 Sep 2024 02:08:21 GMT

GET
H2 200 XYDAT_sneakpeek_1313_2_proxy_SD_thumb_3.jpg
www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/484/47/ 3 KB
4 KB 480ms
479ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/6_col_video/public/media_mpx/thumbnails/video-oxygen.akamaized.net/oxygen_video_thumbnails/NBCU_Oxygen/484/47/XYDAT_sneakpeek_1313_2_proxy_SD_thumb_3.jpg?itok=tC6FAq_g

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cbeebffe55dfb5d54b1a45424537405fd94accc1abe6eaa2ce2a4010e97e2e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Thu, 22 Aug 2024 21:55:29 GMT
x-serial: 365
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1388275
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 3342
expires: Sat, 21 Sep 2024 21:54:26 GMT

GET
H2 200 js_SL70bXwSqY7cuVCKxhw3FAlBpG5aaR_ZSh5il3uligw.js Show response
www.oxygen.com/sites/oxygen/files/js/ 112 KB
37 KB 480ms
479ms Script
text/javascript 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/files/js/js_SL70bXwSqY7cuVCKxhw3FAlBpG5aaR_ZSh5il3uligw.js?scope=footer&delta=0&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

a253c9bbbbb7b1379dd85a34ab18be1f1e4713a82d5df253942e3b8257c60709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 37473
x-pubstack: local
last-modified: Tue, 27 Aug 2024 13:50:41 GMT
server: Apache
x-ttl: 31536000.000
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: text/javascript
x-varnish: 3075324
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 identity-sdk.min.js Show response
id.nbcuni.com/websdk/v2/ 657 KB
183 KB 669ms
146ms Script
application/javascript 23.41.180.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.nbcuni.com/websdk/v2/identity-sdk.min.js

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.180.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-180-140.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

2eebf3ae2d474e1a9804de7b067156607c3b09a17c35085049b665e139ac7bff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.oxygen.com/;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: V7bW9gFCc1Svhfhje5oQY_iJb4JrMQTo
content-encoding: gzip
date: Thu, 05 Sep 2024 20:16:32 GMT
content-security-policy: frame-ancestors 'self' https://www.oxygen.com/;
x-amz-request-id: 6WDPVZ80EVAN1P62
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
content-length: 186931
x-amz-id-2: tc6atqeuqgMmfQZQThadEhJpWmN4B8YvO9bWfl+gKk/SzbwjM0XhOUjfEBANH+MUQl+0lVSdNXo=
pragma: no-cache
last-modified: Fri, 16 Aug 2024 16:48:59 GMT
server: AmazonS3
etag: "dd129bea43a507ff5b4f9982391be868"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: qwsl-wvEjOwlwABVDIPEzfUsxeJIZxCd6K-Go8Gb2LvemBY_5S0fwA==
expires: Thu, 05 Sep 2024 20:16:32 GMT

GET
H2 200 js_jHyoH-VeDSlbQmHZ-DuKQ5ZNwUPDhMTvUh2431bfP3U.js Show response
www.oxygen.com/sites/oxygen/files/js/ 24 KB
6 KB 99ms
99ms Script
text/javascript 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/files/js/js_jHyoH-VeDSlbQmHZ-DuKQ5ZNwUPDhMTvUh2431bfP3U.js?scope=footer&delta=2&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

6d0bdf08c2b54a2a88ad457e2253730359c71986a7aa79a47083fdb468f0be9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:31 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 6083
x-pubstack: local
last-modified: Mon, 19 Aug 2024 18:40:15 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: text/javascript
x-varnish: 16713170 16274876
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 1

GET
H2

200

ldclient.min.js Show response
unpkg.com/launchdarkly-js-client-sdk@3.2.0/dist/
Redirect Chain

https://unpkg.com/launchdarkly-js-client-sdk@3.2.0
https://unpkg.com/launchdarkly-js-client-sdk@3.2.0/dist/ldclient.min.js

52 KB
24 KB

104ms
104ms

Script
application/javascript

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/launchdarkly-js-client-sdk@3.2.0/dist/ldclient.min.js

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ba1fee1844f267b64792dbb29804989e1c550b85f698735c1261e6bf9bfaa80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14151741
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HSW54VG7FJE87SJSEC5YH62Y-fra
server: cloudflare
etag: "d160-WiGcaOO2PhFgVHcslgm4buR/G2U"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8be8e5caba77d22b-FRA

Redirect headers

date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HSC1YWA9TP918PEZZ3KANYVR-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14691953
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /launchdarkly-js-client-sdk@3.2.0/dist/ldclient.min.js
cache-control: public, max-age=31536000
cf-ray: 8be8e5ca1845d22b-FRA

GET
H2 200 js__wNW4IbMLEOuPxyC4AZjMtU92BLJhnU-J-wdSFX6Xzw.js Show response
www.oxygen.com/sites/oxygen/files/js/ 235 KB
54 KB 88ms
83ms Script
text/javascript 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/files/js/js__wNW4IbMLEOuPxyC4AZjMtU92BLJhnU-J-wdSFX6Xzw.js?scope=footer&delta=4&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

d6b254282e2510b3c2b33b95be0f7da52ac0bde4e8c62c8245f0299ec8deb751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 54943
x-pubstack: local
last-modified: Wed, 28 Aug 2024 01:13:18 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: text/javascript
x-varnish: 3606390 1999638
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 2

GET
H2 200 46202808-818f-44c0-9697-5db18b97ba59.json Show response
cdn.cookielaw.org/consent/46202808-818f-44c0-9697-5db18b97ba59/ 5 KB
2 KB 157ms
156ms XHR
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/46202808-818f-44c0-9697-5db18b97ba59/46202808-818f-44c0-9697-5db18b97ba59.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/46202808-818f-44c0-9697-5db18b97ba59/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da6aaeafe303a4f0d02a0e2d12fe22f77e49d80f2c17656bb90790d53b90467e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 82154
content-md5: ANRV1F8SKIaO6w61wTSHaA==
content-length: 1740
x-ms-lease-status: unlocked
last-modified: Mon, 13 May 2024 18:34:48 GMT
server: cloudflare
etag: 0x8DC737B5EA4D220
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 25852f23-b01e-0091-7464-a5d5d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8be8e5c83e561e20-FRA
expires: Fri, 06 Sep 2024 20:16:32 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
235 B 274ms
107ms Script
text/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 8be8e5c98d27d259-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 load-oxygen-web.js Show response
mps.nbcuni.com/fetch/ext/ 299 KB
69 KB 460ms
444ms Script
application/javascript 23.41.180.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mps.nbcuni.com/fetch/ext/load-oxygen-web.js?nowrite=2
Requested by: Host: www.oxygen.com
URL: https://www.oxygen.com/sites/oxygen/files/js/js__peu56Bz5w25Otvk93TIIGcwOvrxeY5QPWgfNqVa-ic.js?scope=header&delta=3&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-140.deploy.static.akamaitechnologies.com
Software: Apache/2.4.38 (Debian) / PHP/7.1.33
Resource Hash: eaa667365af14390810e8fba5871d393749875db29407149b3b65d212e2a30a1

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
server: Apache/2.4.38 (Debian)
x-powered-by: PHP/7.1.33
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 70106
expires: Thu, 05 Sep 2024 20:16:32 GMT

GET
H2 200 external-link-icon.min.svg
www.oxygen.com/themes/custom/lifestyle/images/ 225 B
680 B 114ms
112ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/external-link-icon.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/sites/oxygen/files/css/css_V01SJKS__TKEt3EKsLMw9VOVHqn5xMFqGETY6a0bgJM.css?delta=1&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

ce1280dd9fab975b7b5244e74b6d31c78427c6c4c1aff563ed5d5b390942ba12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/sites/oxygen/files/css/css_V01SJKS__TKEt3EKsLMw9VOVHqn5xMFqGETY6a0bgJM.css?delta=1&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 164
x-pubstack: local
last-modified: Sun, 01 Sep 2024 07:11:49 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 4930844 5113508
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 10

GET
H2 200 icon-spinner.min.svg
www.oxygen.com/themes/custom/lifestyle/images/ 386 B
743 B 182ms
180ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/icon-spinner.min.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

79544dfec1897794c86963402bdcf2724c1f0dced562a3b9bcc3ac0060788842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/sites/oxygen/files/css/css_V01SJKS__TKEt3EKsLMw9VOVHqn5xMFqGETY6a0bgJM.css?delta=1&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 228
x-pubstack: local
last-modified: Thu, 05 Sep 2024 03:56:16 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 2703411 6327584
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 15

GET
H2 200 RobotoCondensed-Regular-subset.woff2
www.oxygen.com/sites/oxygen/themes/custom/crime/fonts/RobotoCondensed/ 20 KB
20 KB 178ms
176ms Font
font/woff2 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/themes/custom/crime/fonts/RobotoCondensed/RobotoCondensed-Regular-subset.woff2

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

8b73e62aab5e1ea2737c8a65585bb44bdf7f3930643edc2ded758ccaf428a00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
Origin: https://www.oxygen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-content-type-options: nosniff
x-age: 0
x-ah-environment: prod
content-length: 20352
x-pubstack: local
last-modified: Tue, 16 Jan 2024 14:01:42 GMT
server: Apache
x-ttl: 1209600.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: font/woff2
x-varnish: 425994
access-control-allow-origin: *
cache-control: public, max-age=31622400
x-drupal-cache-control: max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 SourceSansPro-Light-subset.woff2
www.oxygen.com/themes/custom/lifestyle/fonts/sourcesanspro/ 23 KB
23 KB 187ms
185ms Font
font/woff2 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/themes/custom/lifestyle/fonts/sourcesanspro/SourceSansPro-Light-subset.woff2

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

99be37f823824c89567b0a52e5b46c226702c29361737858a9efff58d78b275c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
Origin: https://www.oxygen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-content-type-options: nosniff
x-age: 0
x-ah-environment: prod
content-length: 23056
x-pubstack: local
last-modified: Tue, 19 Dec 2023 13:55:16 GMT
server: Apache
x-ttl: 1209600.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: font/woff2
x-varnish: 22450370
access-control-allow-origin: *
cache-control: public, max-age=31622400
x-drupal-cache-control: max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2 200 RobotoCondensed-Bold-subset.woff2
www.oxygen.com/sites/oxygen/themes/custom/crime/fonts/RobotoCondensed/ 20 KB
20 KB 196ms
194ms Font
font/woff2 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/themes/custom/crime/fonts/RobotoCondensed/RobotoCondensed-Bold-subset.woff2

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

6be3eeb18dce4496d0b752ff5b8abc6ea57107c42ee57c5fdc559ccd87b3197a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
Origin: https://www.oxygen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-content-type-options: nosniff
x-age: 0
x-ah-environment: prod
content-length: 20256
x-pubstack: local
last-modified: Tue, 16 Jan 2024 14:01:40 GMT
server: Apache
x-ttl: 1209600.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: font/woff2
x-varnish: 43125943 43125907
access-control-allow-origin: *
cache-control: public, max-age=31622400
x-drupal-cache-control: max-age=1209600
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 3

GET
H2 200 dayonte-resiles-floribama-murders-207.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2023/02/ 3 KB
3 KB 166ms
160ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2023/02/dayonte-resiles-floribama-murders-207.jpg?itok=Iwr56Fb7

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6c31334f38bbe4e8961cff15289c510af536a0b9549b5f6251b63d1000d3c528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Thu, 01 Aug 2024 02:16:39 GMT
x-serial: 601
server: Akamai Image Manager
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1690204
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 3124
expires: Wed, 25 Sep 2024 09:46:36 GMT

GET
H2 200 scott-peterson.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2022/10/ 4 KB
5 KB 167ms
161ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2022/10/scott-peterson.jpg?itok=eoQvcSU_

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b2066bae05eb83fdaf8919fc0130d8242fd3cb6be388914dc792064195317b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Fri, 28 Jun 2024 18:06:37 GMT
server: Akamai Image Manager
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1317542
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 4459
expires: Sat, 21 Sep 2024 02:15:34 GMT

GET
H2 200 laci-peterson.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/08/ 5 KB
6 KB 168ms
163ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/08/laci-peterson.jpg?itok=O8xoN6QW

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c3dedb8084e1327717f4d28f7789ceeb7f0eb928b8bb30743a152c44853d7fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Wed, 14 Aug 2024 14:27:57 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=670451
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 5298
expires: Fri, 13 Sep 2024 14:30:43 GMT

