urlscan.io logo urlscan.io
SecurityTrails logo

www.nytimes.com Open in urlscan Pro
151.101.65.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://movies.nytimes.com/movie/237147/Brotherhood-of-the-Wolf/overview
Effective URL: https://www.nytimes.com/reviews/movies
Submission: On December 12 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 9 countries across 59 domains to perform 252 HTTP transactions. The main IP is 151.101.65.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 3174.
TLS certificate: Issued by Thawte RSA CA 2018 on March 22nd 2023. Valid for: a year.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 48 151.101.65.164 54113 (FASTLY)
1 18.67.97.42 16509 (AMAZON-02)
2 142.251.221.72 15169 (GOOGLE)
3 151.101.193.164 54113 (FASTLY)
7 54.184.86.91 16509 (AMAZON-02)
1 50.112.118.45 16509 (AMAZON-02)
4 18.67.93.59 16509 (AMAZON-02)
3 18.67.113.158 16509 (AMAZON-02)
6 151.101.129.164 54113 (FASTLY)
1 18.67.111.56 16509 (AMAZON-02)
5 172.217.167.66 15169 (GOOGLE)
2 13.35.147.120 16509 (AMAZON-02)
2 4 18.67.111.52 16509 (AMAZON-02)
1 35.186.253.211 15169 (GOOGLE)
1 34.120.63.153 396982 (GOOGLE-CL...)
4 15 172.64.151.101 13335 (CLOUDFLAR...)
1 207.65.33.78 62713 (AS-PUBMATIC)
4 7 103.43.90.54 29990 (ASN-APPNEX)
1 54.251.55.122 16509 (AMAZON-02)
3 69.173.158.65 26667 (RUBICONPR...)
1 44.226.14.255 16509 (AMAZON-02)
2 18.67.114.43 16509 (AMAZON-02)
12 142.250.76.98 15169 (GOOGLE)
2 172.217.167.97 15169 (GOOGLE)
2 172.67.71.156 13335 (CLOUDFLAR...)
2 16 209.54.182.161 16509 (AMAZON-02)
1 2 142.250.71.70 15169 (GOOGLE)
1 18.67.107.130 16509 (AMAZON-02)
2 104.26.12.18 13335 (CLOUDFLAR...)
9 9 35.71.131.137 16509 (AMAZON-02)
14 19 69.173.158.64 26667 (RUBICONPR...)
6 6 18.143.106.89 16509 (AMAZON-02)
1 23.206.242.194 20940 (AKAMAI-ASN1)
4 104.26.6.229 13335 (CLOUDFLAR...)
5 142.251.12.84 15169 (GOOGLE)
10 142.251.221.65 15169 (GOOGLE)
1 20.50.2.28 8075 (MICROSOFT...)
1 34.227.121.59 14618 (AMAZON-AES)
5 142.250.204.1 15169 (GOOGLE)
2 18.67.109.223 16509 (AMAZON-02)
1 142.251.221.66 15169 (GOOGLE)
1 2 142.251.221.68 15169 (GOOGLE)
2 142.250.67.2 15169 (GOOGLE)
1 5 23.202.170.128 16625 (AKAMAI-AS)
2 23.202.169.82 16625 (AKAMAI-AS)
2 23.202.170.74 16625 (AKAMAI-AS)
1 6 34.98.64.218 396982 (GOOGLE-CL...)
2 3 52.223.2.229 16509 (AMAZON-02)
1 2 52.64.207.62 16509 (AMAZON-02)
6 142.250.66.198 15169 (GOOGLE)
13 18 142.250.66.194 15169 (GOOGLE)
2 207.65.33.83 62713 (AS-PUBMATIC)
3 13.249.205.63 16509 (AMAZON-02)
2 5 35.213.12.39 15169 (GOOGLE)
1 1 124.146.153.169 2514 (INFOSPHER...)
2 2 13.224.181.56 16509 (AMAZON-02)
1 23.48.96.232 20940 (AKAMAI-ASN1)
3 3 54.250.210.41 16509 (AMAZON-02)
1 1 54.224.142.7 14618 (AMAZON-AES)
1 1 35.208.249.213 15169 (GOOGLE)
2 172.217.24.38 15169 (GOOGLE)
2 4 34.111.113.62 396982 (GOOGLE-CL...)
1 2 13.251.194.25 16509 (AMAZON-02)
1 2 119.9.108.180 45187 (RACKSPACE...)
1 4 207.65.33.82 62713 (AS-PUBMATIC)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
1 2 54.255.162.48 16509 (AMAZON-02)
3 6 67.199.150.86 3257 (GTT-BACKB...)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 52.94.222.140 16509 (AMAZON-02)
1 13.107.42.14 8068 (MICROSOFT...)
1 1 18.67.172.126 16509 (AMAZON-02)
1 2 13.35.147.55 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 2 209.191.163.210 14744 (INTERNAP-...)
1 52.220.248.255 16509 (AMAZON-02)
8 34.217.170.142 16509 (AMAZON-02)
2 2 13.251.160.207 16509 (AMAZON-02)
1 1 182.161.73.146 55569 (CRITEO-AS...)
4 4 89.207.22.108 399104 (CNVR-APAC)
3 5 207.65.33.79 62713 (AS-PUBMATIC)
1 1 50.116.239.135 6336 (TURN-US-ASN)
3 207.65.33.76 62713 (AS-PUBMATIC)
3 4 185.84.60.20 198622 (ADFORM)
2 2 13.112.196.236 16509 (AMAZON-02)
1 1 103.229.10.171 16509 (AMAZON-02)
1 2 151.101.194.49 54113 (FASTLY)
1 1 18.138.18.111 16509 (AMAZON-02)
2 3 35.244.154.8 396982 (GOOGLE-CL...)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
252 73
48    151.101.65.164 (United States)

ASN54113 (FASTLY, US)
movies.nytimes.com
www.nytimes.com
g1.nyt.com
static01.nyt.com
samizdat-graphql.nytimes.com
a1.nyt.com
mwcm.nytimes.com
1    18.67.97.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-97-42.syd62.r.cloudfront.net
www.datadoghq-browser-agent.com
2    142.251.221.72 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f8.1e100.net
www.googletagmanager.com
3    151.101.193.164 (United States)

ASN54113 (FASTLY, US)
samizdat-graphql.nytimes.com
7    54.184.86.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-86-91.us-west-2.compute.amazonaws.com
a.et.nytimes.com
purr.nytimes.com
1    50.112.118.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-118-45.us-west-2.compute.amazonaws.com
als-svc.nytimes.com
4    18.67.93.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-59.syd62.r.cloudfront.net
rumcdn.geoedge.be
3    18.67.113.158 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-113-158.syd62.r.cloudfront.net
c.amazon-adsystem.com
6    151.101.129.164 (United States)

ASN54113 (FASTLY, US)
g1.nyt.com
1    18.67.111.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-56.syd62.r.cloudfront.net
config.aps.amazon-adsystem.com
5    172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net
securepubads.g.doubleclick.net
2    13.35.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-120.syd1.r.cloudfront.net
dd.nytimes.com
4    18.67.111.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-52.syd62.r.cloudfront.net
sb.scorecardresearch.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
15    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    207.65.33.78 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
7    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    54.251.55.122 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-55-122.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
3    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    44.226.14.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-14-255.us-west-2.compute.amazonaws.com
a.nytimes.com
2    18.67.114.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-114-43.syd62.r.cloudfront.net
aax.amazon-adsystem.com
12    142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
pagead2.googlesyndication.com
adservice.google.com
2    172.217.167.97 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f1.1e100.net
ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
2    172.67.71.156 (United States)

ASN13335 (CLOUDFLARENET, US)
platform.iteratehq.com
16    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    142.250.71.70 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f6.1e100.net
5290727.fls.doubleclick.net
1    18.67.107.130 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-107-130.syd62.r.cloudfront.net
static.chartbeat.com
2    104.26.12.18 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
9    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
19    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
6    18.143.106.89 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    23.206.242.194 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-242-194.deploy.static.akamaitechnologies.com
hb.yahoo.net
4    104.26.6.229 (None, )

ASN13335 (CLOUDFLARENET, US)
iteratehq.com
5    142.251.12.84 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f84.1e100.net
accounts.google.com
10    142.251.221.65 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net
tpc.googlesyndication.com
1    20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
collector.brandmetrics.com
1    34.227.121.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-121-59.compute-1.amazonaws.com
pnytimes.chartbeat.net
5    142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net
cdn.ampproject.org
2    18.67.109.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-109-223.syd62.r.cloudfront.net
gw.geoedge.be
1    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
adservice.google.com.au
2    142.251.221.68 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f4.1e100.net
www.google.com
2    142.250.67.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net
googleads.g.doubleclick.net
5    23.202.170.128 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-170-128.deploy.static.akamaitechnologies.com
cs.media.net
contextual.media.net
2    23.202.169.82 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-169-82.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    23.202.170.74 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-170-74.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
jp-u.openx.net
us-u.openx.net
nytimes-d.openx.net
3    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    52.64.207.62 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-207-62.ap-southeast-2.compute.amazonaws.com
fw.adsafeprotected.com
6    142.250.66.198 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f6.1e100.net
s0.2mdn.net
18    142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net
www.googletagservices.com
cm.g.doubleclick.net
2    207.65.33.83 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    13.249.205.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-205-63.slc50.r.cloudfront.net
static.adsafeprotected.com
5    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    124.146.153.169 (Kakegawa, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    13.224.181.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-56.syd1.r.cloudfront.net
cr-p3.ladsp.com
1    23.48.96.232 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-96-232.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    54.250.210.41 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-210-41.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    54.224.142.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-142-7.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
2    172.217.24.38 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f6.1e100.net
ad.doubleclick.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    13.251.194.25 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-194-25.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
2    119.9.108.180 (Hong Kong)

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)
uipglob.semasio.net
4    207.65.33.82 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
2    54.255.162.48 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-162-48.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
6    67.199.150.86 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    18.67.172.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-172-126.cgk51.r.cloudfront.net
live.primis.tech
2    13.35.147.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-55.syd1.r.cloudfront.net
sync.intentiq.com
sync1.intentiq.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    209.191.163.210 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ce.lijit.com
1    52.220.248.255 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-248-255.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
8    34.217.170.142 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-170-142.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
2    13.251.160.207 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-160-207.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
4    89.207.22.108 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin02-nessy-float2.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
5    207.65.33.79 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    207.65.33.76 (Saint Joseph, United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
4    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    13.112.196.236 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-196-236.ap-northeast-1.compute.amazonaws.com
pool.admedo.com
1    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.138.18.111 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com
cm.ambientdsp.com
3    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
Apex Domain
Subdomains		 Transfer
39 nyt.com
g1.nyt.com — Cisco Umbrella Rank: 9094
static01.nyt.com — Cisco Umbrella Rank: 7033
a1.nyt.com — Cisco Umbrella Rank: 7505
565 KB
29 nytimes.com
movies.nytimes.com
www.nytimes.com — Cisco Umbrella Rank: 3174
samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 6345
a.et.nytimes.com — Cisco Umbrella Rank: 5692
als-svc.nytimes.com — Cisco Umbrella Rank: 7335
dd.nytimes.com — Cisco Umbrella Rank: 8656
purr.nytimes.com — Cisco Umbrella Rank: 7184
a.nytimes.com — Cisco Umbrella Rank: 6439
mwcm.nytimes.com — Cisco Umbrella Rank: 12697
1 MB
28 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
5290727.fls.doubleclick.net — Cisco Umbrella Rank: 8695
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
228 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 537
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237
35 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
148 KB
23 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504
ads.pubmatic.com — Cisco Umbrella Rank: 544
image6.pubmatic.com — Cisco Umbrella Rank: 793
image2.pubmatic.com — Cisco Umbrella Rank: 859
simage2.pubmatic.com — Cisco Umbrella Rank: 723
image8.pubmatic.com — Cisco Umbrella Rank: 661
simage4.pubmatic.com — Cisco Umbrella Rank: 1304
image4.pubmatic.com — Cisco Umbrella Rank: 1224
31 KB
23 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614
aax.amazon-adsystem.com — Cisco Umbrella Rank: 410
s.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807
88 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum.casalemedia.com — Cisco Umbrella Rank: 1364
10 KB
13 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
104 KB
9 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 557
match.adsrvr.org — Cisco Umbrella Rank: 331
5 KB
8 google.com
accounts.google.com — Cisco Umbrella Rank: 23
adservice.google.com — Cisco Umbrella Rank: 93
www.google.com — Cisco Umbrella Rank: 2
84 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 307
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
3 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
6 KB
7 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 672
jp-u.openx.net — Cisco Umbrella Rank: 15595
us-u.openx.net — Cisco Umbrella Rank: 491
nytimes-d.openx.net — Cisco Umbrella Rank: 14205
2 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
198 KB
6 iteratehq.com
platform.iteratehq.com — Cisco Umbrella Rank: 6385
iteratehq.com — Cisco Umbrella Rank: 5693
32 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1498
cs.media.net — Cisco Umbrella Rank: 1381
contextual.media.net — Cisco Umbrella Rank: 665
4 KB
6 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 3375
gw.geoedge.be — Cisco Umbrella Rank: 4631
268 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
2 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
104 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
3 KB
4 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 11792
pubmatic-match.dotomi.com
1 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 465
1 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 592
eb2.3lift.com — Cisco Umbrella Rank: 372
2 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
1 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 408
899 B
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 563
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 2872
collector.brandmetrics.com — Cisco Umbrella Rank: 3177
20 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 777
878 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 685
771 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4682
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 835
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1010
522 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 846
sync1.intentiq.com — Cisco Umbrella Rank: 2869
2 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1234
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 799
854 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
183 KB
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4434
404 B
1 ambientdsp.com
cm.ambientdsp.com — Cisco Umbrella Rank: 28132
652 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
593 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
517 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 550
585 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 495
279 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1398
555 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 327
515 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 902
374 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 702
1 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 526
697 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
858 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
65 KB
1 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 156058
515 B
1 chartbeat.net
pnytimes.chartbeat.net — Cisco Umbrella Rank: 7123
201 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 866
662 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1767
24 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1445
48 KB
0 mathtag.com Failed
sync.mathtag.com Failed
252 59
Domain Requested by
30 static01.nyt.com www.nytimes.com
17 cm.g.doubleclick.net 13 redirects u.openx.net
googleads.g.doubleclick.net
s.amazon-adsystem.com
16 s.amazon-adsystem.com 2 redirects rumcdn.geoedge.be
s.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
13 pixel.rubiconproject.com 9 redirects s.amazon-adsystem.com
11 pagead2.googlesyndication.com www.datadoghq-browser-agent.com
tpc.googlesyndication.com
rumcdn.geoedge.be
ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
10 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
10 tpc.googlesyndication.com rumcdn.geoedge.be
www.nytimes.com
10 www.nytimes.com www.nytimes.com
rumcdn.geoedge.be
8 dt.adsafeprotected.com ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
8 match.adsrvr.org 8 redirects
7 ib.adnxs.com 4 redirects www.datadoghq-browser-agent.com
googleads.g.doubleclick.net
s.amazon-adsystem.com
7 g1.nyt.com www.nytimes.com
g1.nyt.com
6 simage2.pubmatic.com 3 redirects ads.pubmatic.com
6 token.rubiconproject.com 5 redirects eus.rubiconproject.com
6 s0.2mdn.net rumcdn.geoedge.be
s0.2mdn.net
ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
6 ups.analytics.yahoo.com 6 redirects
6 a.et.nytimes.com www.nytimes.com
www.datadoghq-browser-agent.com
6 samizdat-graphql.nytimes.com www.nytimes.com
www.datadoghq-browser-agent.com
5 image8.pubmatic.com 3 redirects ads.pubmatic.com
5 x.bidswitch.net 2 redirects u.openx.net
ads.pubmatic.com
5 cdn.ampproject.org rumcdn.geoedge.be
5 accounts.google.com rumcdn.geoedge.be
www.datadoghq-browser-agent.com
5 securepubads.g.doubleclick.net www.nytimes.com
rumcdn.geoedge.be
www.datadoghq-browser-agent.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 image2.pubmatic.com 1 redirects ads.pubmatic.com
4 pixel.tapad.com 2 redirects ads.pubmatic.com
s.amazon-adsystem.com
4 cs.media.net 1 redirects
4 iteratehq.com www.datadoghq-browser-agent.com
4 sb.scorecardresearch.com 2 redirects www.nytimes.com
4 rumcdn.geoedge.be www.nytimes.com
rumcdn.geoedge.be
3 idsync.rlcdn.com 2 redirects ads.pubmatic.com
3 match.prod.bidr.io 3 redirects
3 static.adsafeprotected.com rumcdn.geoedge.be
ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
3 eb2.3lift.com 2 redirects
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 fastlane.rubiconproject.com www.datadoghq-browser-agent.com
3 c.amazon-adsystem.com www.nytimes.com
www.datadoghq-browser-agent.com
2 pippio.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 pool.admedo.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 medianet-match.dotomi.com 2 redirects
2 pm.w55c.net 2 redirects
2 ce.lijit.com 1 redirects s.amazon-adsystem.com
2 capi.connatix.com 1 redirects s.amazon-adsystem.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 um.simpli.fi 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 ad.doubleclick.net rumcdn.geoedge.be
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 image6.pubmatic.com ads.pubmatic.com
2 fw.adsafeprotected.com 1 redirects rumcdn.geoedge.be
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 googleads.g.doubleclick.net www.nytimes.com
rumcdn.geoedge.be
2 www.google.com 1 redirects rumcdn.geoedge.be
2 gw.geoedge.be www.datadoghq-browser-agent.com
rumcdn.geoedge.be
2 cdn.brandmetrics.com www.googletagmanager.com
rumcdn.geoedge.be
2 a1.nyt.com www.nytimes.com
www.googletagmanager.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 platform.iteratehq.com www.nytimes.com
platform.iteratehq.com
2 ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
2 aax.amazon-adsystem.com www.datadoghq-browser-agent.com
2 dd.nytimes.com www.nytimes.com
www.datadoghq-browser-agent.com
2 www.googletagmanager.com www.nytimes.com
www.googletagmanager.com
1 image4.pubmatic.com ads.pubmatic.com
1 tags.rd.linksynergy.com 1 redirects
1 cm.ambientdsp.com 1 redirects
1 cms.quantserve.com 1 redirects
1 nytimes-d.openx.net
1 ad.turn.com 1 redirects
1 dsum.casalemedia.com 1 redirects
1 contextual.media.net
1 dis.criteo.com 1 redirects
1 match.sharethrough.com s.amazon-adsystem.com
1 sync1.intentiq.com s.amazon-adsystem.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 px.ads.linkedin.com s.amazon-adsystem.com
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 trace.mediago.io 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 us-u.openx.net u.openx.net
1 tg.socdm.com 1 redirects
1 www.googletagservices.com rumcdn.geoedge.be
1 adservice.google.com.au adservice.google.com
1 pnytimes.chartbeat.net
1 collector.brandmetrics.com cdn.brandmetrics.com
1 adservice.google.com 5290727.fls.doubleclick.net
1 mwcm.nytimes.com www.datadoghq-browser-agent.com
1 hb.yahoo.net
1 insight.adsrvr.org 1 redirects
1 static.chartbeat.com www.nytimes.com
1 a.nytimes.com www.datadoghq-browser-agent.com
1 purr.nytimes.com www.datadoghq-browser-agent.com
1 tlx.3lift.com www.datadoghq-browser-agent.com
1 hbopenbid.pubmatic.com www.datadoghq-browser-agent.com
1 htlb.casalemedia.com www.datadoghq-browser-agent.com
1 prebid.media.net www.datadoghq-browser-agent.com
1 rtb.openx.net www.datadoghq-browser-agent.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 als-svc.nytimes.com www.nytimes.com
1 www.datadoghq-browser-agent.com www.nytimes.com
1 movies.nytimes.com 1 redirects
0 sync.mathtag.com Failed ads.pubmatic.com
252 111

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.imdb.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
Subject Issuer Validity Valid
nytimes.com
Thawte RSA CA 2018		 2023-03-22 -
2024-04-21		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-12 -
2024-12-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
a.et.nytimes.com
R3		 2023-11-12 -
2024-02-10		 3 months crt.sh
als-svc.nytimes.com
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-08 -
2024-04-06		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
purr.nytimes.com
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
a.nytimes.com
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
iteratehq.com
E1		 2023-11-22 -
2024-02-20		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
brandmetrics.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2		 2023-05-10 -
2024-06-10		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh

This page contains 32 frames:

Primary Page: https://www.nytimes.com/reviews/movies
Frame ID: A9A2B9B8EBD6C8A9A920D7C21BB0C274
Requests: 118 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Frame ID: 42671B6AFB5D9862CBDFC0092D979E55
Requests: 1 HTTP requests in this frame

Frame: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 95BB826276D1EDFD85F7AFFA2B11AA07
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: D37FEF1CEC77D0D2AE7208FCE9C84F68
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Frame ID: 23BC24C19DBC3AE65136799F0D63EA32
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Frame ID: 77A5DAB2C7A9E453346C5B48E1A94D0D
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Frame ID: 7DAD3A1300AAC8E28223A052A314CC65
Requests: 13 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 021E7E979D5B22305E4BEF893EE6113A
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com.au/ddm/fls/i/dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Frame ID: 8263C3CE8BE7E4ED1D466AF3C3DB83D8
Requests: 1 HTTP requests in this frame

Frame: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EEE82499916800CEDE964AA66E7F99FE
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8E73969FCED88587F36EB77F4421A1C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DADD975A84D1826C9CCD00133600D924
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 3A74DA7187ECD45F8E73A7E4B7EB75A2
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: FDE156A28EFAF223ADB273B8D44A267C
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 1140AAD546EFB26F20B15A6683DCE918
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcU04Y3loRTJ1SjZrdi4yd0lxeU9icnZ5TGxjVkFncH5B
Frame ID: 4C611E3A9FAE92C868488832A13FAB20
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: D06046946C0E76802F4DA5CDBACC8101
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6825988506243253190&ex=appnexus.com
Frame ID: 45D6D521A2320096A26626AF96886FC8
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2866959518845116034902
Frame ID: F10B2F43C024BAD9A1344D0B2D00DF8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCf4NOIBBjd6K__ATAB&v=APEucNWOGKHKa6kDH5ZpM7R-ptCieHKnii0P29lzhq5Wr12CVkFyNjSeEaL9p0dMhh9KnY14J4sFL1uOcO4BubccQLWgiveWQA
Frame ID: 935911BA4875D8BE81FEB291B6B7A90B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6AD5FA71D2FEFCF14FB889BFA45D8978
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/SYD_Water_Dishwasher_HTML5_970x250.html?ev=01_250
Frame ID: F107C4D3192A0BDD841DF2F1E887C8A5
Requests: 5 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: E781FA2EB2FE6A453E0D6FCC6F53BEB2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0C10E377-4130-4FAB-A688-B8BE568CAD10
Frame ID: 3AFDF0B482254DBC9397C337113D152D
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 4367AC0185834F13E709560E2BA215CB
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=
Frame ID: C9F7B3203D82DA28D6BC0C1CA1820866
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 7491D3ED3598677DBC4501CD751282FB
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4af2e288-8435-4a6a-b733-6b9f4962e332&user_group=1&ssp=pubmatic&bsw_param=5d99b166-bfda-46d6-89cc-08284f2dc59d
Frame ID: 56219C64EA9A01BD98B45FC71C0E8D4A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALR1EHPWPhvANWUls0AAAAAAA&expiration=1702487526&nuid=0C10E377-4130-4FAB-A688-B8BE568CAD10&is_secure=true&gdpr_consent=&gdpr=0
Frame ID: 619568B4FAF465BBE5CF336E0CDF6E2E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXiUZQAGbD5MNgBd
Frame ID: 8A3968FB3DCCCE34F53E8CE202EBBE3F
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 135C745A87BB13015E29187215C855F6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0C10E377-4130-4FAB-A688-B8BE568CAD10
Frame ID: 94AF7886B9DDC6299EF26445CBF6A111
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Movie Reviews - The New York Times

Page URL History Show full URLs

  1. http://movies.nytimes.com/movie/237147/Brotherhood-of-the-Wolf/overview HTTP 301
    https://www.nytimes.com/reviews/movies Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