GET
H2 200 scott-peterson.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2022/08/ 4 KB
5 KB 170ms
165ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2022/08/scott-peterson.jpg?itok=D2w1Csqd

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6e6c4b61a3e9ac63fe9df70377514ff38b3a770aa1c544b67013baa946457864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Thu, 02 May 2024 02:02:50 GMT
server: Akamai Image Manager
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=1369994
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 4457
expires: Sat, 21 Sep 2024 16:49:46 GMT

GET
H2 200 shirley-skinner.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/03/ 2 KB
2 KB 172ms
167ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/03/shirley-skinner.jpg?itok=tKFIm_zk

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

acba92f3ca76eb094473443fe0838af2a3c7d6f580bdc2c0142d31cb461b8820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Mon, 08 Apr 2024 19:46:30 GMT
server: Akamai Image Manager
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2140078
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2179
expires: Mon, 30 Sep 2024 14:44:30 GMT

GET
H2 200 anton-black.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/06/ 8 KB
9 KB 173ms
168ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/06/anton-black.jpg?itok=h7JdPgJQ

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a583a78a2b0aba7839e40e9a336862d17efeab1d38b879eec416f586f5bcd33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Thu, 05 Sep 2024 00:00:15 GMT
x-serial: 1609
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2518971
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 8481
expires: Fri, 04 Oct 2024 23:59:23 GMT

GET
H2 200 jonathan-hoffman-kill-or-be-killed-101.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/02/ 8 KB
8 KB 176ms
171ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/02/jonathan-hoffman-kill-or-be-killed-101.jpg?itok=qdo3Rgiy

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fc81781a361ab1df1b1942e874ba4f96aa3fcec20ea8b76a26ddaa2c022f7556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Wed, 17 Jul 2024 17:40:24 GMT
server: Akamai Image Manager
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=615679
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 8322
expires: Thu, 12 Sep 2024 23:17:51 GMT

GET
H2 200 shelia-keen-warren-snapped-3319.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/05/ 3 KB
3 KB 179ms
175ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/05/shelia-keen-warren-snapped-3319.jpg?itok=NO8jdInU

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

90209d77ecb5f6ac81e25fbe652a335bf0f56d4977edc474a0293dba132010c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Mon, 12 Aug 2024 10:21:06 GMT
server: Akamai Image Manager
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=482781
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 2735
expires: Wed, 11 Sep 2024 10:22:53 GMT

GET
H2 200 alec-mcnaughton-cathy-mcnaughton-real-murders-of-atlanta-303.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/08/ 3 KB
3 KB 207ms
205ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/08/alec-mcnaughton-cathy-mcnaughton-real-murders-of-atlanta-303.jpg?itok=l5tOhuQ3

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c739c380053678ea3275e0fd02c6e6e6ee9229a8864ddbe8e977288fafdfa3e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Sun, 01 Sep 2024 01:02:28 GMT
x-serial: 468
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2177167
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 3173
expires: Tue, 01 Oct 2024 01:02:39 GMT

GET
H2 200 worlds_most_notorious_killers_key_art_horizontal.jpg
www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/09/ 6 KB
7 KB 216ms
213ms Image
image/avif 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/sites/oxygen/files/styles/media_gallery_next_gallery/public/2024/09/worlds_most_notorious_killers_key_art_horizontal.jpg?itok=z5J7aoEq

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

ebeef4dbab77cbd39c9e444cca83e317dab1be15c5b3f7a43f360e3ac3a41f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
last-modified: Wed, 04 Sep 2024 16:00:38 GMT
server: Akamai Image Manager
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/avif
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2490371
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 6425
expires: Fri, 04 Oct 2024 16:02:43 GMT

GET
H2 200 facebook-social.min.svg
www.oxygen.com/themes/custom/lifestyle/images/icons/ 457 B
800 B 257ms
254ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/icons/facebook-social.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

8256551ef432266e62ba78eeb1b429aebe20e042eb6cf92fcf1ac07c743facea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 283
x-pubstack: local
last-modified: Tue, 20 Aug 2024 04:40:12 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 5431985 12927652
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 30

GET
H2 200 twitter-x-social.min.svg
www.oxygen.com/themes/custom/lifestyle/images/icons/ 446 B
796 B 258ms
255ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/icons/twitter-x-social.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

5c69a9ad40dc0b919ef0acb5b1171ddc52b7e096b816cef50b85ca8c6c8a7d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 281
x-pubstack: local
last-modified: Wed, 07 Aug 2024 08:58:07 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 7391144 7505667
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 56

GET
H2 200 youtube-social.min.svg
www.oxygen.com/themes/custom/lifestyle/images/icons/ 358 B
737 B 260ms
257ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/icons/youtube-social.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

fa2eacf49752d4c296a322b31b53bf61bbd66789046b877fc21889e6a1d71b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 224
x-pubstack: local
last-modified: Sat, 31 Aug 2024 23:16:22 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 3154075 380442
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 4

GET
H2 200 instagram-social.min.svg
www.oxygen.com/themes/custom/lifestyle/images/icons/ 2 KB
1 KB 260ms
257ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/icons/instagram-social.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

8568aa15f7e848220d9a113f46570dc0b89e853d67d89b076f971ec9cb99542d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 876
x-pubstack: local
last-modified: Sun, 25 Aug 2024 07:01:39 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 17559438 13132467
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 32

GET
H2 200 snapchat-social.min.svg
www.oxygen.com/themes/custom/lifestyle/images/icons/ 1010 B
1 KB 260ms
258ms Image
image/svg+xml 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.oxygen.com/themes/custom/lifestyle/images/icons/snapchat-social.min.svg

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

15312c43999dba53e5b5aac37278a54f32f2d81e2811ab410367aeca0546344d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: HIT
date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-age: 0
x-ah-environment: prod
content-length: 515
x-pubstack: local
last-modified: Tue, 06 Aug 2024 11:12:28 GMT
server: Akamai Resource Optimizer
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/svg+xml
x-varnish: 6567680 420629
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-cache-hits: 48

GET location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 0
0

GET
H2 200 id Show response
dpm.demdex.net/ 988 B
1 KB 760ms
111ms XHR
application/json 54.246.157.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A8AB776A5245B4220A490D44%40AdobeOrg&d_nsid=0&ts=1725567392474

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/ddcbb8243fe4/launch-91f258f2c619.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.246.157.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-157-114.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c76a025d25a5d897d421612f765bb8fc4ec90b51cffed9e3c5a956ae500055a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v065-09b2dfa67.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 05 Sep 2024 20:16:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: cwwyQuotRC0=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.oxygen.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 552
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 34 KB
12 KB 105ms
105ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/ddcbb8243fe4/launch-91f258f2c619.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
etag: "ade220db70aa3259d42f32d039757920:1689673134.025267"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.oxygen.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12463
expires: Thu, 05 Sep 2024 21:16:32 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/ 3 KB
2 KB 101ms
101ms Script
application/x-javascript 2a02:26f0:3500:c89::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPe51f9b26f7c243dfa8d1d3ea2bf16f5f/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/ddcbb8243fe4/launch-91f258f2c619.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c89::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:32 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 09:38:54 GMT
server: AkamaiNetStorage
etag: "051ec0e10d7fb5b48a8bf326aa3a7442:1689673134.518239"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.oxygen.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1597
expires: Thu, 05 Sep 2024 21:16:32 GMT

GET
H/1.1 200
OK geo_data.js Show response
www.nbcudigitaladops.com/hosted/util/ 62 B
313 B 633ms
106ms Script
application/x-javascript 23.197.128.254
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nbcudigitaladops.com/hosted/util/geo_data.js
Requested by: Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-oxygen-web.js?nowrite=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.197.128.254 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-128-254.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f7b097f0f72c9c875d47c1ef87073dfeb5c4679f6979da23031d5186cdbf4157

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 20:16:33 GMT
Cache-Control: max-age=5863639
Server: AkamaiNetStorage
Connection: keep-alive
ETag: "878537a59d07e00f821926051c495dc4:1364232587"
Content-Length: 62
Content-Type: application/x-javascript

GET
H/1.1 200
OK / Show response
mps.nbcuni.com/request/page/json/params/ 83 KB
20 KB 1089ms
131ms XHR
application/json 23.41.180.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mps.nbcuni.com/request/page/json/params/?CALLBACK=mpsCallback&site=oxygen-web&path=%2FERROR%2F404&cat=ERROR&NOLOAD=mpstools&USE_OVERLAY=0&IRSOURCE=false&ASYNC=1
Requested by: Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-oxygen-web.js?nowrite=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.41.180.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-41-180-140.deploy.static.akamaitechnologies.com
Software: Apache/2.4.38 (Debian) / PHP/7.1.33
Resource Hash: 334f10a2ef96a11489372f86964d61dc3c59e7ab36f0007e5a4e0f1a600d192e

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Sep 2024 20:16:33 GMT
Content-Encoding: br
Server: Apache/2.4.38 (Debian)
X-Powered-By: PHP/7.1.33
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 19448
Expires: Thu, 05 Sep 2024 20:16:33 GMT

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-305c53fa9a0f124c9be4e48c858aa291/ 3 KB
2 KB 815ms
617ms Script
application/javascript 2a04:4e42:400::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-305c53fa9a0f124c9be4e48c858aa291/mparticle.js
Requested by: Host: www.oxygen.com
URL: https://www.oxygen.com/sites/oxygen/files/js/js_jHyoH-VeDSlbQmHZ-DuKQ5ZNwUPDhMTvUh2431bfP3U.js?scope=footer&delta=2&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 8303823d262dee7eaa3b8eb7acf79937502dc429ae530d22e0e3f5de572adc2e

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 25, 3
date: Thu, 05 Sep 2024 20:16:33 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 200
x-timer: S1725567393.316852,VS0,VE0
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000039_IAD
x-cache: HIT, HIT
content-type: application/javascript
vary: Accept, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 1294
x-served-by: cache-iad-kiad7000039-IAD, cache-fra-etou8220045-FRA

GET
H/1.1 200
OK AccessEnabler.js Show response
entitlement.auth.adobe.com/entitlement/v4/ 129 KB
39 KB 443ms
118ms Script
application/javascript 23.218.50.73
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlement.auth.adobe.com/entitlement/v4/AccessEnabler.js
Requested by: Host: www.oxygen.com
URL: https://www.oxygen.com/sites/oxygen/files/js/js__wNW4IbMLEOuPxyC4AZjMtU92BLJhnU-J-wdSFX6Xzw.js?scope=footer&delta=4&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.218.50.73 Haarlem, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-50-73.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 9b24c44df96c5176d269271dd9c6de2d5368fd79cf6e4e97bc9a48ef57432385

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 20:16:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Feb 2024 15:55:25 GMT
Server: openresty
ETag: W/"65c104ed-2038d"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: application/javascript
P3P: CP="NOI DSP COR CURa ADMa DEVa OUR BUS IND UNI COM NAV STA"
Access-Control-Expose-Headers: pass_sfp,Authzf-Error-Code,Authzf-Sub-Error-Code,Authzf-Error-Details
Cache-Control: must-revalidate, max-age=175
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: ap_11,ap_42,ap_z,ap_19,ap_21,ap_23,authorization,pass_sfp,AP-Session-Identifier,AP-Device-Identifier,AP-SDK-Identifier,X-Device-Info
Content-Length: 39087

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 579ms
388ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-oxygen-web.js?nowrite=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137f1dd46caab1a1e234e9e80ea905e620f99abd8e440b502297c68fd11c423d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32178
x-xss-protection: 0
server: cafe
etag: 650 / 19971 / m202408290101 / config-hash: 6307690028181308306
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Sep 2024 20:16:33 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin: https://www.oxygen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 oxygen.json Show response
id.oxygen.com/websdk/config/ 4 KB
2 KB 1255ms
587ms Fetch
application/json 2a02:26f0:e300:187::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://id.oxygen.com/websdk/config/oxygen.json

Requested by

Host: id.nbcuni.com
URL: https://id.nbcuni.com/websdk/v2/identity-sdk.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:187::1af8 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f53ffeb1eb7ff510ecd7f915dced515ab43db3bda380a163f9749d5fa7a54749