252
Requests

79 %
HTTPS

0 %
IPv6

59
Domains

111
Subdomains

73
IPs

9
Countries

3296 kB
Transfer

8506 kB
Size

128
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://movies.nytimes.com/movie/237147/Brotherhood-of-the-Wolf/overview HTTP 301
    https://www.nytimes.com/reviews/movies Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1702401119321&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1702401119321&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
Request Chain 87
  • https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Request Chain 88
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Request Chain 89
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Request Chain 94
  • https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1513790152 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9c236645-aac5-44ec-acc2-69439e1f016b&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9c236645-aac5-44ec-acc2-69439e1f016b&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JZmJOWmF0RTJ1RjZ2alNNY2hlVnY0dUo5MWExeElrVn5B&gdpr=0&ovsid=9c236645-aac5-44ec-acc2-69439e1f016b&dpid=55953
Request Chain 124
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 133
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3454027212889704000V10
Request Chain 134
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 137
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcU04Y3loRTJ1SjZrdi4yd0lxeU9icnZ5TGxjVkFncH5B
Request Chain 138
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 139
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6825988506243253190&ex=appnexus.com
Request Chain 140
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2866959518845116034902
Request Chain 161
  • https://match.adsrvr.org/track/cmf/openx?oxid=4e666b3c-d849-38d8-5e8b-b758100cc8ec&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWMyMzY2NDUtYWFjNS00NGVjLWFjYzItNjk0MzllMWYwMTZi&gdpr=0&gdpr_consent=&ttd_tdid=9c236645-aac5-44ec-acc2-69439e1f016b HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9c236645-aac5-44ec-acc2-69439e1f016b&google_gid=CAESEEt9fnxdAWyLDb_uHx-Su3M&google_cver=1 HTTP 302
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=9c236645-aac5-44ec-acc2-69439e1f016b&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Request Chain 162
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXiUYsCo8YUAAAv681wAAAAA
Request Chain 163
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbRIWMcX3GJQks8AEDxkC8B3Qs8AAAGMXwOdcQ
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOGFhRF5VgkV_TyO3T98Bo&google_cver=1
Request Chain 166
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXiUYWhCAflCJ.Dm4-LGbAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL0IrPoyGb96VwCSoW-yI8k&google_cver=1&google_hm=2
Request Chain 167
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9c236645-aac5-44ec-acc2-69439e1f016b&expiration=1704993121&gdpr=0&gdpr_consent=
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXiUYWhCAflCJ-Dm4_LGbAAAFNsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHa1c0VnhTbt75lUNn7Q4-k&google_cver=1
Request Chain 171
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGYq07K8SkAABRHtZPEoA&expiration=1703610721
Request Chain 172
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=T5JGdZOhWWx9qO_rLbwWkELLcKE
Request Chain 173
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7b55995c72k9oyp00lq2lo8l6
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEABDbp-Iwxdle1YnaCQkOoY&google_cver=1
Request Chain 179
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXiUYWhCAflCJ.Dm4-LGbAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEABDbp-Iwxdle1YnaCQkOoY&google_cver=1&google_hm=2
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJrUQ91AMy7KHg-gVbPra0U&google_cver=1
Request Chain 181
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgyNTk4ODUwNjI0MzI1MzE5MA%3D%3D
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBDjd0EwT6umiLi-VoytEA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 185
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0C10E377-4130-4FAB-A688-B8BE568CAD10 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0C10E377-4130-4FAB-A688-B8BE568CAD10 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=81aa8fb6-c08a-48e4-9401-14de9cb00f27%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9c236645-aac5-44ec-acc2-69439e1f016b&ttd_puid=81aa8fb6-c08a-48e4-9401-14de9cb00f27%2C%2C
Request Chain 186
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=&ct=y
Request Chain 187
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0C10E377-4130-4FAB-A688-B8BE568CAD10&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0C10E377-4130-4FAB-A688-B8BE568CAD10&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEMxMEUzNzctNDEzMC00RkFCLUE2ODgtQjhCRTU2OENBRDEw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 189
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJB48_5mXeWPTmgSxaJHcT0&google_cver=1
Request Chain 190
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0DB90CB79E914B9489B936A855371254
Request Chain 192
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=
Request Chain 193
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LQ2LO7P9-1W-CLTP HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ2LO7P9-1W-CLTP&ex=d-rubiconproject.com&status=ok
Request Chain 198
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ2LO7P9-1W-CLTP
Request Chain 199
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZzG7wlx5uQ2LEwhZ9AkuAcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MPLX_JpE2oLYHa8H2mx9F7ob5I6hTngpkDZPiA--~A
Request Chain 200
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAp7zGUjgoeNjjuzHlj6tVY&google_cver=1
Request Chain 201
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=&expires=30
Request Chain 202
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQ2LO7P9-1W-CLTP&ex=d-rubiconproject.com&status=ok
Request Chain 203
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEyTE83UDktMVctQ0xUUA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJauUDmuse1VyyEI3i5LRA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyTE83UDktMVctQ0xUUA==&google_push=
Request Chain 204
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4YgAabOXR6i2fMRAH9AaNA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4YgAabOXR6i2fMRAH9AaNA
Request Chain 205
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzA1ZTE1Yzg3ZjU3NDU0NTIyMjZkMDM4MzEyODliMTRkMjY4ZDVjMg
Request Chain 206
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGYq07K8SkAABRHtZPEoA&expires=30
Request Chain 207
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ2LO7P9-1W-CLTP HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ2LO7P9-1W-CLTP HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ2LO7P9-1W-CLTP&ckls=true&ci=9TdHoUEXMW&nc=false&trid=-1347026077
Request Chain 208
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ2LO7P9-1W-CLTP&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQ2LO7P9-1W-CLTP&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 209
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ2LO7P9-1W-CLTP HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQ2LO7P9-1W-CLTP&dnr=1
Request Chain 210
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ2LO7P9-1W-CLTP
Request Chain 211
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ2LO7P9-1W-CLTP
Request Chain 212
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ2LO7P9-1W-CLTP
Request Chain 214
  • https://fw.adsafeprotected.com/rfw/st/1852562/76760880/skeleton.js?adsafe_url=https%3A%2F%2Fwww.nytimes.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.nytimes.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:a68aeadc-84f4-f9bd-a417-6fbfa41129b4,c:wDpZw9,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-cd76977fc-mkfdg,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:1019,mot:0,app:0,maw:0,fm:tYfjC21+11%7C12%7C1311%7C13121%7C13122%7C1313%7C1314%7C1315%7C1316%7C1317%7C1411%7C15%7C16*.1852562-76760880%7C161%7C162%7C163%7C17%7C18,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:1080,oid:907a6d0b-9911-11ee-9e05-62ac634c5508,v:19.8.464,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 229
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=A1cczI681Rd6iE5
Request Chain 230
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=855b41fc-b971-4e2a-9d72-cc82e2530243&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=
Request Chain 231
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0DB90CB79E914B9489B936A855371254
Request Chain 233
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=450c4d13a7b61fa8&is_secure=true&version=1&networkId=57734&gdpr=%24%7BGDPR%7D&gdpr_consent=%24%7BGDPR_CONSENT%7D&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAALPyUwwsMvRgNL1z_SAAAAAAA&expiration=1702487525&is_secure=true&gdpr_consent=${GDPR_CONSENT}&gdpr=${GDPR}
Request Chain 235
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=9c236645-aac5-44ec-acc2-69439e1f016b&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 236
  • https://image8.pubmatic.com/AdServer/ImgSync?p=163427 HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3029515200975040487&gdpr=&gdpr_consent=&us_privacy=
Request Chain 243
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=
Request Chain 244
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6825988506243253190&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7945162027332330560 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 245
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5d99b166-bfda-46d6-89cc-08284f2dc59d HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5d99b166-bfda-46d6-89cc-08284f2dc59d HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4af2e288-8435-4a6a-b733-6b9f4962e332&user_group=1&ssp=pubmatic&bsw_param=5d99b166-bfda-46d6-89cc-08284f2dc59d
Request Chain 246
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0WaxX95nsFLKZrdU1zGrAYUw5FXKNbYG3jACJkV7 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3daa2b0f7ade1fbf&is_secure=true&networkId=17100&version=1&nuid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALR1EHPWPhvANWUls0AAAAAAA&expiration=1702487526&nuid=0C10E377-4130-4FAB-A688-B8BE568CAD10&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 247
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXiUZQAGbD5MNgBd
Request Chain 248
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12omrhl1uoiw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 250
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0C10E377-4130-4FAB-A688-B8BE568CAD10 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDBDMTBFMzc3LTQxMzAtNEZBQi1BNjg4LUI4QkU1NjhDQUQxMBAAGg0I5KjiqwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7fa2f97fb908b6a3d959c3af2d845f9fd4bd6588196876859225858e304ae519791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3ZmEyZjk3ZmI5MDhiNmEzZDk1OWMzYWYyZDg0NWY5ZmQ0YmQ2NTg4MTk2ODc2ODU5MjI1ODU4ZTMwNGFlNTE5NzkxNDI2YjU0MTdkY2UyMRAAGgwI5ajiqwYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3ZmEyZjk3ZmI5MDhiNmEzZDk1OWMzYWYyZDg0NWY5ZmQ0YmQ2NTg4MTk2ODc2ODU5MjI1ODU4ZTMwNGFlNTE5NzkxNDI2YjU0MTdkY2UyMRAAGgwI5ajiqwYSBAgCEABCAEoA&google_gid=CAESEFc6TOvWXPuoJcb67knZTsw&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=72e9f4af-6ad2-4244-9422-977630d0c2a8
Request Chain 251
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C10E377-4130-4FAB-A688-B8BE568CAD10&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nkDUcCNE2uX93jbHX21h9t92WhgUxA8-~A&gdpr=0

252 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request movies
www.nytimes.com/reviews/
Redirect Chain
  • http://movies.nytimes.com/movie/237147/Brotherhood-of-the-Wolf/overview
  • https://www.nytimes.com/reviews/movies
309 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66a4d1ec139ad48e39f57871f592c61130e2d582b991701761ddfda15725fb3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
255
cache-control
s-maxage=600,no-cache
content-encoding
gzip
content-length
71296
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 17:11:58 GMT
last-modified
Tue, 12 Dec 2023 17:04:39 GMT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/reviews/movies
server
nginx
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding, Fastly-SSL
x-api-version
F-F-VI
x-b3-traceid
f5bd69bb36f047368be456b0ce2bfc94
x-cache
HIT, HIT
x-cache-hits
15, 1
x-content-type-options
nosniff
x-frame-options
DENY
x-gdpr
0
x-nyt-app-webview
0
x-nyt-data-last-modified
Tue, 12 Dec 2023 17:04:39 GMT
x-nyt-edge-cache
HIT-HIT
x-nyt-route
vi-collection
x-origin-time
2023-12-12 17:11:55 UTC
x-pagetype
vi-reviews
x-served-by
cache-lga21963-LGA, cache-bfi-kbfi7400031-BFI
x-timer
S1702401118.319935,VS0,VE3
x-xss-protection
1; mode=block

Redirect headers

Accept-Ranges
bytes
Connection
keep-alive
Date
Tue, 12 Dec 2023 17:11:57 GMT
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-bfi-kbfi7400083-BFI
X-Timer
S1702401118.784675,VS0,VE104
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html; charset=iso-8859-1
location
https://www.nytimes.com/reviews/movies
server
envoy
transfer-encoding
chunked
x-API-Version
F-GL
x-envoy-decorator-operation
legacy-www.web-platforms-legacy-www.nyti.nyt.net:443/*
x-envoy-upstream-service-time
67
web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 		60 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 02 Aug 2024 09:34:15 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
11345865
x-guploader-uploadid
ADPycdtCMXL4vj80iPWu7kpoZQQ0rt1uHJuL2YG-ifMT89ZSnzte1jP72s6kC_S-7YOBzsC8Eb8cu5u59qu5pV5E9Af9HQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9868
x-served-by
cache-bfi-kbfi7400031-BFI
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1702401118.487961,VS0,VE0
etag
"b79308aee772cf8921761a4fdb884fe5"
vary
Accept-Encoding
x-goog-generation
1673991774978541
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
9868
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
27372
global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
4772473
x-guploader-uploadid
ADPycdtG_4k8BoasSHVWCt9eK7gdaUwwbg0z92TgUD4LYwC2WzPCHGE2Q_Ghvjh1HUh3bbZdxm_Vy_tBv_8W9KSCFIilEISkYrlL
x-goog-stored-content-encoding
identity
x-origin-time
2022-10-12 15:50:00 UTC
x-served-by
cache-bfi-kbfi7400031-BFI
x-timer
S1702401118.468612,VS0,VE1
etag
"e74f8b7c668251280cf3e52e20455a1c"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1665589250507895
content-type
text/css; charset=utf-8
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
27591
expires
Thu, 12 Oct 2023 15:50:00 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
1968
last-modified
Wed, 12 Oct 2022 15:40:50 GMT
server
UploadServer
x-goog-hash
crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr
0
x-goog-stored-content-length
5656
accept-ranges
bytes
datadog-rum.js
www.datadoghq-browser-agent.com/us1/v4/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.97.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-97-42.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:11:48 GMT
content-encoding
br
via
1.1 a6b70b5c031397eba9646ba0eedbdb86.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:24:57 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
age
11
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
eJ7jsVfhYY9nfOcQifatGgAo_SGWmdsZfI48Li0Iwj3Ei8A9gUIl_g==
adslot-b6fd2aa0a06977376ee4.js
www.nytimes.com/vi-assets/static-assets/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-b6fd2aa0a06977376ee4.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e62ffba5308ed39f8267d444c8b04375caf88e0258d61e1d7ee89f4867178be1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
7120
x-guploader-uploadid
ABPtcPrBMp24w-oF2sQ92G9V3cyScoR_T5m5-lkAk-BIfM-ed5qorMCNFGQ3G0MAYRbFmkT3caxsayNleQ
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-12 15:13:18 UTC
x-served-by
cache-bfi-kbfi7400031-BFI
x-timer
S1702401119.696309,VS0,VE1
etag
"44b4265aadcb0d80eb1c0ee027f7f898"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1702393984339504
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-b6fd2aa0a06977376ee4.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
344
expires
Wed, 11 Dec 2024 15:13:18 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
7971
last-modified
Tue, 12 Dec 2023 15:13:04 GMT
server
UploadServer
x-goog-hash
crc32c=qYC94Q==, md5=RLQmWq3LDYDrHA7gJ/f4mA==
x-gdpr
0
x-goog-stored-content-length
23084
accept-ranges
bytes
kevin2-czpj-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/11/multimedia/kevin2-czpj/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/11/multimedia/kevin2-czpj/kevin2-czpj-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5b351d22312b1d88788135e41f661d7776b43fedffb796d496ec4ee5eec543cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Tue, 12 Dec 2023 16:39:37 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1941
x-guploader-uploadid
ABPtcPr1Ftjqhcb2OzG4LHH6QDDhNB49X5gNTjDEXV8y0I_M3V7DpsYSBaLMkjT1e2tdxi5H17U
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
11078
x-served-by
cache-iad-kjyo7100020-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Mon, 11 Dec 2023 15:35:27 GMT
server
UploadServer
x-timer
S1702401119.620976,VS0,VE1
etag
"4810907492475b45da2c4568da32791e"
x-goog-generation
1702308927441755
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=0AUVAA==, md5=SBCQdJJHW0XaLEVo2jJ5Hg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
11078
x-amz-checksum-crc32c
0AUVAA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
22, 0
07POOR-THINGS-REVIEW-mhqv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/08/multimedia/07POOR-THINGS-REVIEW-mhqv/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/08/multimedia/07POOR-THINGS-REVIEW-mhqv/07POOR-THINGS-REVIEW-mhqv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
704e29a496dffcd529bf0518158c396756abf458723af40bb54273c931c8de65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 08 Dec 2023 14:28:39 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
355399
x-guploader-uploadid
ABPtcPp4cshvHTcHGJTFVEWB09EoIFpv-e8Q69zVO57ubx0qCUvkswT9HJFN65N75KDNVqU8aEQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15492
x-served-by
cache-iad-kiad7000108-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Fri, 08 Dec 2023 14:26:27 GMT
server
UploadServer
x-timer
S1702401119.620814,VS0,VE1
etag
"e0b2f1568d88b5d0cf9c724c92b007e3"
x-goog-generation
1702045587939828
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=ChXH2w==, md5=4LLxVo2ItdDPnHJMkrAH4w==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15492
x-amz-checksum-crc32c
ChXH2w==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
18, 0
07intotheweeds-review-pghm-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/07/multimedia/07intotheweeds-review-pghm/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/07/multimedia/07intotheweeds-review-pghm/07intotheweeds-review-pghm-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6df254c03f837c5b9b44276033af04266c7efc991abd6af3c2cdd4becb653dfa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 12:05:05 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
450414
x-guploader-uploadid
ABPtcPrAsDbN78puXjF2bHHWm3QACF5ohTF838d2dN759AEAAyZ6dxes3Gf4r82LoUKxz-ggZB8
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
10230
x-served-by
cache-iad-kjyo7100136-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 07 Dec 2023 12:00:07 GMT
server
UploadServer
x-timer
S1702401119.695834,VS0,VE1
etag
"caadf83d49da72f15ec59c7683715c9d"
x-goog-generation
1701950407521421
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=y08Jrw==, md5=yq34PUnacvFexZx2g3FcnQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
10230
x-amz-checksum-crc32c
y08Jrw==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 0
07ourson-review-qpcv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/08/multimedia/07ourson-review-qpcv/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/08/multimedia/07ourson-review-qpcv/07ourson-review-qpcv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1cf44638fc3bdd07abd9b6f74f2d77ef8f93ab6d40c7aec55a95b9764b30ab14
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 08 Dec 2023 04:54:44 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
389833
x-guploader-uploadid
ABPtcPrzC1evXqBQZfsYABU5xTdKCkQWmlAumHcmjPYD9KLqaReUEkl8u3NCBoSluqmjtnkFQuLJ8g5ZcA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
16284
x-served-by
cache-iad-kiad7000034-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Fri, 08 Dec 2023 04:54:13 GMT
server
UploadServer
x-timer
S1702401119.695831,VS0,VE2
etag
"5d354adb3c83558805dd7653a28ccfc4"
x-goog-generation
1702011253057779
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=t5cCHg==, md5=XTVK2zyDVYgF3XZToozPxA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
16284
x-amz-checksum-crc32c
t5cCHg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
27, 0
waitress1-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/04/arts/waitress1/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/04/arts/waitress1/waitress1-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6d7b5bbbb9dd319bafc96404c80302a96b5e9025e8fe580d3ef00d7a872e5d27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 12:05:05 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
450413
x-guploader-uploadid
ABPtcPqum5YeycHHGQV2uthKemTgdfINFjfs0jGZxfoxPUdCxw7cNNtvU_Rcl3XZaSphzSKOT0k
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
9943
x-served-by
cache-iad-kcgs7200172-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Mon, 04 Dec 2023 21:10:32 GMT
server
UploadServer
x-timer
S1702401119.695802,VS0,VE1
etag
"940f6560e2f6b31e5a06c0b80f02bd27"
x-goog-generation
1701724231971397
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=I0bvdQ==, md5=lA9lYOL2sx5aBsC4DwK9Jw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
9943
x-amz-checksum-crc32c
I0bvdQ==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 0
concrete1-wpfl-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/04/multimedia/concrete1-wpfl/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/04/multimedia/concrete1-wpfl/concrete1-wpfl-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
87bcf4d71e214d38de6aad272a5f585178805e687ed91aca58533530fe0c678c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 12:05:05 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
450413
x-guploader-uploadid
ABPtcPplitSpvjLCpfUV_nqanVnzUXRNt04CaVQrq8VsDxUIGq6uEaleZirN0jak-vcHQc0xYGc
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
10835
x-served-by
cache-iad-kcgs7200027-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Mon, 04 Dec 2023 22:11:50 GMT
server
UploadServer
x-timer
S1702401119.696301,VS0,VE1
etag
"ef69c7f2fbdee696ed9518fd92259e8b"
x-goog-generation
1701727910479241
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=Bdjcog==, md5=72nH8vve5pbtlRj9kiWeiw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
10835
x-amz-checksum-crc32c
Bdjcog==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 0
totaltrust1-zfvp-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/06/multimedia/totaltrust1-zfvp/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/06/multimedia/totaltrust1-zfvp/totaltrust1-zfvp-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c1b82e758fd230ef611be3a397612d94ded6b2643d22199733db9a1d05d3a361
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 12:05:05 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
450413
x-guploader-uploadid
ABPtcPrrTYZWQmoha9Svv8737NsfNlctJPlDypuNbZ-EQ-rwEMMcSPHxe4zfEWGZM3woiXxWxzQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
9941
x-served-by
cache-iad-kiad7000082-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Wed, 06 Dec 2023 19:14:26 GMT
server
UploadServer
x-timer
S1702401119.770606,VS0,VE1
etag
"e2f9adfd75e04a8159f37c9d2c6bf422"
x-goog-generation
1701890066723627
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=V3IOvg==, md5=4vmt/XXgSoFZ83ydLGv0Ig==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
9941
x-amz-checksum-crc32c
V3IOvg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 0
anselm1-mpqh-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/04/multimedia/anselm1-mpqh/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/04/multimedia/anselm1-mpqh/anselm1-mpqh-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
038b0e2fa00e5a0229b1703e199a5a635621d629dea5c116e65cccaf1d28f192
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 10:12:22 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
457176
x-guploader-uploadid
ABPtcPrmErxIsUvyJpCuMhz8K8fx1irsEf_HyZAkz3ufZwxzXkQnGhimr4UbMkc4D4uULXHwA_g
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
10211
x-served-by
cache-iad-kjyo7100161-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 07 Dec 2023 10:01:30 GMT
server
UploadServer
x-timer
S1702401119.779983,VS0,VE2
etag
"b3c30ece87aa6f19b09b8ef10e2f1765"
x-goog-generation
1701943290936490
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=Qp1NUg==, md5=s8MOzoeqbxmwm47xDi8XZQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
10211
x-amz-checksum-crc32c
Qp1NUg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
43, 0
07origin-review-fbmj-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/08/multimedia/07origin-review-fbmj/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/08/multimedia/07origin-review-fbmj/07origin-review-fbmj-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a17f20bbfa5057cf3aeb81d0c9ee465f8d612a38293fdf6e4a4f97fe3a2bef12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Fri, 08 Dec 2023 04:41:38 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
390620
x-guploader-uploadid
ABPtcPonzC1C04lMZGc_GcMB_2B35C_VKXdzGOrXyNaLG-BbDnu5Hjvek3NiIRjlYepijyVok9U
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15057
x-served-by
cache-iad-kcgs7200140-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Fri, 08 Dec 2023 04:40:06 GMT
server
UploadServer
x-timer
S1702401119.842187,VS0,VE1
etag
"74c6fa2c013c417b5f3f30fecdea83d9"
x-goog-generation
1702010406171668
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=VGf/bg==, md5=dMb6LAE8QXtfPzD+zeqD2Q==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15057
x-amz-checksum-crc32c
VGf/bg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
35, 0
07leavetheworldbehind-2-vpwk-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/07/multimedia/07leavetheworldbehind-2-vpwk/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/07/multimedia/07leavetheworldbehind-2-vpwk/07leavetheworldbehind-2-vpwk-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4a2ff29e2cc3d9c833beb07f7d14d2051a1b16bcce6294d9dc5cafd74be4f8b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 10:12:22 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
457177
x-guploader-uploadid
ABPtcPoNUTQ0i45ylXgf4kuHTwdS097XFa_jk8uqpcYeA0yNyu0YJm2AcxO_J8tF8QrSm-ci6dFeGd916g
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15427
x-served-by
cache-iad-kiad7000119-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Wed, 06 Dec 2023 17:02:52 GMT
server
UploadServer
x-timer
S1702401119.009014,VS0,VE2
etag
"05f73d47f4147617ddf58a889bc9e967"
x-goog-generation
1701882172307736
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=cBmGDA==, md5=Bfc9R/QUdhfd9YqIm8npZw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15427
x-amz-checksum-crc32c
cBmGDA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
44, 1
07ARCHIES-REVIEW-PIX-lzfc-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/08/multimedia/07ARCHIES-REVIEW-PIX-lzfc/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/08/multimedia/07ARCHIES-REVIEW-PIX-lzfc/07ARCHIES-REVIEW-PIX-lzfc-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dee2c2bf669b3d2a92787b7c72f77d03f842499ddde93fdd471466c27ede1eb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 07 Dec 2023 16:44:40 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
433638
x-guploader-uploadid
ABPtcPqCbqbEerkBS5iK8GtMz4LFmPjQFOFbWZNNcmQ39Ymyi-2bxAEGyVCgYpRRJIHksVOPHDTVR7MMsA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12902
x-served-by
cache-iad-kjyo7100077-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 07 Dec 2023 16:44:00 GMT
server
UploadServer
x-timer
S1702401119.013958,VS0,VE1
etag
"e5ec162aaa99ea122d75a31b13e6f43b"
x-goog-generation
1701967439971188
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=p/RdEA==, md5=5ewWKqqZ6hItdaMbE+b0Ow==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12902
x-amz-checksum-crc32c
p/RdEA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 0
05werner-herzog-review-hmqv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/05/multimedia/05werner-herzog-review-hmqv/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/05/multimedia/05werner-herzog-review-hmqv/05werner-herzog-review-hmqv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bf2a2e1214400d052638e4990e3ff758d9f60e08b8d411a3ffb44346679a637d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Tue, 05 Dec 2023 12:08:32 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
18190
x-guploader-uploadid
ABPtcPrY9_31G-49m75qL9Ayr4q6nnJUZaB-iylkV_fEDWuSZ6ZfFsUWQa8jiKUnkveXqAudbg4
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15779
x-served-by
cache-iad-kjyo7100154-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Tue, 05 Dec 2023 12:00:13 GMT
server
UploadServer
x-timer
S1702401119.047587,VS0,VE1
etag
"e7d2c842d61fcdd04a1862933d5e3686"
x-goog-generation
1701777613000163
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=kEfgSw==, md5=59LIQtYfzdBKGGKTPV42hg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15779
x-amz-checksum-crc32c
kEfgSw==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
32, 0
renaissance-2-jkqg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/01/multimedia/renaissance-2-jkqg/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/01/multimedia/renaissance-2-jkqg/renaissance-2-jkqg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
285f2e7f03b0a84bf4100707c1dce09102ff382566438a513774b3a0d5017ab5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Sat, 02 Dec 2023 00:09:49 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
12963
x-guploader-uploadid
ABPtcPpbm8HyUJFOXQ-psXbBry-Ip55Z42Rje2jf-bracZbZFjdT4ouHoYJmHsVoljNwAL_nQqU
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12336
x-served-by
cache-iad-kcgs7200133-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Sat, 02 Dec 2023 00:06:14 GMT
server
UploadServer
x-timer
S1702401119.066486,VS0,VE2
etag
"4b41aafb0f79610243618094b62c9981"
x-goog-generation
1701475574068539
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=WHOznQ==, md5=S0Gq+w95YQJDYYCUtiyZgQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12336
x-amz-checksum-crc32c
WHOznQ==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
30, 0
30syndicaliste-review-cjpf-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/30/multimedia/30syndicaliste-review-cjpf/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/30/multimedia/30syndicaliste-review-cjpf/30syndicaliste-review-cjpf-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8b53ef3431f4d54b21ac676fd38e0a45425ca800c1e0d453bc8f3c3e966b809f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 18:23:44 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
396190
x-guploader-uploadid
ABPtcPqXwnzjnVADKPLTMIhY69IUeGNVc2o_rIpHum5o7xKXhn4NF5SnX1404Ls7GPZ1M9tWSYU
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
14105
x-served-by
cache-iad-kcgs7200164-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 30 Nov 2023 18:17:11 GMT
server
UploadServer
x-timer
S1702401119.131929,VS0,VE1
etag
"7e2b40b16ae40400b233d8689a6c12b2"
x-goog-generation
1701368231422269
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=mjeDZQ==, md5=fitAsWrkBACyM9hommwSsg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
14105
x-amz-checksum-crc32c
mjeDZQ==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
48, 0
29southblackpower-review-zhfc-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/29southblackpower-review-zhfc/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/29southblackpower-review-zhfc/29southblackpower-review-zhfc-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
76e946e2c41355e093b26b984ce6558902c2b53f3235c73ce5e45465fc2645a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 17:05:34 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
432366
x-guploader-uploadid
ABPtcPrjsekvjoY7zP8sLeV0dENv443SBarD5T1FzDPvSHNam13HLNGxRwgBKF2sA7_LJsMbRQg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15470
x-served-by
cache-iad-kcgs7200163-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 30 Nov 2023 16:57:55 GMT
server
UploadServer
x-timer
S1702401119.133322,VS0,VE1
etag
"add4fefae6b27a0d5a6dbbf4564f313a"
x-goog-generation
1701363475005481
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=yK0ydw==, md5=rdT++uayeg1abbv0Vk8xOg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15470
x-amz-checksum-crc32c
yK0ydw==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3632, 0
eileen1-tfpg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/30/multimedia/eileen1-tfpg/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/30/multimedia/eileen1-tfpg/eileen1-tfpg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b154fc6abe114f3ca580758bcd03328f51eb9d3564838bc9575cc547a170db56
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 29 Nov 2023 19:56:57 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
359764
x-guploader-uploadid
ABPtcPoxCOLcvUva7zkcVL3UMG36DrDJMwF-j7Kqwgs3Fvt1yP_7UoHSozNvOlSXHhbmx077hH4
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13706
x-served-by
cache-iad-kcgs7200140-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Tue, 28 Nov 2023 15:18:40 GMT
server
UploadServer
x-timer
S1702401119.254776,VS0,VE1
etag
"04c6749eca9a1772070b4e5d9373487f"
x-goog-generation
1701184720891171
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=GkxJEQ==, md5=BMZ0nsqaF3IHC05dk3NIfw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