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.oxygen.com/;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:33 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://www.oxygen.com/;
x-amz-request-id: ECT0Q1ZJCAECF899
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
content-length: 1450
x-amz-id-2: PEunyCgm/HrUIxdm21BLpkBrnE1tlpvozQWqsGV6CFD2jLeDGsjVuM4UHsEdYbPkzudxoSBudlQR5PquPqVLC1IkbXOd/JSqXkhx+cURFSw=
last-modified: Mon, 13 May 2024 12:19:24 GMT
server: AmazonS3
etag: "ed6bee211274db3d5ed09f699a17c56f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.oxygen.com
access-control-allow-methods: GET,POST,OPTIONS,PATCH,DELETE,PUT
access-control-expose-headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials,Set-Cookie
cache-control: max-age=300
access-control-allow-credentials: true
access-control-max-age: 3000
accept-ranges: bytes
x-amz-cf-id: g5YgfACjPTS7GWNs2JHUMJgK0xfdFxcsdzZIqFZf5b7w9SaMfdN24Q==

GET
H/1.1 200
OK AccessEnablerProxy.html
sp.auth.adobe.com/entitlement/v4/ Frame 7C8B 0
0 731ms
183ms Document
text/html 54.163.107.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.auth.adobe.com/entitlement/v4/AccessEnablerProxy.html?a4f31600ce9c60894320

Requested by

Host: entitlement.auth.adobe.com
URL: https://entitlement.auth.adobe.com/entitlement/v4/AccessEnabler.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.163.107.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-163-107-227.compute-1.amazonaws.com

Software

api-gateway/1.9.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	60

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: ap_11,ap_42,ap_z,ap_19,ap_21,ap_23,authorization,pass_sfp,AP-Session-Identifier,AP-Device-Identifier,AP-SDK-Identifier,X-Device-Info
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Expose-Headers: pass_sfp,Authzf-Error-Code,Authzf-Sub-Error-Code,Authzf-Error-Details
Cache-Control: max-age=300, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 05 Sep 2024 20:16:33 GMT
ETag: W/"65c104ed-eb"
Last-Modified: Mon, 05 Feb 2024 15:55:25 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa OUR BUS IND UNI COM NAV STA"
Server: api-gateway/1.9.3.1
Transfer-Encoding: chunked
X-Request-Id: KA4sVe7sbm8UU9G38feqdZdDoAKAU0lS
strict-transport-security: 60

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/ 479 KB
149 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83832d5307a4d195cddf24f76e66d09b669cfbe23a429d642d06202cb55c96cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 14:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21387
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152988
x-xss-protection: 0
server: cafe
etag: 7232803424342751065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Sep 2025 14:20:06 GMT

GET
H2 200 dest5.html
nbcuni.demdex.net/ Frame 6518 0
0 1035ms
782ms Document
text/html 52.209.226.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcuni.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/ddcbb8243fe4/launch-91f258f2c619.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.209.226.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-226-213.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 05 Sep 2024 20:16:34 GMT
dcs: dcs-prod-irl1-1-v065-0d6b732c3.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 2 Sep 2024 11:00:20 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: 0kjGm9QqTNk=

GET
H2 200 id Show response
nbcume.sc.omtrdc.net/ 2 B
267 B 1096ms
89ms XHR
application/x-javascript 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcume.sc.omtrdc.net/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=A8AB776A5245B4220A490D44%40AdobeOrg&mid=91763013798118262881507016254150108938&ts=1725567393249

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/ddcbb8243fe4/launch-91f258f2c619.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 05 Sep 2024 20:16:34 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.oxygen.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 moatheader.js Show response
z.moatads.com/nbcuyieldheader7581548001/ 226 KB
80 KB 1026ms
584ms Script
application/x-javascript 23.213.169.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js

Requested by

Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-oxygen-web.js?nowrite=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-169-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

215f525a2b785639219063275834f063bfd7639ae69ba398f059af56f91a714a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Sep 2024 20:16:34 GMT
content-md5: +ttfBm7qeViLX8xwWRKq7g==
storage-tier: Standard
content-length: 81169
opc-meta-btime: 2024-04-22T05:23:45Z
opc-meta-mtime: 1713763425
last-modified: Mon, 22 Apr 2024 21:05:24 GMT
opc-request-id: iad-1:46X_Go7ptl3lE94LNgzr_zcFOEERxW7EN1D94JMIFVxa0WQRfUNIZO1c3bGSFizz
x-api-id: native
etag: ee1fb008-6e0a-4e37-adea-b09b30400b7f
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: 86048450-7995-42cf-9cec-b8d627d81aa0
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=43783
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 556ms
119ms Script
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-oxygen-web.js?nowrite=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 19:33:28 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
last-modified: Wed, 28 Aug 2024 22:46:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 2586
x-amz-server-side-encryption: AES256
etag: W/"f2dd6786b4537f2bb6a3e22886b855f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: _ZfTSzowcN-_GwOJUmOgQ_KybNiHISz9Hd-t9SyL4oUrJOrxBVlHgg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
78 KB 843ms
185ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8270616

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/sites/oxygen/files/js/js_SL70bXwSqY7cuVCKxhw3FAlBpG5aaR_ZSh5il3uligw.js?scope=footer&delta=0&language=en&theme=crime&include=eJx9kd1yhDAIhV_Indz0fRhMqFIxsUC269s3uqPjTn_ugO9wwpyIAabSE2BGWZ2jBWMniCURfFgnBnGkOJXqIfexnh0sWtI_mDP7hjlRdvY1XOptLlhzHBPqJDu79hufF9R2jlA4K1hwIHDFOHEeOuF3Ml-bglSL3t4ej85Wc5pDj0YXntiwb_s1S8EEI-YkpBfBIKVHuW3Nq_MBovLidgHPkFBLNRLrGp9_2PidjnCrj1A5SBk4Q4PTnuyrSbAvXkjPwaEIvbaD249IUfvFdL4vCZpz2RZKJtdqHvb8PyvHaXsunBX8Bb4BCYXPmQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe6aa8e4e5802a107a05a84b4cdaf1b8dd989193196afad7e742bf8cfb6f5b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78982
x-xss-protection: 0
last-modified: Thu, 05 Sep 2024 18:54:51 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Sep 2024 20:16:34 GMT

GET
H2 200 24610.js Show response
micro.rubiconproject.com/prebid/dynamic/ 516 KB
161 KB 1654ms
612ms Script
text/javascript 104.122.39.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Requested by: Host: mps.nbcuni.com
URL: https://mps.nbcuni.com/fetch/ext/load-oxygen-web.js?nowrite=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.122.39.115 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-122-39-115.deploy.static.akamaitechnologies.com
Software: Apache/2.4.59 (Debian) PHP/8.3.8 OpenSSL/3.0.11 /
Resource Hash: f50965b42653c131945e67fa694eb892e63c96d55392173c8ba9bc52bf3ad683

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:35 GMT
content-encoding: gzip
server: Apache/2.4.59 (Debian) PHP/8.3.8 OpenSSL/3.0.11
vary: accept-encoding, referer
edge-cache-tag: prod-prebid-24610_Oxygen_Desktop_INTL.js
content-type: text/javascript;charset=UTF-8
cache-control: public, must-revalidate, max-age=14400
content-length: 164357
expires: Thu, 05 Sep 2024 22:04:39 GMT

GET
H2 200 v2-identity-config.json Show response
id.nbcuni.com/websdk/config/ 526 B
977 B 743ms
571ms Fetch
application/json 23.41.180.140
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.nbcuni.com/websdk/config/v2-identity-config.json

Requested by

Host: id.nbcuni.com
URL: https://id.nbcuni.com/websdk/v2/identity-sdk.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.41.180.140 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-41-180-140.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

e767497e3521ee979e165d4fab171d45daeb0dc54170dc65daff4000357f7ccd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://www.oxygen.com/;
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:34 GMT
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://www.oxygen.com/;
x-amz-request-id: NFM9XG6R0J4KA0FP
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
content-length: 278
x-amz-id-2: gkbE4xOQysgvxSDPmCimRTK5IT3aeFe34KypEGxZmA1CROI7UKprEL5OEnfzyCJQfTerpQVPKyk=
pragma: no-cache
last-modified: Tue, 16 Jul 2024 17:16:53 GMT
server: AmazonS3
etag: "b871aae7c7caa75692aac306972357db"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.oxygen.com
access-control-allow-methods: GET,POST,OPTIONS,PATCH,DELETE,PUT
access-control-expose-headers: Access-Control-Allow-Origin,Access-Control-Allow-Credentials,Set-Cookie
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-max-age: 3000
accept-ranges: bytes
x-amz-cf-id: wpxVBki4TIWKBkDKxc6iY6u-6I9DFO71LbvKJwdmdHpakVyaNiCutQ==
expires: Thu, 05 Sep 2024 20:16:34 GMT

GET
H2 200 3219 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
798 B 590ms
86ms Script
application/javascript 18.245.31.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3219
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-92.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7b74619e9c428a70f4ea4ba5209dda20bf51b7fb3266a679754d9cba4607a27a

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:07:44 GMT
via: 1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 530
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 531
x-amz-cf-id: MzajRsIaBtgU5T84MV_bDSu_aDSWpPa_4FHyPtr3AER681EHaxqFTg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 105ms
104ms XHR
text/plain 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3219&u=https%3A%2F%2Fwww.oxygen.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 18:57:58 GMT
via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 4715
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.oxygen.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: PaeYWVe9HZT3NU9Vw4mjDqLXYc8PlzXPRv78OHP7cHdFonpIGmlvtg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
394 B 371ms
144ms XHR
text/javascript 13.33.173.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3219&u=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&pid=fOjFCx7DmFJJ7&cb=0&ws=1600x1200&v=24.827.1552&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-topbanner-53860962%22%2C%22s%22%3A%5B%22970x66%22%2C%22728x90%22%2C%221400x600%22%5D%2C%22sn%22%3A%22topbanner%22%7D%2C%7B%22sd%22%3A%22div-gpt-topbox-53860962%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22topbox%22%7D%2C%7B%22sd%22%3A%22div-gpt-boxadtwo-53860962%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22boxadtwo%22%7D%2C%7B%22sd%22%3A%22div-gpt-boxadthree-53860962%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22boxadthree%22%7D%2C%7B%22sd%22%3A%22div-gpt-midbanner-53860962%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22midbanner%22%7D%2C%7B%22sd%22%3A%22div-gpt-galleryad-53860962%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22galleryad%22%7D%2C%7B%22sd%22%3A%22div-gpt-amparticle-53860962%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22amparticle%22%7D%5D&pj=%7B%22si_section%22%3A%22oxygen-web%7CERROR%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.173.196 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-173-196.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:33 GMT
content-encoding: gzip
via: 1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P9
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.oxygen.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 43
x-amz-cf-id: zpz5tN_kXf92c1_zW2kzrrglMPDqqcjaM1II8nzJjwolv6Z7jWV3Ag==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 536ms
91ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
date: Thu, 05 Sep 2024 18:44:48 GMT
x-amz-cf-pop: FRA56-P6
age: 44735
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: f-k4qavNbT4GmNl3cMHwpodSfHwF3_uUn6INnPRPWhtkprPEQA4lqw==

GET
H2 200 s49540499164064
nbcume.sc.omtrdc.net/b/ss/nbcunbcuoxygenbu/1/JS-2.24.0-LDQM/ 43 B
223 B 1505ms
1504ms Image
image/gif 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcume.sc.omtrdc.net/b/ss/nbcunbcuoxygenbu/1/JS-2.24.0-LDQM/s49540499164064?AQB=1&ndh=1&pf=1&t=5%2F8%2F2024%2022%3A16%3A34%204%20-120&mid=91763013798118262881507016254150108938&aamlh=6&ce=ISO-8859-1&ns=nbcuniversal&pageName=Page%20Not%20Found&g=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&c.&oxygen.&pageURL=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&articleTitle=Page%20Not%20Found&userGroup=anonymous&contentType=Page%20404&date=09-05-2024&dayOfWeek=Thursday&hour=16&minute=16&timeOfDay=16%3A16&visitorApi=VisitorAPI%20Present&percentPageViewed=highestPercentViewed%3D%20%7C%20initialPercentViewed%3D%20%7C%20foldsSeen%3D%20%7C%20foldsAvailable%3D&daysSinceLastVisit=First%20Visit&visitorType=New&visitorType90=New&weeklyVisitNumber=1&monthlyVisitNumber=1&dailyVisitNumber=1&pageLoadTime=33&.oxygen&tve.&did=demdex%20cookie%20not%20set&.tve&nbcu.&network=oxygen&division=Cable&identityguid=unknown&identityauthen=unknown&.nbcu&mcid.&pageDomain=www.oxygen.com&version=5.5.0&icsmcvid=The%20ID%20service%20did%20not%20make%20a%20call%20to%20the%20Experience%20Cloud%20server.&mcidcto=The%20ID%20service%20did%20not%20send%20a%20request.&aidcto=The%20ID%20service%20did%20not%20send%20a%20request.&aamidcto=The%20ID%20service%20did%20not%20send%20a%20request.&mcorgid=D%3Dmcorgid&.mcid&getPercentPageViewed=5.0.1&.c&cc=USD&ch=Oxygen.com&server=www.oxygen.com&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A8AB776A5245B4220A490D44%40AdobeOrg&AQE=1