13706
x-amz-checksum-crc32c
GkxJEQ==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
36, 0
silentnight1-cbml-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/12/01/multimedia/silentnight1-cbml/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/12/01/multimedia/silentnight1-cbml/silentnight1-cbml-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6ac43e68ea5836f342a79906bb4a50ad83d6abab8ee89de953a8a6f623f9bdf9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:15 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1055444
x-guploader-uploadid
ABPtcPojxatK9-lsuBk_8UwSpUM4Cbl2iq8_N071JjochKAJI6AW6NO5Mp0XA92xTN6sjkebN14
x-cache
HIT, MISS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
11071
x-served-by
cache-iad-kjyo7100042-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 30 Nov 2023 12:00:09 GMT
server
UploadServer
x-timer
S1702401119.263243,VS0,VE63
etag
"c2bf8e237008297742a39ae4e309be23"
x-goog-generation
1701345609229279
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=ZjkpHA==, md5=wr+OI3AIKXdCo5rk4wm+Iw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
11071
x-amz-checksum-crc32c
ZjkpHA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
29072, 0
godzilla1-bjpk-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/godzilla1-bjpk/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/godzilla1-bjpk/godzilla1-bjpk-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5f4f1e81df489f3f780a530efdb335cbe594d4c6104c174d7a3222900ba0f4b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 29 Nov 2023 22:13:10 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
500315
x-guploader-uploadid
ABPtcPonOnyERQOmSOPqHARUr7AnN3R2ZpJjzk_fcz19FkCNJax1aSxbZNRPMcxbGXmvH9r6AQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
14139
x-served-by
cache-iad-kiad7000130-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Wed, 29 Nov 2023 17:47:20 GMT
server
UploadServer
x-timer
S1702401119.271004,VS0,VE1
etag
"5d7fe0a53399cb042c16effed096b94a"
x-goog-generation
1701280040086147
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=5CFucg==, md5=XX/gpTOZywQsFu/+0Ja5Sg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
14139
x-amz-checksum-crc32c
5CFucg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
35, 0
30AMERICAN-SYMPHONY-pix-htlz-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/30/multimedia/30AMERICAN-SYMPHONY-pix-htlz/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/30/multimedia/30AMERICAN-SYMPHONY-pix-htlz/30AMERICAN-SYMPHONY-pix-htlz-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
daa4ac0962ba278be8aa5b9e6d94b4b32c7f9d56e9cf69aabbcaf5b874d50bb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:15 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
450633
x-guploader-uploadid
ABPtcPpGQgMqXQTwmQErhFdAGGNbdAubQTks1jFv5lNucZ8iPVyalivhyyojddp3Upr3OABDFj8
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12335
x-served-by
cache-iad-kiad7000151-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 30 Nov 2023 12:00:05 GMT
server
UploadServer
x-timer
S1702401119.272336,VS0,VE1
etag
"d608bc4591336f72a384e07f0676ef11"
x-goog-generation
1701345605296614
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=p/eU4g==, md5=1gi8RZEzb3KjhOB/BnbvEQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12335
x-amz-checksum-crc32c
p/eU4g==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
34, 0
MAY-DECEMBER-REVIEW-ztkf-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/MAY-DECEMBER-REVIEW-ztkf/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/MAY-DECEMBER-REVIEW-ztkf/MAY-DECEMBER-REVIEW-ztkf-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c97bc6a34b621bdf788b8517c610b84546a94ae5dc63ca12bca410bc56cabaaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:15 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
450633
x-guploader-uploadid
ABPtcPpPesDYYCXALORGSG7eINKmlJUoO4BKbA6HXx3T6U8fQ2LPi9gCgqp7Bh4-M-3zIscHj30
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12497
x-served-by
cache-iad-kcgs7200055-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 30 Nov 2023 12:00:08 GMT
server
UploadServer
x-timer
S1702401119.272979,VS0,VE1
etag
"cc94dbca17a10b347c90ad8a6e1560d2"
x-goog-generation
1701345608195454
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=2m6P4Q==, md5=zJTbyhehCzR8kK2KbhVg0g==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12497
x-amz-checksum-crc32c
2m6P4Q==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
34, 0
whowebecome1-mzqv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/whowebecome1-mzqv/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/whowebecome1-mzqv/whowebecome1-mzqv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3f7f6c5ca73e0ea765589cb559c1ac72908b05004a5805cc9face54eb1d89d6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:15 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
450633
x-guploader-uploadid
ABPtcPrS7u5rLCCBVJ_ZS8elkHy2qvgYd5K5Jf2gGdmr1IRgf4l3DnFzsfBxmdXcTqKMz8DKYLvGeJdlhg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13529
x-served-by
cache-iad-kjyo7100066-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Wed, 29 Nov 2023 15:58:12 GMT
server
UploadServer
x-timer
S1702401119.275901,VS0,VE1
etag
"a8a335cc41591f5710d99b2706a2f03d"
x-goog-generation
1701273492796344
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=Xw0e3A==, md5=qKM1zEFZH1cQ2ZsnBqLwPQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
13529
x-amz-checksum-crc32c
Xw0e3A==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
34, 0
sweeteast1-zwkt-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/sweeteast1-zwkt/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/sweeteast1-zwkt/sweeteast1-zwkt-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0132703d78380e865750ae1766b6c0dc52a12744d86ec104c6e62f55e37b3abd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:16 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
445570
x-guploader-uploadid
ABPtcPpeCDOMeI5y0bY4liPmNqEnSe4vMw5qhsKjUjpF_2uM5wlQyBeaB0LNokqLoeHzZ2o5AIE
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
9803
x-served-by
cache-iad-kiad7000072-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Wed, 29 Nov 2023 17:03:35 GMT
server
UploadServer
x-timer
S1702401119.395836,VS0,VE1
etag
"b29777441616c73ed3869ac8dbfe850d"
x-goog-generation
1701277415719562
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=/8iVmA==, md5=spd3RBYWxz7ThprI2/6FDQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
9803
x-amz-checksum-crc32c
/8iVmA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
34, 0
badpress1-gmpv-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/badpress1-gmpv/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/badpress1-gmpv/badpress1-gmpv-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
96da56b9234149ef5651f6257fa372471d8637d97e24e3d1d70e24df80598a42
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 12:01:16 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
359764
x-guploader-uploadid
ABPtcPrTCUp9C6gG-PTR100ZigPQ0WjkwkqDoG7VHQIqgp_mMBTI9izUIbVye_orAgCW0yTkExE
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
10357
x-served-by
cache-iad-kcgs7200140-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Wed, 29 Nov 2023 19:53:06 GMT
server
UploadServer
x-timer
S1702401119.411976,VS0,VE2
etag
"77662ed988ce1d3f7c598e9ca2d2c1c3"
x-goog-generation
1701287586498398
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=sCyq4w==, md5=d2Yu2YjOHT98WY6cotLBww==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
10357
x-amz-checksum-crc32c
sCyq4w==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
34, 0
29FAMIKLY-SWITCH-REVIEW-pix-mlpg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/29/multimedia/29FAMIKLY-SWITCH-REVIEW-pix-mlpg/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/29/multimedia/29FAMIKLY-SWITCH-REVIEW-pix-mlpg/29FAMIKLY-SWITCH-REVIEW-pix-mlpg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
dc1d90421ae9ef59c90961bbe87b3067254e05bc7bed6ae8683e450fe7b06a4a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 30 Nov 2023 04:13:13 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
478717
x-guploader-uploadid
ABPtcPoV1C5i8AD2yTDMmsZDuRE3f_A-WrZP-q27XsLtSN1hEdIEsxGndWyCCiMSoRWtJzHUycY
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
20462
x-served-by
cache-iad-kjyo7100150-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 30 Nov 2023 04:11:04 GMT
server
UploadServer
x-timer
S1702401119.413812,VS0,VE1
etag
"c54f9fd47ccd28785d24f81538ceaa73"
x-goog-generation
1701317464593832
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=P4tqhg==, md5=xU+f1HzNKHhdJPgVOM6qcw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
20462
x-amz-checksum-crc32c
P4tqhg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
30, 0
23smokesauna-review-zmpg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/23/multimedia/23smokesauna-review-zmpg/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/23/multimedia/23smokesauna-review-zmpg/23smokesauna-review-zmpg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6ddc63a229a8099f2ba20fd1afc235ee0dc6feb4eca5d5b062fa8637bd33a455
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 12:04:30 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
531330
x-guploader-uploadid
ABPtcPqXqpgXXf6Pu2QMjfr0JFGlQ5Gi2UIMoyq1mRrd5HSy-YiHEGwVnKytK5ZIYrq2Mj65WePRcfoEug
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
7622
x-served-by
cache-iad-kjyo7100137-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 23 Nov 2023 12:00:08 GMT
server
UploadServer
x-timer
S1702401119.413884,VS0,VE1
etag
"2fa03734ac6b55fa0e1839ee15890db6"
x-goog-generation
1700740808421800
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=sUGHeg==, md5=L6A3NKxrVfoOGDnuFYkNtg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
7622
x-amz-checksum-crc32c
sUGHeg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
45, 0
23against1-jlvz-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/24/multimedia/23against1-jlvz/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/24/multimedia/23against1-jlvz/23against1-jlvz-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8f15d98f79fbe164f176ab67f494bc053de52751a8cb4253ae5357913913d92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 12:04:30 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
21481
x-guploader-uploadid
ABPtcPo4BDBGa38Si7WOXdEnv-FNmsV6EMSgG6yorb4n9S4GEPQqPGHXucLol9s6fdW_UwxZQ_Y
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
16153
x-served-by
cache-iad-kcgs7200165-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 23 Nov 2023 12:00:05 GMT
server
UploadServer
x-timer
S1702401119.417164,VS0,VE1
etag
"8783d05f1bf7c842d69e99e912cbf67c"
x-goog-generation
1700740805080884
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=XwoEww==, md5=h4PQXxv3yELWnpnpEsv2fA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
16153
x-amz-checksum-crc32c
XwoEww==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
46, 0
23frybread1-wzvh-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/24/multimedia/23frybread1-wzvh/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/24/multimedia/23frybread1-wzvh/23frybread1-wzvh-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3aadfe219dcb558e321a797516f4b2a58d1a224ba083f6b54f66ed43db7ba042
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 12:04:30 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
450414
x-guploader-uploadid
ABPtcPoEEz82bUjCukMxoLcCLPE64HsX5mnB9p6ilKkwqDwRACXTTGyugWZ-RHsyAX5l0jqtYA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
16315
x-served-by
cache-iad-kiad7000022-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 23 Nov 2023 12:00:04 GMT
server
UploadServer
x-timer
S1702401119.466288,VS0,VE1
etag
"78e614a8a2ca71eba919fe6e85b1b22c"
x-goog-generation
1700740804275521
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=5ycbuA==, md5=eOYUqKLKceupGf5uhbGyLA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
16315
x-amz-checksum-crc32c
5ycbuA==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
45, 0
22napoleon-review-ptkg-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/22/multimedia/22napoleon-review-ptkg/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/22/multimedia/22napoleon-review-ptkg/22napoleon-review-ptkg-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5b750ad75528313992ee4ce406d00306b1697afe1ff0a189529d7f7a479f3e08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 22:55:25 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
497712
x-guploader-uploadid
ABPtcPoc1lxj3WiVrHGNb9_Q58dDwTZ8Sca_guuSqJgNVdjr5wpf0EiEDXXEU0VDJrW3TDckoJY
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
13634
x-served-by
cache-iad-kcgs7200023-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Wed, 22 Nov 2023 22:52:54 GMT
server
UploadServer
x-timer
S1702401120.537060,VS0,VE4
etag
"26498c34d835a40d81a831d8bb66ef95"
x-goog-generation
1700693574609468
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=6z5y0g==, md5=JkmMNNg1pA2BqDHYu2bvlQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
13634
x-amz-checksum-crc32c
6z5y0g==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6, 0
menu-plaisir-review-kghc-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/22/multimedia/menu-plaisir-review-kghc/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/22/multimedia/menu-plaisir-review-kghc/menu-plaisir-review-kghc-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
55c1c58d71465846b68c38303b47228dd7c2b44b9126a3a52008187af6229b5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 22 Nov 2023 19:01:31 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
511809
x-guploader-uploadid
ABPtcPpwXuGPLA4ymlZliizZSI0Z_aLB4mWTmifjQfBr8y9MGU1T_cRLULzSmS_1BWBMgRaz_K4
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12671
x-served-by
cache-iad-kcgs7200131-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Wed, 22 Nov 2023 18:59:36 GMT
server
UploadServer
x-timer
S1702401120.553000,VS0,VE1
etag
"77c0c26a74d06319a0897c05dca82c6e"
x-goog-generation
1700679576482192
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=GWAH+Q==, md5=d8DCanTQYxmgiXwF3Kgsbg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12671
x-amz-checksum-crc32c
GWAH+Q==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17, 0
22monster-review-cmbl-mediumThreeByTwo210.jpg
static01.nyt.com/images/2023/11/24/multimedia/22monster-review-cmbl/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01.nyt.com/images/2023/11/24/multimedia/22monster-review-cmbl/22monster-review-cmbl-mediumThreeByTwo210.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b3bdf64ab3c7970c3e968d6bad647be95e6c8d83d52de3996a2d0abe91043854
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 21:43:50 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
415681
x-guploader-uploadid
ABPtcPokfzMNeapMY1fR3RtDG4D35mcJBWAULTzzxJhEu6_DtztTtS5364ky7pjQKNqzc3U9QOo
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
14262
x-served-by
cache-iad-kjyo7100086-IAD, cache-bfi-kbfi7400031-BFI
last-modified
Thu, 23 Nov 2023 21:41:31 GMT
server
UploadServer
x-timer
S1702401120.554579,VS0,VE1
etag
"e862e9a52f0b146bd73d8a1a09eb1e63"
x-goog-generation
1700775691324962
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=DmWVEg==, md5=6GLppS8LFGvXPYoaCeseYw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
14262
x-amz-checksum-crc32c
DmWVEg==
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7, 0
vendor-7799bfe3d9a78d57c093.js
www.nytimes.com/vi-assets/static-assets/ 		173 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3459a86a1a5a0ebefc38ba347c8eee86838664553d2732a9f0d75d9b474bab72
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1277869
x-guploader-uploadid
ABPtcPrJvvr65vmM7N99VGE-_vf8jIItSQHeaJV0sXfFl_aaPQwZHmlx1gKM3WuWR5Gry1cpcWy4UOS3hg
x-goog-stored-content-encoding
identity
x-origin-time
2023-11-27 22:14:08 UTC
x-served-by
cache-bfi-kbfi7400031-BFI
x-timer
S1702401119.696298,VS0,VE1
etag
"b5e3f2c1b76554752bb8d61689b81dc5"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1701122630852416
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
16969
expires
Tue, 26 Nov 2024 22:14:08 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
50434
last-modified
Mon, 27 Nov 2023 22:03:51 GMT
server
UploadServer
x-goog-hash
crc32c=DUs3dw==, md5=tePywbdlVHUruNYWibgdxQ==
x-gdpr
0
x-goog-stored-content-length
176881
accept-ranges
bytes
reviews-25c4831910ec22e89f1d.js
www.nytimes.com/vi-assets/static-assets/ 		148 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/reviews-25c4831910ec22e89f1d.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4cf6a4c9a640b9ac4ab7992db4914c018e8040c5583a33726f44bc29f68954d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
7100
x-guploader-uploadid
ABPtcPr0i1zPlRMCJo-zA7OYbJqtmoLhCjgV8xQnArt6TFU5ks7UUUsnw6s8IlsDilTia-AsWBSTvOORvw
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-12 15:13:38 UTC
x-served-by
cache-bfi-kbfi7400031-BFI
x-timer
S1702401119.696275,VS0,VE1
etag
"c725f6ebf368a706e04c899d83de10e3"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1702393986260608
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/reviews-25c4831910ec22e89f1d.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
137
expires
Wed, 11 Dec 2024 15:13:38 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
39256
last-modified
Tue, 12 Dec 2023 15:13:06 GMT
server
UploadServer
x-goog-hash
crc32c=CDgebA==, md5=xyX26/NopwbgTImdg94Q4w==
x-gdpr
0
x-goog-stored-content-length
151261
accept-ranges
bytes
main-9b8cb56b83c9472a40e8.js
www.nytimes.com/vi-assets/static-assets/ 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-9b8cb56b83c9472a40e8.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1eddd4a8e44ddfa3f5f5aaae7e67df0ae12b8585dd27f8fef6268244ee21c50c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
5284
x-guploader-uploadid
ABPtcPpKYLhLStacTPD_k-yV_jputTxedzKOUEdf0ebruxm7I8qf9G3bwhCfiPzMmuAHaD7SeI-Mk-X0Rg
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-12 15:43:55 UTC
x-served-by
cache-bfi-kbfi7400031-BFI
x-timer
S1702401119.696253,VS0,VE1
etag
"d2907c383687eb416c337a50e2dd2b84"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1702395503560796
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-9b8cb56b83c9472a40e8.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
250
expires
Wed, 11 Dec 2024 15:43:55 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
515591
last-modified
Tue, 12 Dec 2023 15:38:23 GMT
server
UploadServer
x-goog-hash
crc32c=MVISsA==, md5=0pB8ODaH60FsM3pQ4t0rhA==
x-gdpr
0
x-goog-stored-content-length
1813015
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		444 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
619941443030f85fe94c95469ef06ecc55642fdab86d48ea451c7cfdac26a100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:11:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123542
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
183
content-length
0
date
Tue, 12 Dec 2023 17:11:59 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
43
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
48
x-nyt-audience-target-flat
NA:PM
x-nyt-continent
NA
x-nyt-country
US
x-nyt-edge-cache
HIT
x-nyt-meridiem
PM
x-nyt-region
DE
x-samizdat-query-exe-id
bb89977545409f93
x-samizdat-query-field-errors
0
x-served-by
cache-bfi-krnt7300088-BFI
x-timer
S1702401119.109348,VS0,VE1
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
v2
samizdat-graphql.nytimes.com/graphql/ 		149 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
0
age
0
x-samizdat-query-field-errors
0
x-samizdat-query-cache
H
x-samizdat-query-exe-id
db9ffd4f217ac440
samizdat-x-canary
false
x-served-by
cache-bfi-kbfi7400031-BFI
x-graphiti-gateway
411667ba
x-nyt-country
US
x-timer
S1702401119.263515,VS0,VE130
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
DE
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
NA:PM
x-nyt-edge-cache
MISS
x-samizdat-query-op-id
project-vi.v2.UserQuery
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 12 Dec 2023 17:11:59 GMT
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
ca826eb1
x-envoy-upstream-service-time
119
x-samizdat-query-personalized
content-length
125
last-modified
Tue, 12 Dec 2023 17:11:59 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1, 1
x-samizdat-query-surrogates-size
0
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
als
als-svc.nytimes.com/ 		307 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://als-svc.nytimes.com/als?url=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&typ=&prop=nyt&plat=web
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.112.118.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-118-45.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e7a31e9cd83fdacdc10fd448945aad36c523d1850db861bf6bc5118812dd9422
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 google
content-encoding
gzip
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
als-svc.nytimes.com:443/*
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
64
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
grumi-ip.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d05ae9b253cab83099387db0d3a4ec1c2be203c3738e2dcb74927c1fd6bc626

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:40:30 GMT
x-amz-version-id
hqOVgn0HjZQPcs0LFfvBLxiyjrh2UzkI
content-encoding
br
last-modified
Sun, 10 Dec 2023 11:33:19 GMT
server
AmazonS3
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
etag
W/"8a0c1c442967d757a46b3bb7a75ef66d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
1890
x-amz-cf-id
kOkFkGTe69BvFAnok-KkvUBRavOvKoicYHGjAXiYow3eL0JcygTciQ==
apstag.js
c.amazon-adsystem.com/aax2/ 		282 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.113.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-113-158.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:30:21 GMT
content-encoding
gzip
via
1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront), 1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
last-modified
Mon, 11 Dec 2023 20:35:29 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2, SYD62-P2
age
2498
etag
W/"bab82e5d8801f394c1ef53a45dc29542"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
6O4uS-137JOexaGEJST5PEPPw0u6Q3_k24hvToAHLDRMUqCuMivFYA==
prebid8.25.0.js
www.nytimes.com/ads/ 		315 KB
317 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/ads/prebid8.25.0.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid
ABPtcPpkUA23enhagahi78vmDKCGi2y0EBORZC4DUuDXpVRdMGgLzBdk50wvzTLfDgEJQWuLnQ
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-12 17:11:58 UTC
x-served-by
cache-bfi-kbfi7400031-BFI
x-timer
S1702401119.759185,VS0,VE67
etag
"78c86859abaee40f233a9a8c96540124"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1701363099682984
content-type
text/javascript
access-control-allow-origin
*
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.25.0.js
x-nyt-route
ads-static-assets
cache-control
private, max-age=0
x-nyt-app-webview
0
x-nyt-edge-cache
MISS
x-amz-checksum-crc32c
b1VVOA==
x-cache-hits
0
expires
Tue, 12 Dec 2023 17:11:58 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
MISS
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
content-length
322837
last-modified
Thu, 30 Nov 2023 16:51:39 GMT
server
UploadServer
x-goog-hash
crc32c=b1VVOA==, md5=eMhoWauu5A8jOpqMllQBJA==
x-gdpr
0
x-goog-stored-content-length
322837
accept-ranges
bytes
franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:50:34 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20388065
x-guploader-uploadid
ADPycdut3exAeyJLMLnswh26VG_z-3M2nKY2tEoMO3m5ajEsHicy7BgEytOCEe9i2EV840chuMS_dfmjE9FqWPHkU2Thkg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20276
x-served-by
cache-bne12525-BNE
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1702401119.686167,VS0,VE0
etag
"91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation
1650460180610251
x-goog-hash
crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
14636
karnak-normal-400.b2143e2f1890f4d516078da14aebab03.woff2
g1.nyt.com/fonts/family/karnak/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/karnak/karnak-normal-400.b2143e2f1890f4d516078da14aebab03.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cf270229e004cc9e09e49f17fd5f5de7b0785b9352875f7f9ce4338837b491dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Tue, 24 Sep 2024 18:44:42 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
6733635
x-guploader-uploadid
ADPycdsnLOusDVNjLomR7SF3pqAglHqhy54H1NW4qrJdW8R19yv0ljPckPjhlA1Ffz9AsD3nZSg1of-mgezKbOBjHrKfQg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27004
x-served-by
cache-bne12525-BNE
last-modified
Tue, 17 Jan 2023 21:42:57 GMT
server
UploadServer
x-timer
S1702401119.686393,VS0,VE0
etag
"b2143e2f1890f4d516078da14aebab03"
x-goog-generation
1673991777104472
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=3pdvdA==, md5=shQ+LxiQ9NUWB42hSuurAw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
27004
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
26
karnak-normal-900.7552fe3fdd9952aeda91e6c5a2adc59f.woff2
g1.nyt.com/fonts/family/karnak/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/karnak/karnak-normal-900.7552fe3fdd9952aeda91e6c5a2adc59f.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1fe37d55e6324e8660e627fdf1cd545c9a84f80963bc07f3a564434043650a09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Tue, 02 Jul 2024 15:21:58 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
14003400
x-guploader-uploadid
ADPycduE5tK1NJEhNjkxSbe9NBpQPMqTGmNiGR_0oNAbnwmDkMMIRPaLVp8-vUXGbunJq7Ck-kVGSJj6WqLunf55YfrgMDPw0pJ3
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
21288
x-served-by
cache-bne12525-BNE
last-modified
Tue, 17 Jan 2023 21:42:57 GMT
server
UploadServer
x-timer
S1702401119.686707,VS0,VE0
etag
"7552fe3fdd9952aeda91e6c5a2adc59f"
x-goog-generation
1673991777178724
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=5QA+9Q==, md5=dVL+P92ZUq7akebFoq3Fnw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
21288
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
2370
cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Wed, 08 Jun 2022 11:21:56 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
16177801
x-guploader-uploadid
ABg5-Uzj2l_Q2AYc7g5xp4Sq9mPJtACHNCFnIHoVsYjoNP3OH3fWlQbNBVAXLLbdKqLzFfOM2Frc5eIm2Esrj_FSefs
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
29076
x-served-by
cache-bne12525-BNE
last-modified
Tue, 06 Apr 2021 21:11:52 GMT
server
UploadServer
x-timer
S1702401119.686730,VS0,VE0
etag
"a3ed7afe3eaa0a873f3fbd379f8c491b"
x-goog-generation
1617743511931481
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
29076
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
7788
franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:52:03 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20387988
x-guploader-uploadid
ADPycdsXwgys8aj3ZPmvtiOu0IVs0bwyR9UOKUCwDGJ8cCoGlhRrbTjJjb1VhDZfiwaE6JvaXa9frs9HrbF4CkPhRrU3eA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19816
x-served-by
cache-bne12525-BNE
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1702401119.686717,VS0,VE0
etag
"0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation
1650460180561781
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
19816
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
14991
franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 20 Apr 2023 17:50:38 GMT
date
Tue, 12 Dec 2023 17:11:58 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20388064
x-guploader-uploadid
ADPycdvy3vW2MEIK2pYaeqEu4pYI8dH48bioj10UGt9GP4pErjyahIEBRdwpNgaC4K2VO8jV2kWxEs4hQ6opEaH4LKzqBg
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20136
x-served-by
cache-bne12525-BNE
last-modified
Wed, 20 Apr 2022 13:09:40 GMT
server
UploadServer
x-timer
S1702401119.686399,VS0,VE0
etag
"a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation
1650460180541296
x-goog-hash
crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20136
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
12288
3030
config.aps.amazon-adsystem.com/configs/ 		714 B
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3030
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-56.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
3f770f537145bf6ca53f22706f1befe600243936bd5eb48eb4b18456cfca5fb3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:43:42 GMT
via
1.1 3468af8a053b0ff241626aed87444af8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD62-P2
age
1696
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
714
x-amz-cf-id
rZfIa5iDvf2lqOH0d9Y1uWrIFxoRMlzUSLc6t5RkDKgU2PZ3iQm-NQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fwww.nytimes.com
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.113.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-113-158.syd62.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:59:36 GMT
via
1.1 8008f773a176223da2278b5cb39f91fa.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
age
7941
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
XX4w9OysDnZ1iu7POR9dHA2ynuqo0U3AM3Lo_acb2f4zZqbkIFxcpg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.113.158 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-113-158.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 21:16:42 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
71717
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
EMGxUnpmLmN3h9rk9vm4Ni30hmmxvUGr0GKdWXvdPKaId4jnT-Qnag==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-b6fd2aa0a06977376ee4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
b88234418e03da5eeb6e8c06d602609c727f514cb2776789e473f60797171d52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:11:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29083
x-xss-protection
0
server
cafe
etag
863 / 19703 / m202312060101 / config-hash: 11945328006728168793
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:11:59 GMT
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame 4267 		267 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66526060b2ec171583eb8573415c1e2b455d38eef0e031cc740969d9378fe829