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 20:16:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Sep 2024 20:16:35 GMT
server: jag
etag: 3705627765392179200-4618605347742762597
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 04 Sep 2024 20:16:35 GMT

POST
H/1.1 201 register Show response
sp.auth.adobe.com/o/client/ 313 B
2 KB 2069ms
203ms XHR
application/json 54.162.201.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.auth.adobe.com/o/client/register

Requested by

Host: entitlement.auth.adobe.com
URL: https://entitlement.auth.adobe.com/entitlement/v4/AccessEnabler.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.201.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-201-242.compute-1.amazonaws.com

Software

api-gateway/1.9.3.1 /

Resource Hash

14252ab4c357eb7336a083e176c803deb56ce4949acf2b3c45789ae7aa5ff25b

Security Headers

Name	Value
Strict-Transport-Security	60

Request headers

AP-SDK-Identifier: js/4.7.0
ap_11: Linux x86_64
X-Device-Info: eyJhcHBsaWNhdGlvbklkIjpudWxsLCJtb2RlbCI6IkxpbnV4IHg4Nl82NCIsImJyb3dzZXJWZW5kb3IiOiJHb29nbGUgSW5jLiIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2In0=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Accept: application/json
Referer: https://www.oxygen.com/
ap_42: Google Inc.
ap_z: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 20:16:37 GMT
strict-transport-security: 60
Server: api-gateway/1.9.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://www.oxygen.com
Access-Control-Expose-Headers: pass_sfp,Authzf-Error-Code,Authzf-Sub-Error-Code,Authzf-Error-Details
Cache-Control: No-Cache
Access-Control-Allow-Credentials: true
P3P: CP="NOI DSP COR CURa ADMa DEVa OUR BUS IND UNI COM NAV STA"
Connection: keep-alive
Access-Control-Allow-Headers: ap_11,ap_42,ap_z,ap_19,ap_21,ap_23,authorization,content-type,pass_sfp,AP-Session-Identifier,AP-Device-Identifier,AP-SDK-Identifier,X-Device-Info
X-Request-Id: Qxe88idL0gjlij1daezLqF2Vd3Zt5DNS

OPTIONS
H/1.1 204
No Content register
sp.auth.adobe.com/o/client/ Frame 0
0 730ms
182ms Preflight
text/plain 54.162.201.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.auth.adobe.com/o/client/register

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.201.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-201-242.compute-1.amazonaws.com

Software

api-gateway/1.9.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	60

Request headers

Accept: */*
Access-Control-Request-Headers: ap-sdk-identifier,ap_11,ap_42,ap_z,content-type,x-device-info
Access-Control-Request-Method: POST
Origin: https://www.oxygen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: ap_11,ap_42,ap_z,ap_19,ap_21,ap_23,authorization,content-type,pass_sfp,AP-Session-Identifier,AP-Device-Identifier,AP-SDK-Identifier,X-Device-Info
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Origin: https://www.oxygen.com
Access-Control-Expose-Headers: pass_sfp,Authzf-Error-Code,Authzf-Sub-Error-Code,Authzf-Error-Details
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Thu, 05 Sep 2024 20:16:35 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa OUR BUS IND UNI COM NAV STA"
Server: api-gateway/1.9.3.1
X-Request-Id: eelc7t3ElaoeGxhm6F8FeUgZ5VyP0Wka
strict-transport-security: 60

OPTIONS
H2 200 5fdd184e21c3bf0ac70d0357
app.launchdarkly.com/sdk/goals/ Frame 0
0 332ms
93ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5fdd184e21c3bf0ac70d0357

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://www.oxygen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 05 Sep 2024 20:16:34 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-etou8220041-FRA
x-timer: S1725567395.884678,VS0,VE1

OPTIONS
H2 200 eyJraW5kIjoidXNlciIsImRldmljZS1vcyI6IldlYiIsImlkbS1zZGstdmVyc2lvbiI6IjIuMTIuMSIsImJyYW5kIjoid2Vic2l0ZV9veHlnZW4iLCJwcm9kdWN0Ijoib3h5Z2VuLmNvbSIsInRoaXJkUGFydHlCcmFuZCI6bnVsbCwiY3Jvc3NEb21haW4iOmZhb...
app.launchdarkly.com/sdk/evalx/5fdd184e21c3bf0ac70d0357/contexts/ Frame 0
0 329ms
93ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5fdd184e21c3bf0ac70d0357/contexts/eyJraW5kIjoidXNlciIsImRldmljZS1vcyI6IldlYiIsImlkbS1zZGstdmVyc2lvbiI6IjIuMTIuMSIsImJyYW5kIjoid2Vic2l0ZV9veHlnZW4iLCJwcm9kdWN0Ijoib3h5Z2VuLmNvbSIsInRoaXJkUGFydHlCcmFuZCI6bnVsbCwiY3Jvc3NEb21haW4iOmZhbHNlLCJrZXkiOiJ1bmtub3duIiwiY2hlY2tvdXRFbmFibGVkIjpmYWxzZX0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://www.oxygen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 05 Sep 2024 20:16:34 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-etou8220041-FRA
x-timer: S1725567395.884739,VS0,VE1

GET
H2 200 5fdd184e21c3bf0ac70d0357 Show response
app.launchdarkly.com/sdk/goals/ 2 B
199 B 473ms
472ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5fdd184e21c3bf0ac70d0357

Requested by

Host: id.nbcuni.com
URL: https://id.nbcuni.com/websdk/v2/identity-sdk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-User-Agent: JSClient/3.1.4
Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Sep 2024 20:16:35 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-etou8220041-FRA
x-timer: S1725567395.359137,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJraW5kIjoidXNlciIsImRldmljZS1vcyI6IldlYiIsImlkbS1zZGstdmVyc2lvbiI6IjIuMTIuMSIsImJyYW5kIjoid2Vic2l0ZV9veHlnZW4iLCJwcm9kdWN0Ijoib3h5Z2VuLmNvbSIsInRoaXJkUGFydHlCcmFuZCI6bnVsbCwiY3Jvc3NEb21haW4iOmZhb... Show response
app.launchdarkly.com/sdk/evalx/5fdd184e21c3bf0ac70d0357/contexts/ 8 KB
2 KB 476ms
475ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5fdd184e21c3bf0ac70d0357/contexts/eyJraW5kIjoidXNlciIsImRldmljZS1vcyI6IldlYiIsImlkbS1zZGstdmVyc2lvbiI6IjIuMTIuMSIsImJyYW5kIjoid2Vic2l0ZV9veHlnZW4iLCJwcm9kdWN0Ijoib3h5Z2VuLmNvbSIsInRoaXJkUGFydHlCcmFuZCI6bnVsbCwiY3Jvc3NEb21haW4iOmZhbHNlLCJrZXkiOiJ1bmtub3duIiwiY2hlY2tvdXRFbmFibGVkIjpmYWxzZX0
Requested by: Host: id.nbcuni.com
URL: https://id.nbcuni.com/websdk/v2/identity-sdk.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 15c8d5c7964a47cab4501b92b949619a40f311062ffbc16729a6605828949281

Request headers

X-LaunchDarkly-User-Agent: JSClient/3.1.4
Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:35 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 1195
x-served-by: cache-fra-eddf8230153-FRA, cache-fra-etou8220041-FRA
x-timer: S1725567395.359175,VS0,VE3
etag: "79dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 1

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 218 B
396 B 431ms
164ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%23b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-6Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&pcode=nbcuyieldheader7581548001&rx=776409014174&callback=MoatNadoAllJsonpRequest_50471884
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5d4a213fdf6776379e538b1d081a3d0f1903fae54c441c3ab46cdded9ef0dafe

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:35 GMT
server: istio-envoy
etag: "e15fa091f7bc11fb5c466f415d5ff72607dc6a9f"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 39
timing-allow-origin: *
content-length: 218

POST
H/1.1 200
OK / Show response
colossusssp.com/ 2 B
254 B 535ms
177ms Fetch
application/json 96.46.188.4
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.188.4 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty/1.25.3.2 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.oxygen.com
Date: Thu, 05 Sep 2024 20:16:36 GMT
Access-Control-Allow-Credentials: true
Server: openresty/1.25.3.2
Connection: keep-alive
Content-Length: 2
Content-Type: application/json

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
745 B 574ms
379ms Fetch
application/json 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 20:16:36 GMT
an-x-request-uuid: 72b23437-b163-41b9-8294-f91b435f8149
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.oxygen.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.131; 217.114.215.131; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 522 B
1 KB 982ms
191ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24610&site_id=449594&zone_id=2613430&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&tg_i.domain=oxygen.com&tg_i.page=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&tg_i.aupname=nbcu.oxygen%26div-gpt-topbanner&tg_i.pbadslot=%2F2620%2Fnbcu.oxygen%2Ferror%23div-gpt-topbanner-53860962&tk_flint=dmpbjs_v8.46.0&x_source.tid=fa276efd-4f40-42f4-9d71-6dc4cd6ec9b2&l_pb_bid_id=6c19ae92217ebd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=189b1841-53ef-42b8-991b-f31e7719b658&rp_maxbids=1&p_gpid=%2F2620%2Fnbcu.oxygen%2Ferror%23div-gpt-topbanner-53860962&m_ch_mobile=%3F0&slots=1&rand=0.3790304509193443
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: caaab16a94696140e6be9414977768509d664c3fd782a122aa3754a472231f84

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 20:16:36 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.oxygen.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 522
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 23 B
262 B 881ms
677ms Fetch
application/json 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://grid.bidswitch.net/hbjson?sp=trustx

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fca5134c2441c6ad5964e23dd51cfd9019509ce653553a083961215006f8b473

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Sep 2024 20:16:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: nginx
content-type: application/json
access-control-allow-origin: https://www.oxygen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 48

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 425ms
221ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://www.oxygen.com
date: Thu, 05 Sep 2024 20:16:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H3 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
539 B 1502ms
818ms Fetch
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=889171
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac42cd54e6d0148982f14ea77f922babd58a17d97c62d90688c18e0476ab37eb

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 05 Sep 2024 20:16:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
observe-browsing-topics: ?1
alt-svc: h3=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6M7G8f4E1rpYUyIGNR%2Bz3uDNwmnjg2IHjEo5Joss8Zr7n0dVsCnM%2B04GlDV1X7mNCeJ3ZHeHKbwUeLV0KGqKAfmDMb8b7kxqJyipEocSonVj1u9snF%2Bk73dHtapxoB62e3rR37Z"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.oxygen.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8be8e5e67e6335e5-FRA
expires: 0

POST cdb
bidder.criteo.com/ 0
0

POST auction
tlx.3lift.com/header/ 0
0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 455 B
682 B 357ms
120ms Fetch
application/json 54.229.181.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=8.46.0&lt=1725567395698&to=-120&aun=div-gpt-topbanner-53860962&gpid=%2F2620%2Fnbcu.oxygen%2Ferror%23div-gpt-topbanner-53860962&t=6qgfzbrs&pi=3&maxw=728&maxh=90&si=1054396&bf=728x90&uspConsent=1---&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&ce=false&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.46.0%22%7D&ogu=https%3A%2F%2Fwww.oxygen.com%2F&ns=10240
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.181.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-181-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b4dfee098da07a74fe880ff260849e98c684f94fa2c51a9b4e3b875caa3a92df

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 20:16:36 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.oxygen.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 config Show response
commerce.nbcuni.com/public/api/v3/nbcu-oxygen/theme/OXYGEN/ 1 KB
2 KB 1059ms
133ms Fetch
application/json 104.16.223.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://commerce.nbcuni.com/public/api/v3/nbcu-oxygen/theme/OXYGEN/config

Requested by

Host: commerce.nbcuni.com
URL: https://commerce.nbcuni.com/public/widget/latest/bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.223.173 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9da8955599b4a02d6530c8fa0ce5c6ecfec7cc56f8a5b53bbc993d1ef9806b43

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https:; style-src data: 'unsafe-inline' https:; font-src data: https:; connect-src https: wss: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content; img-src data: blob: https:
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https:; style-src data: 'unsafe-inline' https:; font-src data: https:; connect-src https: wss: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content; img-src data: blob: https:
via: 1.1 a84e87b6b82308dbc0e331c3e28c23c6.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA60-P6
age: 252
x-amzn-requestid: 21484d6c-c75b-4c3a-9beb-766799b024d5
x-cache: Hit from cloudfront
x-amz-apigw-id: dpeKVEejIAMEPXA=
cdn-cache-control: no-cache, max-age=0
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-amzn-trace-id: Root=1-66da10a8-386b55eb11b8271228d5bdf6
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=600
access-control-allow-credentials: true
cf-ray: 8be8e5e689009219-FRA
x-amz-cf-id: ozt0oUOlmjnPFWUqdyxzmfynmLLfqE_KJPPhz4apXkObxliutDvJEw==

POST
H2 202 5fdd184e21c3bf0ac70d0357 Show response
events.launchdarkly.com/events/diagnostic/ 0
358 B 179ms
178ms XHR
application/json 54.156.51.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5fdd184e21c3bf0ac70d0357

Requested by

Host: id.nbcuni.com
URL: https://id.nbcuni.com/websdk/v2/identity-sdk.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.156.51.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-51-63.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.oxygen.com/
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Sep 2024 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 5fdd184e21c3bf0ac70d0357
events.launchdarkly.com/events/diagnostic/ Frame 0
0 807ms
184ms Preflight 54.156.51.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5fdd184e21c3bf0ac70d0357

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.156.51.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-51-63.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://www.oxygen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 05 Sep 2024 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 favicon.ico
www.oxygen.com/sites/oxygen/themes/custom/crime/ 2 KB
3 KB 1319ms
1319ms Other
image/vnd.microsoft.icon 2a02:26f0:ab00:3ba::1af8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.oxygen.com/sites/oxygen/themes/custom/crime/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ab00:3ba::1af8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

03db381cd6a0e7b1ddf49b585f104d891853394e17e0f3495d0ba81c79b29545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-tags: MISS
date: Thu, 05 Sep 2024 20:16:37 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-content-type-options: nosniff
x-age: 0
x-ah-environment: prod
content-length: 2429
x-pubstack: local
last-modified: Tue, 27 Aug 2024 10:03:23 GMT
server: Apache
x-ttl: 31536000.000
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT,POST
content-type: image/vnd.microsoft.icon
x-varnish: 5310492
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-drupal-cache-control: max-age=31536000
permissions-policy: unload=()
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 210ms
111ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202408290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8c89c5208fcc1330eb7b5dcc98f798b63b15a9d2ad1e63435948915fc6e9cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12873
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 69 KB
26 KB 971ms
737ms Fetch
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1950511058120871&correlator=1560825887591379&eid=44809527%2C31084402%2C31086643%2C31086749%2C31085995&output=ldjh&gdfp_req=1&vrg=202408290101&ptt=17&impl=fif&us_privacy=1---&iu_parts=2620%2Cnbcu.oxygen%2Cerror&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x66%7C728x90%7C1400x600&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1725567397196&lmt=1725567397&adxs=315&adys=50&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&vis=1&psz=970x10&msz=970x10&fws=0&ohw=0&td=1&egid=8484&tan=26669153-87c0-40e8-882e-3552ad8c0667&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725567391215&idt=2193&prev_scp=site%3Doxygen%26pageid%3DERROR%26cont%3Dpage%26sect%3Derror%26pos%3Dtopbanner_page%26slot%3Dtopbanner%26loadset%3D0%26amznbid%3D2%26amznp%3D2%26excl_cat%3Derror&cust_params=pm%3D1%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&adks=3023792421&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf59ea061ddc1829c13bec1165c4b5b2311301abdb249276c281fa2c837cc24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26099
x-xss-protection: 0
google-lineitem-id: 4860685866
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138250187918
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.oxygen.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 511 B
241 B 968ms
733ms Fetch
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1950511058120871&correlator=1560825887591379&eid=44809527%2C31084402%2C31086643%2C31086749%2C31085995&output=ldjh&gdfp_req=1&vrg=202408290101&ptt=17&impl=fif&us_privacy=1---&iu_parts=2620%2Cnbcu.oxygen%2Cerror&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&eri=1&sc=1&abxe=1&dt=1725567397201&lmt=1725567397&adxs=315&adys=55&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&vis=1&psz=970x10&msz=0x-1&fws=0&ohw=0&td=1&egid=8484&tan=26669153-87c0-40e8-882e-3552ad8c0668&tdf=2&topics=5&tps=5&htps=5&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1725567391215&idt=2193&prev_scp=site%3Doxygen%26pageid%3DERROR%26cont%3Dpage%26sect%3Derror%26pos%3D_oop_page%26slot%3D_oop%26loadset%3D0%26excl_cat%3Derror&cust_params=pm%3D1%26m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&adks=1381232750&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ec5ab967ec27ff9842ec7593afdb139552505b99f3f4fc1ac047f20ec437206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.oxygen.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a4645e54ca0e9bfe1171994c96538b70.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7F9E 0
0 536ms
101ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a4645e54ca0e9bfe1171994c96538b70.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Sep 2024 20:16:37 GMT
expires: Thu, 05 Sep 2024 20:16:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 977ms
210ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Sep 2024 20:16:38 GMT

POST
H/1.1 201 token Show response
sp.auth.adobe.com/o/client/ 767 B
2 KB 172ms
171ms XHR
application/json 54.162.201.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.auth.adobe.com/o/client/token

Requested by

Host: entitlement.auth.adobe.com
URL: https://entitlement.auth.adobe.com/entitlement/v4/AccessEnabler.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.201.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-201-242.compute-1.amazonaws.com

Software

api-gateway/1.9.3.1 /

Resource Hash

f73d171b947c01c5fc269812ea1a4ffdb9eec7a42f5d559d12caf7d0d991e372

Security Headers

Name	Value
Strict-Transport-Security	60

Request headers

AP-SDK-Identifier: js/4.7.0
ap_11: Linux x86_64
X-Device-Info: eyJhcHBsaWNhdGlvbklkIjpudWxsLCJtb2RlbCI6IkxpbnV4IHg4Nl82NCIsImJyb3dzZXJWZW5kb3IiOiJHb29nbGUgSW5jLiIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2In0=
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: https://www.oxygen.com/
ap_42: Google Inc.
ap_z: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 20:16:37 GMT
strict-transport-security: 60
Server: api-gateway/1.9.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: https://www.oxygen.com
Access-Control-Expose-Headers: pass_sfp,Authzf-Error-Code,Authzf-Sub-Error-Code,Authzf-Error-Details
Cache-Control: No-Cache
Access-Control-Allow-Credentials: true
P3P: CP="NOI DSP COR CURa ADMa DEVa OUR BUS IND UNI COM NAV STA"
Connection: keep-alive
Access-Control-Allow-Headers: ap_11,ap_42,ap_z,ap_19,ap_21,ap_23,authorization,content-type,pass_sfp,AP-Session-Identifier,AP-Device-Identifier,AP-SDK-Identifier,X-Device-Info
X-Request-Id: 7lZMlBrte0mwQ6uOz2N3XDI4sHLg5cSQ

OPTIONS
H/1.1 204
No Content token
sp.auth.adobe.com/o/client/ Frame 0
0 181ms
181ms Preflight
text/plain 54.162.201.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.auth.adobe.com/o/client/token

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.201.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-201-242.compute-1.amazonaws.com

Software

api-gateway/1.9.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	60

Request headers

Accept: */*
Access-Control-Request-Headers: ap-sdk-identifier,ap_11,ap_42,ap_z,x-device-info
Access-Control-Request-Method: POST
Origin: https://www.oxygen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: ap_11,ap_42,ap_z,ap_19,ap_21,ap_23,authorization,content-type,pass_sfp,AP-Session-Identifier,AP-Device-Identifier,AP-SDK-Identifier,X-Device-Info
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Origin: https://www.oxygen.com
Access-Control-Expose-Headers: pass_sfp,Authzf-Error-Code,Authzf-Sub-Error-Code,Authzf-Error-Details
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Thu, 05 Sep 2024 20:16:37 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa OUR BUS IND UNI COM NAV STA"
Server: api-gateway/1.9.3.1
X-Request-Id: kuUObjYlykCsasqr27u8DSmlBn8rBU4h
strict-transport-security: 60

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 17 KB
7 KB 846ms
123ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 20:16:38 GMT

GET
H/1.1 200 oxygen Show response
sp.auth.adobe.com/adobe-services/config/ 211 KB
14 KB 199ms
198ms XHR
application/xml 54.162.201.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.auth.adobe.com/adobe-services/config/oxygen

Requested by

Host: entitlement.auth.adobe.com
URL: https://entitlement.auth.adobe.com/entitlement/v4/AccessEnabler.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.201.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-201-242.compute-1.amazonaws.com

Software

api-gateway/1.9.3.1 /

Resource Hash

680248a2a7b6a47bd668db8e0c7cacf72fa5701ef4ca35b9c75b28a9ec374ae2

Security Headers

Name	Value
Strict-Transport-Security	60

Request headers

AP-SDK-Identifier: js/4.7.0
ap_11: Linux x86_64
X-Device-Info: eyJhcHBsaWNhdGlvbklkIjpudWxsLCJtb2RlbCI6IkxpbnV4IHg4Nl82NCIsImJyb3dzZXJWZW5kb3IiOiJHb29nbGUgSW5jLiIsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOC4wLjAuMCBTYWZhcmkvNTM3LjM2In0=
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJjNDkyMTVhMC0xZDc2LTQ1NDctYWQ3NS0wMGIwZWY3Mjg5MWMiLCJuYmYiOjE3MjU1NjczOTcsImlzcyI6ImF1dGguYWRvYmUuY29tIiwic2NvcGVzIjoiY29uZmlnOmNsaWVudCxkZWNpc2lvbnM6Y2xpZW50LHBsYXRmb3JtOnNzbyxwcm9maWxlOmNsaWVudCx0b2tlbnM6Y2xpZW50IiwiZXhwIjoxNzI1NTg4OTk3LCJpYXQiOjE3MjU1NjczOTd9.hZbwRKMOHJl6HQQn5izkEpwjY-8AoBC0xtp2liadPVJeinlENi60SlfBSb-cytnJXKFrHqk0H4ZMwgTQ9ozhlFlAT1HKuPGbFo4jjnY5xl75nTdJsk2qVSkhMiBdcH1oi6-HEu5XSnxss_gBlV6eleK2IfOQryfZ_sZGqkeC7O4TPTtuCwiAKjlETdqYcCn1kZO7yZofPTtV3w4NJAuJ9MOQ4f1JL0ihMzglZtDMEOoE3mkTnciBf-2WnkKs_G0ZNUF9DCigJ48AYpG9T0RF0SRpDopL1z803a9Rc7tSnZVk-mPio6ZEyBAGTuaENQcu29NBWlQi8xo0e3sdBz4ngg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Accept: application/xml
Referer: https://www.oxygen.com/
ap_42: Google Inc.
ap_z: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 05 Sep 2024 20:16:38 GMT
Content-Encoding: gzip
strict-transport-security: 60
Server: api-gateway/1.9.3.1
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.oxygen.com
Access-Control-Expose-Headers: pass_sfp,Authzf-Error-Code,Authzf-Sub-Error-Code,Authzf-Error-Details
Cache-Control: No-Cache
Access-Control-Allow-Credentials: true
P3P: CP="NOI DSP COR CURa ADMa DEVa OUR BUS IND UNI COM NAV STA"
Connection: keep-alive
Access-Control-Allow-Headers: ap_11,ap_42,ap_z,ap_19,ap_21,ap_23,authorization,content-type,pass_sfp,AP-Session-Identifier,AP-Device-Identifier,AP-SDK-Identifier,X-Device-Info
X-Request-Id: LgnxTSLQHQ97CiIojXYkpaPQ06jzsb2p