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:40:29 GMT
x-amz-version-id
frmSGdd9O44e5JrreLBI6hRMO3KBheRk
content-encoding
br
last-modified
Tue, 12 Dec 2023 16:20:07 GMT
server
AmazonS3
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
etag
W/"1bd9041a343233c9683190238524337e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1891
x-amz-cf-id
h8CdvWhEATJdS1-AuB75amt8P5pcl_-ISzHrEP7rTFqCIHR928Il_g==
vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-3c9fe90542175afafd75.js
www.nytimes.com/vi-assets/static-assets/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-3c9fe90542175afafd75.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f8018ac0d5ade5c992dccb83915d04af94d42283dadbe071b57f058c27d126ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
85602
x-guploader-uploadid
ABPtcPqTE-Ofhn-zP0rlocrA5j2veibohdXvaE3j-4N7qben2LdeTtqLOvCpChFpwbIweCxSuYo
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-11 17:25:17 UTC
x-served-by
cache-bfi-kbfi7400031-BFI
x-timer
S1702401119.321204,VS0,VE1
etag
"7fc801944914d461ed548dbdb2411530"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1702315451217140
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-3c9fe90542175afafd75.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
1770
expires
Tue, 10 Dec 2024 17:25:17 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
9822
last-modified
Mon, 11 Dec 2023 17:24:11 GMT
server
UploadServer
x-goog-hash
crc32c=j1VBkQ==, md5=f8gBlEkU1GHtVI29skEVMA==
x-gdpr
0
x-goog-stored-content-length
48898
accept-ranges
bytes
vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-2f7af4c60b77d8902d32.js
www.nytimes.com/vi-assets/static-assets/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-2f7af4c60b77d8902d32.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
75280955376c17fe081475abcf3c5d154a4710e2cdd23a5197a84104b61c7a9d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
7120
x-guploader-uploadid
ABPtcPoCfrtty4X3OFXagBJjpIUFGSh2R2o4SZvjJOvaW8YeMdhBT_cglOTV2AqnKfz-SlKMhtw
x-goog-stored-content-encoding
identity
x-origin-time
2023-12-12 15:13:20 UTC
x-served-by
cache-bfi-kbfi7400031-BFI
x-timer
S1702401119.321576,VS0,VE1
etag
"805eab98dce69836da335f7f1a29b0c9"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1702393986423766
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-2f7af4c60b77d8902d32.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
234
expires
Wed, 11 Dec 2024 15:13:19 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
14352
last-modified
Tue, 12 Dec 2023 15:13:06 GMT
server
UploadServer
x-goog-hash
crc32c=gWMvZw==, md5=gF6rmNzmmDbaM19/GimwyQ==
x-gdpr
0
x-goog-stored-content-length
46798
accept-ranges
bytes
markets~reviews~timeswire~your-list-73b748233a82766dde97.js
www.nytimes.com/vi-assets/static-assets/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nytimes.com/vi-assets/static-assets/markets~reviews~timeswire~your-list-73b748233a82766dde97.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e77556be87322bade8e837ccfae45cd8e787d9edef78dc03bf5ae7bac8607819
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
1287121
x-guploader-uploadid
ABPtcPrjeE9KRJ1LKMJ0M3-5rpQSijrT4oii-slvK6cg3hIumXwzUBlMT1F5AI0QNuXhmVq8iYA
x-goog-stored-content-encoding
identity
x-origin-time
2023-11-27 19:39:58 UTC
x-served-by
cache-bfi-kbfi7400031-BFI
x-timer
S1702401119.321533,VS0,VE1
etag
"7dd251c2d0c0f0c8cc22d062e5de2d6a"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1701113982218003
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/markets~reviews~timeswire~your-list-73b748233a82766dde97.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
5162
expires
Tue, 26 Nov 2024 19:39:58 GMT
date
Tue, 12 Dec 2023 17:11:59 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
8000
last-modified
Mon, 27 Nov 2023 19:39:42 GMT
server
UploadServer
x-goog-hash
crc32c=/gV5/Q==, md5=fdJRwtDA8MjMItBi5d4tag==
x-gdpr
0
x-goog-stored-content-length
24203
accept-ranges
bytes
gtm.js
www.googletagmanager.com/ 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
36ee62cca7aa433c508adb8f937a5e1b73234257638e4297461d777f86fe8afc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:11:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63349
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Dec 2023 17:11:59 GMT
tags.js
dd.nytimes.com/ 		147 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-120.syd1.r.cloudfront.net
Software
Apache /
Resource Hash
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 2d39749f0342007f9798eeb0800f8a0e.cloudfront.net (CloudFront)
date
Tue, 12 Dec 2023 16:57:27 GMT
x-amz-cf-pop
SYD1-C1
age
872
x-cache
Hit from cloudfront
content-length
27331
last-modified
Wed, 29 Nov 2023 13:37:06 GMT
server
Apache
etag
"24cd6-60b4aa18fa3ca-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
qPzqCY89uWjHCsfEYmoMxXmtCmw1NIxlE7k--afPA9h5XsW0tT4znA==
expires
Tue, 12 Dec 2023 17:57:27 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1702401119321&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1702401119321&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1702401119321&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Server
18.67.111.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-52.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P2
x-amz-cf-id
o51fBoPan1L0OkoCKMxPeyxK2FDbmq1KomarW_YAt_1nrSiHfIdl5A==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3005403&ns__t=1702401119321&ns_c=UTF-8&c8=Movie%20Reviews%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&c9=
content-length
0
x-amz-cf-id
_prgMfWtm5FsucWo3LOPC-j2XG7G3HzFglerTkkdGzjhHS_1XoDm7w==
prebidjs
rtb.openx.net/openrtbb/ 		53 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
7a01cec0fb3e7942142ff603214c2b4a107d084890618c6f4bd76af16d5bafa4

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 12 Dec 2023 17:11:59 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ed3fa5a98ddcb53d94a85530724f550300837c3c6a4a0595920f34ad0c2097b6

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:11:58 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 17:11:59 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
549 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=995821
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd525284112f344f5691447c129f249cf806916e594472a64848c21cac1d85c6

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:11:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tI3jAsHkGdwGE%2FB6CHvFDiqzaVt79QgooXrwu1Ywx5SeqaxZfqRLCqX8FAIIkk8oTT7n4568%2BClMOS4%2Bi2Xpl24xuZaEz%2Bedq4v8BjHnUeZeYgyZHDEYuGzGnmH6xisIw5PKEkgf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
834796f42f77a93b-SYD
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ 		0
113 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.nytimes.com
date
Tue, 12 Dec 2023 17:12:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		361 B
924 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
136dcb31043beb0b95b9c89fc057eb33af980177865a959f92e697ac7a7c8d78
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:11:59 GMT
an-x-request-uuid
edbe06fc-1c47-4981-a72a-3061658eb0c0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
66.203.112.161; 66.203.112.161; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
361
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
790 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.25.0&referrer=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&tmax=10000
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.251.55.122 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-55-122.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:11:59 GMT
accept-ch
sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme
x-auction-status
12, 12, 12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		359 B
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=15&p_pos=atf&rf=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&kw=moviereview%2CNewYorkmovies%2CNYmovies%2CBrooklynmovies%2CManhattanmoviessearch&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&tg_i.invCode=nyt_movies_top&tg_i.pbadslot=top&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=2634ae74802b631&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.40175121064208663
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6d6c132acf75a3a1c8a16643582f26704523badbf97381455252c0a4fd38e636

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
359
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		361 B
694 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&kw=moviereview%2CNewYorkmovies%2CNYmovies%2CBrooklynmovies%2CManhattanmoviessearch&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&tg_i.invCode=nyt_movies_mid1&tg_i.pbadslot=mid1&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=27456583f5378cd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.1584547788932844
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4439bb25479700274d60dc82ad93759b1aa270517358eacf8ad61526519a8278

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
361
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		361 B
868 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=15&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&kw=moviereview%2CNewYorkmovies%2CNYmovies%2CBrooklynmovies%2CManhattanmoviessearch&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&tg_i.invCode=nyt_movies_mid2&tg_i.pbadslot=mid2&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=2848d7a87238cfe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.9220722477286833
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1a5c9a9466a08d39f5b0bf9f6dd838103829a5c991a4dddddcd65ce1a33365bf

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
361
expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
595
content-length
0
date
Tue, 12 Dec 2023 17:11:59 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
67
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
56
x-nyt-audience-target-flat
NA:PM
x-nyt-continent
NA
x-nyt-country
US
x-nyt-edge-cache
HIT
x-nyt-meridiem
PM
x-nyt-region
DE
x-samizdat-query-exe-id
aa0d4c0e0d4a5f59
x-samizdat-query-field-errors
0
x-served-by
cache-bfi-krnt7300088-BFI
x-timer
S1702401120.584937,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ 		12 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
27fa460085eee44b1379209277e8317ca1b659073697b4f21b793c5c6cc10dad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-AU,en;q=0.9
x-nyt-entitlements
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
x-nyt-programming-abtest
nyt-app-type
project-vi
Content-Type
application/json
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
x-nyt-news-tenure
x-nyt-internal-meter-override

Response headers

content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
0
x-nyt-pass-reason
PRVT
x-samizdat-query-field-errors
0
x-samizdat-query-cache
M
x-samizdat-query-exe-id
023958e310fed782
samizdat-x-canary
false
x-served-by
cache-bfi-kbfi7400031-BFI
x-graphiti-gateway
411667ba
x-nyt-country
US
x-timer
S1702401120.740384,VS0,VE451
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
DE
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
private, no-store
x-nyt-audience-target-flat
NA:PM
x-nyt-edge-cache
MISS
x-samizdat-query-op-id
project-vi.v2.getMessageSelection
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 12 Dec 2023 17:12:00 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
d11901cd
x-envoy-upstream-service-time
441
x-samizdat-query-personalized
p
last-modified
Tue, 12 Dec 2023 17:11:59 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1
x-samizdat-query-surrogates-size
0
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
purr-cache
purr.nytimes.com/v1/ 		0
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://purr.nytimes.com/v1/purr-cache
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 google
x-envoy-decorator-operation
purr.nytimes.com:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
server
envoy
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
ef113b7231865325c526ed57c006c8fa
access-control-allow-credentials
true
x-envoy-upstream-service-time
90
content-length
0
data-layer
a.nytimes.com/svc/nyt/ 		999 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&caller_id=nyt-vi&jkcb=1702401119519&referrer=&sourceApp=nyt-vi
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.14.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-14-255.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
9cbbc9595c107756d2886220e616c1789517f513ddd830ee9bc191187ea43296
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-nyti-upstream
gke
date
Tue, 12 Dec 2023 17:11:59 GMT
x-envoy-decorator-operation
a.nytimes.com:443/*
via
1.1 google
strict-transport-security
max-age=63072000; preload; includeSubdomains
content-encoding
gzip
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
98
access-control-allow-headers
Content-Type, x-requested-by
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 14:14:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
10664
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 11 Dec 2024 14:14:15 GMT
9e14ffe6-4970-46c7-9757-8aa7da278226
https://www.nytimes.com/ 		597 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.nytimes.com/9e14ffe6-4970-46c7-9757-8aa7da278226
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
bid
aax.amazon-adsystem.com/e/dtb/ 		191 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&pid=AopnULDEW0Uyy&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22mid1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22mid1_sf_web%22%7D%5D&pj=%7B%22si_section%22%3A%22movies%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
4dce82188087b5a879afaed84f7c41579a9ccd759994d30d908879edc355ca62