OPTIONS
H/1.1 204
No Content oxygen
sp.auth.adobe.com/adobe-services/config/ Frame 0
0 186ms
186ms Preflight
text/plain 54.162.201.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.auth.adobe.com/adobe-services/config/oxygen

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.162.201.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-162-201-242.compute-1.amazonaws.com

Software

api-gateway/1.9.3.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	60

Request headers

Accept: */*
Access-Control-Request-Headers: ap-sdk-identifier,ap_11,ap_42,ap_z,authorization,x-device-info
Access-Control-Request-Method: GET
Origin: https://www.oxygen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: ap_11,ap_42,ap_z,ap_19,ap_21,ap_23,authorization,content-type,pass_sfp,AP-Session-Identifier,AP-Device-Identifier,AP-SDK-Identifier,X-Device-Info
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Access-Control-Allow-Origin: https://www.oxygen.com
Access-Control-Expose-Headers: pass_sfp,Authzf-Error-Code,Authzf-Sub-Error-Code,Authzf-Error-Details
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain charset=UTF-8
Date: Thu, 05 Sep 2024 20:16:37 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa OUR BUS IND UNI COM NAV STA"
Server: api-gateway/1.9.3.1
X-Request-Id: N4cliIyvo1dDBCTsNoeB3TL2NfUM6hvc
strict-transport-security: 60

OPTIONS
H2 204 5fdd184e21c3bf0ac70d0357
events.launchdarkly.com/events/bulk/ Frame 0
0 671ms
671ms Preflight 54.156.51.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5fdd184e21c3bf0ac70d0357

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.156.51.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-51-63.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://www.oxygen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 05 Sep 2024 20:16:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 202 5fdd184e21c3bf0ac70d0357 Show response
events.launchdarkly.com/events/bulk/ 0
358 B 1272ms
1269ms XHR
application/json 54.156.51.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5fdd184e21c3bf0ac70d0357

Requested by

Host: id.nbcuni.com
URL: https://id.nbcuni.com/websdk/v2/identity-sdk.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.156.51.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-51-63.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.oxygen.com/
X-LaunchDarkly-Payload-ID: c15fcad0-6bc3-11ef-b1ed-cd15abbd7d52
X-LaunchDarkly-Event-Schema: 4
X-LaunchDarkly-User-Agent: JSClient/3.1.4
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Sep 2024 20:16:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 62AE 0
0 311ms
134ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstCi_B25d3afegpaSb9NVyViNQf5Mtt9igrRLQme1jxsHeJbuKPiHQ3Mfees7j2NDbXcQCYUP4Vn_7j4Q_d7YdyYM1BypTNDPfAEffAkzoOQTTzpnM-R0XC_YWbxwIOIzD_WW591OkP8iT2Ue4Dx2P7QP6_QTtWCgZK0fXBtkq9uOO7NKA1otjsbLVV0vvtWoIrBd4ZzxGTs3wiTuW1EDN_k1BSJiTZF4utSQscCcGuPfuoGepTXAKAg_2OzZiRC_YPLH9dh4ODH04I8mIiMF5gy8XuIAF4Zx4Tc_Y_ocRkju2VUIna6MgkjCbmpytCf0oGC3J6SO2b44RZZUcn3AsJbQvFHFD8uSUD_-_biuk4&sig=Cg0ArKJSzBErxMjhvi5QEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.oxygen.com
URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240903/r20110914/ Frame 62AE 23 KB
9 KB 267ms
91ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240903/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10c11d78dbe9edb265f2944791d1b78b2eaeb8b40bad23d975ee5cdf52da87ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 14:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21040
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9111
x-xss-protection: 0
server: cafe
etag: 14031732827963285806
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:25:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240903/r20110914/client/ Frame 62AE 3 KB
1 KB 403ms
227ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240903/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 14:26:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Sep 2024 14:26:09 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 62AE 204 KB
63 KB 273ms
98ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

258daef9a182640e92d363f90b54305e7a38a99655b8117d7bd7658a7fffbfff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 19:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64913
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Sep 2024 20:44:38 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame 62AE 340 KB
116 KB 85ms
85ms Script
application/x-javascript 23.213.169.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://z.moatads.com/nbcuniversal134024534264/moatad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-169-236.deploy.static.akamaitechnologies.com

Software

Resource Hash

4bca49ad8b0d9e9062ffaf1b9db74f9791982efa5d518f51023e054dfcb1ac03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Sep 2024 20:16:38 GMT
content-md5: wh60CE/eOxBYw2MUK7Tqsg==
storage-tier: Standard
content-length: 117835
last-modified: Fri, 31 May 2024 12:15:44 GMT
opc-request-id: iad-1:dx8AYwZPBT_5_9ZgxPaRiH8d4VKpZ8XDrvQN9hqEl3FAoJWOd5GfuYZV577cDY2m
x-api-id: native
etag: f89ef6bc-68b8-414a-9cf1-11b2cd58b177
vary: Accept-Encoding
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type: application/x-javascript
version-id: f4ceb80e-a044-4984-8c2a-5c66b2d5e5fb
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control: max-age=60207
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 15087753483871036520
tpc.googlesyndication.com/simgad/ Frame 62AE 10 KB
11 KB 520ms
85ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15087753483871036520

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Sat, 31 Aug 2024 05:42:51 GMT
x-content-type-options: nosniff
age: 484427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10627
x-xss-protection: 0
last-modified: Tue, 13 Nov 2018 17:33:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 31 Aug 2025 05:42:51 GMT

GET
DATA 200
OK truncated
/ Frame 62AE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2642b17440d54f88a5835f26467a8cba287ad600107f9816651e78f91698f03e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe
gum.criteo.com/ Frame ECD3 0
0 829ms
101ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.oxygen.com&us_privacy=1---

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Sep 2024 20:16:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 435189
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
0 0ms
0ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:38 GMT
content-encoding: gzip
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Sep 2024 20:16:38 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F18A 0
0 652ms
79ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 17476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Sep 2024 15:25:22 GMT
expires: Fri, 05 Sep 2025 15:25:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62AE 0
0 115ms
115ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Sep 2024 20:16:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 n.js Show response
mb.moatads.com/ 84 B
184 B 558ms
558ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%23b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-6Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&i=NBCUV2&hp=1&sst=1&wf=1&ra=1&pxm=5&sgs=3&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1725567398653&de=545410933795&m=0&ar=77fe512667-clean&iw=5415e05&q=3&cb=0&ym=0&cu=1725567398653&ll=1&lm=0&ln=1&r=0&em=0&en=0&d=4650777348%3A2428627361%3A4860685866%3A138250187918&zGSRC=1&zMoatPS=topbanner_page&zMoatST=oxygen&zMoatDomain=oxygen.com&zMoatSubdomain=oxygen.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=noHistData&zMoatMSafety=safe&zMoatMGV_MAX=noHistData&zMoatMMV=noHistData&zMoatMGV=noHistData&zMoatMData=1&zMoatTag=-&zMoatSZ=-&zMoatCURL=oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&id=1&ii=4&bo=77910858&bd=124197018&zMoatOrigSlicer1=77910858&zMoatOrigSlicer2=124197018&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=1%3A5880%3A5880%3A9711%3A6348&tz=topbanner_page&iq=noHistData&tt=noHistData&tu=1&tp=safe&jm=-1&fs=45&na=2099128297&cs=0&ord=1725567398653&jv=2092267282&callback=DOMlessLLDcallback_50847734
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: cedca19f3584c9453150fe770f0882302be1fc14f7289b4e1cbb195ab22ed946

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:39 GMT
server: istio-envoy
etag: "3976e5bb8e6f38ae107469deaf22d2f7d8182f7a"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 14
timing-allow-origin: *
content-length: 84

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 85ms
84ms Image
image/gif 23.213.169.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=NBCUV2&hp=1&sst=1&wf=1&ra=1&pxm=5&sgs=3&vb=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1725567398653&de=545410933795&m=0&ar=77fe512667-clean&iw=5415e05&q=4&cb=0&ym=0&cu=1725567398653&ll=1&lm=0&ln=1&r=0&em=0&en=0&d=4650777348%3A2428627361%3A4860685866%3A138250187918&zGSRC=1&zMoatPS=topbanner_page&zMoatST=oxygen&zMoatDomain=oxygen.com&zMoatSubdomain=oxygen.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=noHistData&zMoatMSafety=safe&zMoatMGV_MAX=noHistData&zMoatMMV=noHistData&zMoatMGV=noHistData&zMoatMData=1&zMoatTag=-&zMoatSZ=-&zMoatCURL=oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&id=1&ii=4&bo=77910858&bd=124197018&zMoatOrigSlicer1=77910858&zMoatOrigSlicer2=124197018&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=1%3A5880%3A5880%3A9711%3A6348&tz=topbanner_page&iq=noHistData&tt=noHistData&tu=1&tp=safe&jm=-1&fs=45&na=1635718627&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-169-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 05 Sep 2024 20:16:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 05 Sep 2024 20:16:38 GMT

GET event.gif
beacon.krxd.net/ 0
0

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 104ms
103ms Fetch 18.195.70.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.70.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-70-197.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 05 Sep 2024 20:16:39 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 279ms
84ms Preflight 18.195.70.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.70.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-70-197.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.oxygen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 05 Sep 2024 20:16:38 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 62AE 0
0 120ms
120ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsv8LPO0eSOYvWjwi6BkfegZOQRCijx7-mJ2Z8Rj878_JKnZmgvT4o5arj4pS1EsPGo_dqgMYaVAy1OYLgG5zkJ3m-RFbkqjswrqa7BECP1rfTNz2ksraevtGaA9yBXVuJqtR6d83sg33dtaRg_mmWfZYDkAAXzDmuCCY3a5u3yRb3em_TDi6NTp5aLiID44m2r_nwVi4ns20z8-SQbh4xUXW0Jn0c-X0aqZztU9ggvakWxu-gMJH1NHdc_QE9hNFYRcVPWwwzpI7OLiyhOGPzbJxTc4tSMJCpxchySjeEZyoLfnlKaE6gHiMwemEI7IM07cZgq2HOxf6sZUO3eLu-nu9bGuo_mK60_2Vc5sPig4jc8&sig=Cg0ArKJSzKmEj6B5_ylNEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 05 Sep 2024 20:16:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 87ms
87ms Image
image/gif 23.213.169.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&sst=1&wf=1&ra=1&pxm=5&sgs=3&vb=10&kq=1&lo=0&uk=null&pk=1&wk=0&rk=1&tk=1&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F15087753483871036520&i=NBCUV2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%23b.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8whh%2B%7D%407%25w_2C%3FP%3ElK%3DbH%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.a%24%3D!%250!9Zpe4tE0b15%7CQjw%60.%7Bi%24J)%2C4i8ocS!%5BFZKU37B%2BMm1TFG5%3D_%40NVktoDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-b30pLQ%2FSrWfiLYzebeGIbnPajq7lOaO9YGxLYqfZY0xNzxzrCfSmix1wV0AK2nh7uzk%3D&rs=1-gZp8RG4580cdYQ%3D%3D&sc=1&os=1-6Q%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=1570&qd=1170&qf=1600&qe=1200&qh=1600&qg=1285&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aa%5DmJVOG)%2C~%405%2F%5BGI%3F6C(TgPB*e%5D1(rI%24(rj2Iy!pw%40aOS%3DyNX8Y%7BQgPB*e%5D1(rI%24(rj%5EB61%2F%3DSqcMr1%7B%2CJA%24Jz_%255tTL%3Fwbs_T%234%25%60X%3CA&qo=0&bq=0&g=0&h=5&w=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&id=1&ii=4&f=0&j=&t=1725567398653&de=545410933795&cu=1725567398653&m=19&ar=77fe512667-clean&iw=5415e05&cb=0&ym=0&zMoatSc=1600x1200&zMoatVp=1600x1200&zMoatRawVp=1600x1200&ll=1&lm=0&ln=1&r=0&dl=0&dn=85&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=1457&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=20&vx=20%3A-%3A-&pe=1%3A5880%3A5880%3A9711%3A6348&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=0&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=0&oz=1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4650777348%3A2428627361%3A4860685866%3A138250187918&bo=77910858&bd=124197018&gw=nbcuniversal134024534264&zMoatOrigSlicer1=77910858&zMoatOrigSlicer2=124197018&zMoatDomain=oxygen.com&zMoatSubdomain=oxygen.com&zMoatPS=topbanner_page&zMoatST=oxygen&zMoatJS=3%3A-&zMoatDR=-&zMoatMMV_MAX=noHistData&zMoatMSafety=safe&zMoatMGV_MAX=noHistData&zMoatMMV=noHistData&zMoatMGV=noHistData&zMoatMData=1&zMoatTag=-&zMoatSZ=-&zMoatCURL=oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&zMoatDev=Desktop&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&jm=1&tz=topbanner_page&iq=noHistData&tt=noHistData&tu=1&tp=safe&tc=0&fs=45&na=1240266915&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.169.236 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-169-236.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 05 Sep 2024 20:16:38 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 05 Sep 2024 20:16:38 GMT

GET event.gif
beacon.krxd.net/ 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2

200

sync
eb2.3lift.com/ Frame CF7E
Redirect Chain

https://eb2.3lift.com/sync?us_privacy=1---&
https://eb2.3lift.com/sync?us_privacy=1---&&ld=1

0
0

77ms
76ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&&ld=1
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 05 Sep 2024 20:16:40 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 05 Sep 2024 20:16:40 GMT
location: /sync?us_privacy=1---&&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2EC6 0
0 277ms
99ms Document
text/html 23.213.168.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=162862&us_privacy=1---
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.168.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-168-238.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=69741
content-encoding: gzip
content-length: 5633
content-type: text/html
date: Thu, 05 Sep 2024 20:16:40 GMT
expires: Fri, 06 Sep 2024 15:39:01 GMT
last-modified: Mon, 26 Aug 2024 15:25:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame 0226 0
0 494ms
82ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Thu, 05 Sep 2024 20:16:40 GMT
etag: "28052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 ixmatch.html
js-sec.indexww.com/um/ Frame B82B 0
0 293ms
109ms Document
text/html 104.18.38.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 139
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 8be8e5fce96a5d4d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 05 Sep 2024 20:16:40 GMT
expires: Fri, 06 Sep 2024 00:16:40 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 204
No Content iframe
sync.colossusssp.com/ Frame DDDC 0
0 537ms
184ms Document
text/plain 172.240.155.108
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.colossusssp.com/iframe?pbjs=1&coppa=0

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/24610.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.240.155.108 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://www.oxygen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/plain
Date: Thu, 05 Sep 2024 20:16:40 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2 200 9.gif
id5-sync.com/s/441/ 43 B
1 KB 256ms
95ms Image
image/gif 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.oxygen.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Thu, 05 Sep 2024 20:16:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: image/gif;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: geolocation.onetrust.com
URL: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.46.0&cb=91745045680&lsavail=1

Domain: tlx.3lift.com
URL: https://tlx.3lift.com/header/auction?lib=prebid&v=8.46.0&referrer=https%3A%2F%2Fwww.oxygen.com%2Fsnapped%2Fseason%2F-34%2Fvideos%2Fprivate%2F-investigator%2F-discovers%2F-key%2F-evidence%2F-from%2F-viktoria%2F-nasyrovas&tmax=1500&us_privacy=1---

Domain: beacon.krxd.net
URL: https://beacon.krxd.net/event.gif?event_id=JnqJS_Pa&event_type=rtg&ord=1725567398653

Domain: beacon.krxd.net
URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202408290101&jk=1950511058120871&bg=!urmlufbNAAY2Tt88Fk47ADQBe5WfOKslSvbcKJPu-r7CbKn0V_Zy8jgk5LfXBWj-RzB47HICSLcNWaoW829Dv3KTQ2SZAgAAACZSAAAAA2gBB34ANoR9MPJjCG4d-RaMWZkREbp0u8r6LKCa3uGwlJw8oGtBUUaKibHzcvCTUfVjHl1mEAICFJWNkpkCsoJL6s6RWav11DJTHJ75BTcQmNa0hcrodIyfcimF-piBAaEao3tedo7evBo9kLCpSZ5afP6Z6OfR3RW298rSYGY0s4IuYkJfNHG8iUTmpNlb5uSvF8Gqu_Qe-yUYYPff3_dTpbgDIKKVnqYi8xZedmczIaAcFxF3YjfeCojJjb4xDik5AWAXlzwwkrTBsSnEZwtv_yqzy9A9mmdrMdI9svD6Spq4XBiCnFjLqlSv6Ww_djjbipTzd70XYdLzvNkfC3Izacger81JATv9PjSsqhjkhbGsOh_STyrcSSWdPhGeQBhtxycF0MCtNXBkghTu4B8WO0O4uRsaa2gteGaND_oRkYNoRCkV-gWOFosOvYpraUnro8RCcKm8RSdmv5oLQeAZXP_AGN1yAJUjdUMnGZldB2-TZUnpC2tKJtpfBzsThFbJ_iQgNu2xi5qnW4_DaWw-QD9i4YI4nPpOQ-n6kLTG87zMnRqhsVUFhf9rJyr96WO3XFU-VzjkfEmUy5TVNkOMkK54wy_OkUMsF6_U5HYtYK7PMrIF0aznane8NRcSwOsLbMaNIYROKXk8oOeQnYYPUiGz68LgIBj78IXMeUBPtplITU5Yn4tgF2yXK3c6WaDhLaitDiQ2FPqH2neMZjsGvLdyASkpNgz_5q1rFcDhZVR-MhCfm_14RD-h10xhxnRPbaZy7DiS2MCH0AZ-u2ygO2umr0uGsC4LXHuN_cgtXnCyMM7vhGMx89zKTBOC9fAeLdNH09Egu9MHgzntB46kqNuEwPQb3-Di6fIkjInRxwbGl59PnVo4y7U4P2Q-fLy6HQFZf10jzcxKOA3HqEr_GSe7zDW9GJXJA8RwbdI7dvRSL8ZNxeYEkLyIm-yxeyW3TO89XVnjQIdHPJ81MSiz_ZIGUohS4v2ZlPRRA1nQjA

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mps.nbcuni.com/fetch/ext	1970-01-20 23:20:53	Name: adEdition Value: DE
mps.nbcuni.com/fetch/ext	1970-01-20 23:20:53	Name: geoEdition Value: de
www.oxygen.com/	1970-01-21 08:05:03	Name: usprivacy Value: 1---
.oxygen.com/	1969-12-31 23:59:59	Name: linktrk Value: %5B%5BB%5D%5D
.commerce.nbcuni.com/	1969-12-31 23:59:59	Name: _cfuvid Value: yV8qY0DFA.yEA_EdyzLq4EQVGKgC.nk3JnbW7_MRyaI-1725567392690-0.0.1.1-604800000
.demdex.net/	1970-01-21 03:38:39	Name: demdex Value: 91527030999510097141492332811363119816
.oxygen.com/	1969-12-31 23:59:59	Name: AMCVS_A8AB776A5245B4220A490D44%40AdobeOrg Value: 1
www.oxygen.com/	1970-01-21 00:45:51	Name: adops_master_kvs Value:
.oxygen.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.oxygen.com/	1969-12-31 23:59:59	Name: s_tp Value: 1457
.oxygen.com/	1969-12-31 23:59:59	Name: s_ppv Value: Page%2520Not%2520Found%2C82%2C82%2C1200%2C1%2C1
.oxygen.com/	1970-01-20 23:19:29	Name: gpv_pn Value: Page%20Not%20Found
.oxygen.com/	1970-01-20 23:19:29	Name: gpv_ct Value: Page%20404
.oxygen.com/	1970-01-21 08:55:27	Name: s_lv Value: 1725567394370
.oxygen.com/	1970-01-20 23:19:29	Name: s_lv_s Value: First%20Visit
.oxygen.com/	1970-01-21 00:02:39	Name: s_getNewRepeat30 Value: 1725567394370-New
.oxygen.com/	1970-01-21 01:29:03	Name: s_getNewRepeat90 Value: 1725567394371-New
.oxygen.com/	1970-01-20 23:22:26	Name: s_vnum Value: 1725746400371%26vn%3D1
.oxygen.com/	1970-01-20 23:19:29	Name: s_invisit Value: true
.oxygen.com/	1970-01-20 23:55:33	Name: s_vmonthnum Value: 1727733600371%26vn%3D1
.oxygen.com/	1970-01-20 23:19:29	Name: s_monthinvisit Value: true
.oxygen.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.oxygen.com/	1970-01-21 08:55:27	Name: AMCV_A8AB776A5245B4220A490D44%40AdobeOrg Value: 179643557%7CMCIDTS%7C19972%7CMCMID%7C91763013798118262881507016254150108938%7CMCAAMLH-1726172193%7C6%7CMCAAMB-1726172193%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1725574594s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.5.0
www.oxygen.com/	1969-12-31 23:59:59	Name: client_type Value: html5
www.oxygen.com/	1969-12-31 23:59:59	Name: client_version Value: 4.7.0
.oxygen.com/	1970-01-21 01:29:03	Name: _gcl_au Value: 1.1.914050008.1725567395
.demdex.net/	1970-01-21 03:38:39	Name: dextp Value: 771-1-1725567394499\|30646-1-1725567394600\|57282-1-1725567394700\|129099-1-1725567394801
.doubleclick.net/	1970-01-21 08:41:03	Name: IDE Value: AHWqTUkJykBrmSq7XBZMrTmNZZuyMi9kBOTmGcAfaDffI4qr_bBRll1zKZoHM_Y1F4Y
.dpm.demdex.net/	1970-01-21 03:38:39	Name: dpm Value: 91527030999510097141492332811363119816
.gumgum.com/	1970-01-21 08:05:03	Name: cs Value: true
.adnxs.com/	1970-01-21 08:55:27	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 08:05:03	Name: khaos Value: M0PQ9WIT-1X-CM8R
.rubiconproject.com/	1970-01-21 08:05:03	Name: audit Value: 1\|naVuGyos1qo92fFPDviV4czzH/SUMvpGs1wMD2ZZQDIXFxYtazpBUqQ0Fs/Oa1HkdDrqOp3cCpGWAplhZreRNSL5hAXvaZVpgxBSbtbBH0a+xUA9sgf/4eNEKcfJxgEB
www.oxygen.com/	1969-12-31 23:59:59	Name: instance_user_guid Value: null
.oxygen.com/	1970-01-21 03:38:39	Name: __eoi Value: ID=25e0c158bff40e80:T=1725567398:RT=1725567398:S=AA-Afja39cTj86U--bd_ItOBi9Z0
.criteo.com/	1970-01-21 08:41:03	Name: uid Value: 296ee27f-412a-4ee5-97e7-dedce7a893b4
.criteo.com/	1970-01-21 08:41:03	Name: receive-cookie-deprecation Value: 1
.oxygen.com/	1970-01-21 08:41:03	Name: cto_bundle Value: ns2PaV8xMEVCdjNjSTEyN2pVWkRGQmxJJTJCcm9OZlo3ZGhwMnVMclJLQ0Qyc25qZSUyRkJ6RGFaS0JKNUlxTGQ4bEdRTWpPekJXNEtOeEk5TWglMkZwWERPWGdrM3RRcjVOZ2pydks2aG5kYTNqWmozU2J3VGNhNlBGOEhUZjVobVRMR3RmcDdiVnlzZVJCam9ORUcxRk4lMkZnSiUyRlFkTVV3JTNEJTNE
.3lift.com/	1970-01-21 01:29:03	Name: tluidp Value: 2038141605720754486467
.3lift.com/	1970-01-21 01:29:03	Name: tluid Value: 2038141605720754486467
.ads.pubmatic.com/	1970-01-20 23:20:53	Name: KCCH Value: YES
.casalemedia.com/	1970-01-21 08:05:03	Name: CMID Value: ZtoRqbmqPM4AAA.tANvx7AAA
.casalemedia.com/	1970-01-21 01:29:03	Name: CMPS Value: 2175
.casalemedia.com/	1970-01-21 01:29:03	Name: CMPRO Value: 2175

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://beacon.krxd.net/event.gif?event_id=JnqJS_Pa&event_type=rtg&ord=1725567398653 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas Message: The resource https://www.oxygen.com/themes/custom/lifestyle/images/primary-menu-arrow-dark.min.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.oxygen.com/snapped/season/-34/videos/private/-investigator/-discovers/-key/-evidence/-from/-viktoria/-nasyrovas Message: The resource https://www.oxygen.com/themes/custom/lifestyle/images/identity/icon-profile-dark.min.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4645e54ca0e9bfe1171994c96538b70.safeframe.googlesyndication.com
aax.amazon-adsystem.com
ads.pubmatic.com
app.launchdarkly.com
assets.adobedtm.com
beacon.krxd.net
bidder.criteo.com
c.amazon-adsystem.com
cdn.cookielaw.org
colossusssp.com
commerce.nbcuni.com
config.aps.amazon-adsystem.com
dpm.demdex.net
eb2.3lift.com
entitlement.auth.adobe.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eus.rubiconproject.com
events.launchdarkly.com
fastlane.rubiconproject.com
g2.gumgum.com
geolocation.onetrust.com
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.nbcuni.com
id.oxygen.com
id5-sync.com
js-sec.indexww.com
jssdkcdns.mparticle.com
mb.moatads.com
micro.rubiconproject.com
mps.nbcuni.com
nbcume.sc.omtrdc.net
nbcuni.demdex.net
pagead2.googlesyndication.com
prebid-a.rubiconproject.com
px.moatads.com
securepubads.g.doubleclick.net
sp.auth.adobe.com
static.criteo.net
sync.colossusssp.com
tlx.3lift.com
tpc.googlesyndication.com
unpkg.com
www.googletagmanager.com
www.nbcudigitaladops.com
www.oxygen.com
z.moatads.com
beacon.krxd.net
bidder.criteo.com
geolocation.onetrust.com
pagead2.googlesyndication.com
tlx.3lift.com
104.122.39.115
104.16.223.173
104.18.38.76
108.138.6.136
13.248.245.213
13.33.173.196
141.147.81.223
142.250.186.161
151.101.194.217
162.19.138.119
172.240.155.108
172.64.151.101
178.250.1.11
178.250.1.8
18.195.70.197
18.245.31.92
184.30.22.30
185.64.189.112
185.89.210.244
23.197.128.254
23.213.168.238
23.213.169.236
23.218.50.73
23.41.180.140
2602:803:c003:200::21
2606:4700:4400::6812:2089
2606:4700::6810:dfad
2606:4700::6811:f7cb
2606:4700::6812:562a
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a02:2638:3::3
2a02:26f0:3500:c89::1e80
2a02:26f0:ab00:386::1af8
2a02:26f0:ab00:3ba::1af8
2a02:26f0:e300:187::1af8
2a04:4e42:400::645
52.209.226.213
54.156.51.63
54.162.201.242
54.163.107.227
54.229.181.88
54.246.157.114
63.140.62.27
96.46.188.4
03db381cd6a0e7b1ddf49b585f104d891853394e17e0f3495d0ba81c79b29545
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0d72c8a4a6334322e9ae32ccb173b3d9363a4df19a8e676bb92206bb35b0140e
10c11d78dbe9edb265f2944791d1b78b2eaeb8b40bad23d975ee5cdf52da87ae
137f1dd46caab1a1e234e9e80ea905e620f99abd8e440b502297c68fd11c423d
14252ab4c357eb7336a083e176c803deb56ce4949acf2b3c45789ae7aa5ff25b
15312c43999dba53e5b5aac37278a54f32f2d81e2811ab410367aeca0546344d
15c8d5c7964a47cab4501b92b949619a40f311062ffbc16729a6605828949281
165d36362ebf1325dcd5c62de9c2a23cf2031a1852a22a3d5bae958cb9eaf6ec
215f525a2b785639219063275834f063bfd7639ae69ba398f059af56f91a714a
258daef9a182640e92d363f90b54305e7a38a99655b8117d7bd7658a7fffbfff
2642b17440d54f88a5835f26467a8cba287ad600107f9816651e78f91698f03e
2dbaf281a07480a2ee51ce6af229860143af16490a20ada947c52f84fa4114ea
2eebf3ae2d474e1a9804de7b067156607c3b09a17c35085049b665e139ac7bff
2f12bf7ca8e0bc82ac4634c7f6b5d9cd3b260ec31c2ec76d2db01d983770cf48
2f4d0cd65275676ab860a3bdfa7e762dbd5b5f71f463ea1335a31d4e2dd19f24
334f10a2ef96a11489372f86964d61dc3c59e7ab36f0007e5a4e0f1a600d192e
3ba1fee1844f267b64792dbb29804989e1c550b85f698735c1261e6bf9bfaa80
3d05c37943bf10fb6f953d085c4a9cf00399955d33b7af085e1006fb503e89ef
42d31f199b2de8b56a1d3d581eb3bc45cf9e6dafb23c05b44ee7a314fcfa76c6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b96fb83bb4676a14f7a865db31d3eb008df09d0920329872d823578625d885
4bca49ad8b0d9e9062ffaf1b9db74f9791982efa5d518f51023e054dfcb1ac03
4ec5ab967ec27ff9842ec7593afdb139552505b99f3f4fc1ac047f20ec437206
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52d59f83d5ca58488d2caf040213b671cbb4cb8258167b8cffb9c17caeb56fd7
5c69a9ad40dc0b919ef0acb5b1171ddc52b7e096b816cef50b85ca8c6c8a7d44
5d4a213fdf6776379e538b1d081a3d0f1903fae54c441c3ab46cdded9ef0dafe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64171bed8b1e093ab735ee9c6cdc99440d0fea8e8f8c9f362fae3c093f1332f1
6526a020e0ee9b26754794fba1f44fb0a83cccfb15d51306cd67606b9c26d1ca
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
680248a2a7b6a47bd668db8e0c7cacf72fa5701ef4ca35b9c75b28a9ec374ae2
6b470a5ec92399b5420afa5e81b07fe400eeb24c317d911ce76aabcf7e02db39
6bcf099ecde527bf061d4f5cd88d73a093e7e4cbcb6f087b1cc4523b6d03f68d
6be3eeb18dce4496d0b752ff5b8abc6ea57107c42ee57c5fdc559ccd87b3197a
6c31334f38bbe4e8961cff15289c510af536a0b9549b5f6251b63d1000d3c528
6d0bdf08c2b54a2a88ad457e2253730359c71986a7aa79a47083fdb468f0be9d
6e6c4b61a3e9ac63fe9df70377514ff38b3a770aa1c544b67013baa946457864
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
79544dfec1897794c86963402bdcf2724c1f0dced562a3b9bcc3ac0060788842
7b74619e9c428a70f4ea4ba5209dda20bf51b7fb3266a679754d9cba4607a27a
7b88605c77ab0be603f355be1736db258d99d72b97481f447f71986edbc276fb
7c552bd91f390484f30d95b8b520ff1ae8d03d16d9139b298a6ff2350dac359f
821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664
8256551ef432266e62ba78eeb1b429aebe20e042eb6cf92fcf1ac07c743facea
8303823d262dee7eaa3b8eb7acf79937502dc429ae530d22e0e3f5de572adc2e
83832d5307a4d195cddf24f76e66d09b669cfbe23a429d642d06202cb55c96cf
8568aa15f7e848220d9a113f46570dc0b89e853d67d89b076f971ec9cb99542d
8b73e62aab5e1ea2737c8a65585bb44bdf7f3930643edc2ded758ccaf428a00f
8bc833ce3bb4ee1da2d8942fca3456b9a541a3cefa930873cadbd19c6c4b17be
8eaecff2ad243d178ae8a2cf268401f2bfde56bf408ae46c05c7e3232325e02a
90209d77ecb5f6ac81e25fbe652a335bf0f56d4977edc474a0293dba132010c1
99be37f823824c89567b0a52e5b46c226702c29361737858a9efff58d78b275c
9b24c44df96c5176d269271dd9c6de2d5368fd79cf6e4e97bc9a48ef57432385
9da8955599b4a02d6530c8fa0ce5c6ecfec7cc56f8a5b53bbc993d1ef9806b43
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a253c9bbbbb7b1379dd85a34ab18be1f1e4713a82d5df253942e3b8257c60709
a583a78a2b0aba7839e40e9a336862d17efeab1d38b879eec416f586f5bcd33b
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
ac42cd54e6d0148982f14ea77f922babd58a17d97c62d90688c18e0476ab37eb
acba92f3ca76eb094473443fe0838af2a3c7d6f580bdc2c0142d31cb461b8820
b2066bae05eb83fdaf8919fc0130d8242fd3cb6be388914dc792064195317b55
b4d365afe6b1d4fcdb52277ae138e391fd83d15b2043c91a9e46b61974a4f40f
b4dfee098da07a74fe880ff260849e98c684f94fa2c51a9b4e3b875caa3a92df
be540728f9ac612ecb44dcab0a8117af8868cb5ef061fbfe2d987d7aa57227cd
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c3dedb8084e1327717f4d28f7789ceeb7f0eb928b8bb30743a152c44853d7fe8
c739c380053678ea3275e0fd02c6e6e6ee9229a8864ddbe8e977288fafdfa3e1
c76a025d25a5d897d421612f765bb8fc4ec90b51cffed9e3c5a956ae500055a3
c946146c5ed4c863577632f9fd37baf27ac5b902c365cce3c6e1453a060b9480
caaab16a94696140e6be9414977768509d664c3fd782a122aa3754a472231f84
cbeebffe55dfb5d54b1a45424537405fd94accc1abe6eaa2ce2a4010e97e2e27
cbfff9e7d08a2cdce05469336a67dbccd311b7ec9c4829e4d8a2aca7a2d7321b
cc2c9183cccef0703755bc55631ee3a1a7162ba12eeedc9b733d54a1b338d1c3
ce1280dd9fab975b7b5244e74b6d31c78427c6c4c1aff563ed5d5b390942ba12
cedca19f3584c9453150fe770f0882302be1fc14f7289b4e1cbb195ab22ed946
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf59ea061ddc1829c13bec1165c4b5b2311301abdb249276c281fa2c837cc24b
d49c1786730d767fc4295bdb04c0e7566b75bc00f3db3157efcd1cde3aa07c4c
d6b254282e2510b3c2b33b95be0f7da52ac0bde4e8c62c8245f0299ec8deb751
d8c89c5208fcc1330eb7b5dcc98f798b63b15a9d2ad1e63435948915fc6e9cb2
da6aaeafe303a4f0d02a0e2d12fe22f77e49d80f2c17656bb90790d53b90467e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72c6c1f60b9f4e27244f3727840c8a0fdcd844b9c4a9d6b65faaaff8ee38af7
e767497e3521ee979e165d4fab171d45daeb0dc54170dc65daff4000357f7ccd
eaa667365af14390810e8fba5871d393749875db29407149b3b65d212e2a30a1
ebeef4dbab77cbd39c9e444cca83e317dab1be15c5b3f7a43f360e3ac3a41f6f
f241ecc7d29e920e548b5989e51b3cc78575b70a055ea42a1a376ec2d51559fa
f44cc25fbe81a357930bd3ac6468186336fc5316a68e6e00afddf55437e74ee0
f50965b42653c131945e67fa694eb892e63c96d55392173c8ba9bc52bf3ad683
f53ffeb1eb7ff510ecd7f915dced515ab43db3bda380a163f9749d5fa7a54749
f632fdf18f5e60ef9445f170f83c237254548d9edfb59f82ace1fde3a1926174
f65441e290e57f17ebde690299c3ad642cd72792fe47171afb08f8763695318c
f73d171b947c01c5fc269812ea1a4ffdb9eec7a42f5d559d12caf7d0d991e372
f7b097f0f72c9c875d47c1ef87073dfeb5c4679f6979da23031d5186cdbf4157
fa2eacf49752d4c296a322b31b53bf61bbd66789046b877fc21889e6a1d71b7a
fc81781a361ab1df1b1942e874ba4f96aa3fcec20ea8b76a26ddaa2c022f7556
fca5134c2441c6ad5964e23dd51cfd9019509ce653553a083961215006f8b473
fe6aa8e4e5802a107a05a84b4cdaf1b8dd989193196afad7e742bf8cfb6f5b76

www.oxygen.com Open in urlscan Pro 2a02:26f0:ab00:3ba::1af8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

95 %HTTPS

35 %IPv6

31 Domains

51 Subdomains

49 IPs

8 Countries

1776 kBTransfer

5522 kBSize

44 Cookies

17 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.oxygen.com Open in urlscan Pro
2a02:26f0:ab00:3ba::1af8 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

95 %
HTTPS

35 %
IPv6

31
Domains

51
Subdomains

49
IPs

8
Countries

1776 kB
Transfer

5522 kB
Size

44
Cookies

136 HTTP transactions
2 data transactions