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
ijzM5KAghhtH4_NiQHx2eDqPFpZs5GbIAy1CB0f8MfH2cr5Y8TCqMA==
bid
aax.amazon-adsystem.com/e/dtb/ 		191 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&pid=AopnULDEW0Uyy&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22top_sf_web%22%7D%5D&pj=%7B%22si_section%22%3A%22movies%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.114.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-114-43.syd62.r.cloudfront.net
Software
Server /
Resource Hash
ab58c90a662cf700705e739676c14e82d7ab3e91ec18689f6f30daf88d8a2194

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 948c1c49e6b4d8c0c9b0fdb0a41022ec.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
191
x-amz-cf-id
oAbkIlAdHECMpMuZcgizAG7oJBAA8hncG0p-fnlkQFDAkhZNbjiDKQ==
.status
a.et.nytimes.com// 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com//.status
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept
*/*
Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers
/
dd.nytimes.com/js/ 		235 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dd.nytimes.com/js/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-120.syd1.r.cloudfront.net
Software
DataDome /
Resource Hash
34f604ca35d040e0aef8f000c20100cfd44555b8e432b736206aac3695961060
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 c7c43876ee4a62a2ceabf450cd898d7c.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
DataDome
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
235
x-amz-cf-id
zVjSLFEx7fcT025QoLnq_nKYy1fB7cUdX9WpgHiyGo6rrqRv-4oNJQ==
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=956673897408410&correlator=941858105920570&eid=31079525&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Cmovies%2Cmovieguide&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702401119817&lmt=1702400679&adxs=1100&adys=698&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&vis=1&psz=300x283&msz=300x0&fws=4&ohw=1600&ga_vid=1821899995.1702401120&ga_sid=1702401120&ga_hid=1179222159&ga_fc=false&dlt=1702401118396&idt=1311&prev_scp=div%3Dmid1%26pos%3Dmid1%26amznbid%3D1%26amznp%3D1%26request_time%3D1410&cust_params=als_test_clientside%3Dweb_none_none_20231212171159%26mktg%3Dtype_anon%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3Ddfp_prebid_0723_3_index_pubmatic%252Cdfp_als_home_1_als%26sov%3D1%26page_view_id%3DxpYl5WixUh2yY6PA2KSRXvTd%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser%26gscat%3Dgs_t%26ledemedsz%3Dnone%26artlen%3Dshort%26brandsensitive%3Dfalse&adks=2498871328&frm=20
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
61051f2e018fa3f7db8101006a8f238bc93a3c362c42c8e522526eed7491d5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12236
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
04b49f5baf81d7926c7bb55dab2664e41b0678903d10fa83bcb025f208049d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12267
x-xss-protection
0
container.html
ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 95BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:12:00 GMT
expires
Wed, 11 Dec 2024 17:12:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		120 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=956673897408410&correlator=941858105920570&eid=31079525&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Cmovies%2Cmovieguide&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702401119842&lmt=1702400679&adxs=0&adys=75&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1821899995.1702401120&ga_sid=1702401120&ga_hid=1179222159&ga_fc=false&dlt=1702401118396&idt=1311&prev_scp=div%3Dtop%26pos%3Dtop%26amznbid%3D1%26amznp%3D1%26request_time%3D1442&cust_params=als_test_clientside%3Dweb_none_none_20231212171159%26mktg%3Dtype_anon%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3Ddfp_prebid_0723_3_index_pubmatic%252Cdfp_als_home_1_als%26sov%3D1%26page_view_id%3DxpYl5WixUh2yY6PA2KSRXvTd%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser%26gscat%3Dgs_t%26ledemedsz%3Dnone%26artlen%3Dshort%26brandsensitive%3Dfalse&adks=2614277642&frm=20
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ff323d92d4a186c9e369d2875d9d25c2afbcd2016bb9681ac6152fe2813dac13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48024
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
platform.iteratehq.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.iteratehq.com/loader.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb6dc8f7f2131a113368dabbffd002980143828f6ab5156fbea1cdb51e6703d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
x-amz-version-id
QIkO7_5JS4owctOA92c7kwJZ3HpfvSmC
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
x-amz-request-id
FYNF0FRP9F9DB7K2
age
47
x-amz-server-side-encryption
AES256
x-amz-id-2
koO5dRqXPAtW+f1aoPrLRdaocXOpaLwqV++7GlFXG8FH64H3WZJHXMwvC832Av7770jxG6IQKWovJ0RXA+JXiqsJLrejQHG5
last-modified
Fri, 08 Dec 2023 17:12:54 GMT
server
cloudflare
etag
W/"dcfbe0bb11a649b54845a4f4a72fb889"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evfTCYFE8dDzPaug6CBARy29K0tcIJR6fySqZrMsuJMYbihTo5FZa%2FpzUVYgiPsLJt8O8Ekmoe16usY7g9fZ7xxAs70Obrg%2F1968%2Bbm2%2BJlpZLUx4KFj0TSAPj1U9UAbm0kVnvQz%2FdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
834796f92edba96e-SYD
cs.js
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/3005403/cs.js
  • https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
0
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol
H2
Server
18.67.111.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-52.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 13:35:59 GMT
via
1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:36 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
20910
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
m1KrbKMrs14idIagyJOZcIlldLOTDZ_6ZlE8MB426NcfG2wviECOyA==

Redirect headers

date
Tue, 12 Dec 2023 17:11:59 GMT
via
1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P2
x-cache
Miss from cloudfront
location
/internal-c2/3005403/cs.js
content-length
0
x-amz-cf-id
6VCMX-vqFhIzCxdxWu1XpZTVO4M70ii_aOLucjh51YquQRVnNDv5Sw==
iu3
s.amazon-adsystem.com/ Frame D37F
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
320 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9863e497691733db74131fb61099b6d3aad4198f442b261fd589ab6a96ab13d9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
320
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Dec 2023 17:12:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
288EX6DM69VWF56CVJR3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 17:12:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
X1N8S5J8TRD1B8V6TH7E
activityi;dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;g...
5290727.fls.doubleclick.net/ Frame 23BC
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.c...
652 B
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.70 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f6.1e100.net
Software
cafe /
Resource Hash
705dbb724e908be15ccc80ccd3dcd3ff06a2f645c7d2bea782fcd5ea9c28a89b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
342
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:12:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:12:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.107.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-107-130.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 00:33:06 GMT
content-encoding
gzip
via
1.1 428f5fd898b57c76263aa42c4277686a.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 02:00:16 GMT
server
nginx
x-amz-cf-pop
SYD62-P2
age
59934
etag
W/"655577b0-1197e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
wajI_FvarreJ0654Th0bGkg5-JcwLuywLVlHsf82JYbQTuh24InJTA==
expires
Wed, 13 Dec 2023 00:33:06 GMT
show-ads.js
a1.nyt.com/analytics/ 		45 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Tue, 02 May 2023 12:58:21 GMT
date
Tue, 12 Dec 2023 17:12:00 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
44758
x-guploader-uploadid
ADPycdvWNj2fxFjQja_CpFvVq3rfWG4iEypjj9zr0PrCFEydrU8LFcAZ7n3AFoykrz6-3XrxqWxtgCyoYokjlYVWNev8vkYH716e
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
65
x-served-by
cache-bfi-kbfi7400031-BFI
last-modified
Wed, 22 Dec 2021 23:30:41 GMT
server
UploadServer
x-timer
S1702401120.183699,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
x-goog-generation
1640215841852360
x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
45
accept-ranges
bytes
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
1512
comscore-streaming.js
a1.nyt.com/analytics/ 		103 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.nyt.com/analytics/comscore-streaming.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires
Thu, 17 Mar 2022 08:24:07 GMT
date
Tue, 12 Dec 2023 17:12:00 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
17646
x-guploader-uploadid
ADPycdtDhTiMd5wb0c_d1F-brtOcUxR1GKXg7ahx-M9FiiVHkofi9xteXuHgM9CYfMekWOL9kISOjYDJtnnRmhAXShA
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
18717
x-served-by
cache-bfi-kbfi7400031-BFI
last-modified
Wed, 22 Dec 2021 23:30:41 GMT
server
UploadServer
x-timer
S1702401120.183612,VS0,VE0
etag
"04e0b9556a78ce5cedf86a34e5483036"
vary
Accept-Encoding
x-goog-generation
1640215841902856
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
105675
accept-ranges
bytes
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
1024
nyt.js
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a464e55b66da4ea128368c807cf47f6b05c8e939c8ca27a01e30e41f57a914

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 12 Dec 2023 17:00:32 GMT
server
cloudflare
age
688
cf-polished
origSize=4821
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCPlXMSvdudY9GcP6M2bMrt0ujYKbZ%2BiRTEsSFzY2ZGzR0Igd%2F%2Blb4rIU4%2BSMNeHVT4XDPn%2BsZVc7gEe0mm6YGX5xRGEom7Z33Ln4vwV4ONlWP2EnbMAibj4JGHj%2Bph0JfSJGEqK"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
834796faafcfa817-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
cksync
hb.yahoo.net/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1513790152
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9c236645-aac5-44ec-acc2-69439e1f016b&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=9c236645-aac5-44ec-acc2-69439e1f016b&_origin=1&redir=true&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JZmJOWmF0RTJ1RjZ2alNNY2hlVnY0dUo5MWExeElrVn5B&gdpr=0&ovsid=9c236645-aac5-44ec-acc2-69439e1f016b&dpid=55953
57 B
662 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JZmJOWmF0RTJ1RjZ2alNNY2hlVnY0dUo5MWExeElrVn5B&gdpr=0&ovsid=9c236645-aac5-44ec-acc2-69439e1f016b&dpid=55953
Protocol
H2
Server
23.206.242.194 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-242-194.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 12 Dec 2023 17:12:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 17:12:01 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1JZmJOWmF0RTJ1RjZ2alNNY2hlVnY0dUo5MWExeElrVn5B&gdpr=0&ovsid=9c236645-aac5-44ec-acc2-69439e1f016b&dpid=55953
date
Tue, 12 Dec 2023 17:12:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match-prod-2b70a16509c02e284300.js
platform.iteratehq.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.iteratehq.com/match-prod-2b70a16509c02e284300.js
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9323530e6508a9fe7bd1f49bdee67e8392f4ec8b0ba1f3ede5fc12eabd02d734
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
x-amz-version-id
qq.uK_1VPAyDNX78Opmpd.j1aVTxbGnr
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
x-amz-request-id
3A3NR2ZFP8FPKM0H
age
345266
x-amz-server-side-encryption
AES256
x-amz-id-2
5g+yj7aUWA3VUVDpnada8n13Svdw3sUxGq8fzfV2YGnt1eBfzLJnrX81U0zEdjzPfcDJYjPVHC4=
last-modified
Fri, 08 Dec 2023 17:12:52 GMT
server
cloudflare
etag
W/"9d8d59c106118199a79db16f71e6284f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZmGIgbf911o9wqVvMFGG6t71jqW9uZpa0FouuBO%2BTq1HVIkw8iFAfC0JWlprXIqinUju5nCzbVRpZV4DbDRmgyCUonhqhZpcY2ZocEwCZgmnHeo%2FE8MwGIUHN6iAUfXk9IWMsOtY5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
834796f93ee1a96e-SYD
embed
iteratehq.com/api/v1/surveys/ 		298 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
643e0b10ac94d47e17f091339f81e2bc3c1c308c7c46e88970d0daf52ed01095
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D26W7Cp4C7JCsXYhLKlZyb7A3axkXCEmBNvoXcK2lW%2Fv99Qx1nAfhxeK9g9ayJ8gPozjhksmZR1cEDByq2xppC%2Bo8mfsgc3bqHAYCyZBeUT7%2FttYKpWmJIcVcslrvWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
834796fcce805733-SYD
embed
iteratehq.com/api/v1/surveys/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
834796fb6d9e5733-SYD
content-length
0
date
Tue, 12 Dec 2023 17:12:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLtPsmoI7YP6P1mGjp22zo3dPFLQfW70lX7YGtTgvzIDQRcm2qpSnu7MxBx%2FJ%2By7ZtbMIbhHqvo8dT3Sha1vY0r3kETzakfHUBQClTwOJHLOpcUDr0aqpJ3gOXJpgSc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
v2
samizdat-graphql.nytimes.com/graphql/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
184
content-length
0
date
Tue, 12 Dec 2023 17:12:00 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
44
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
48
x-nyt-audience-target-flat
NA:PM
x-nyt-continent
NA
x-nyt-country
US
x-nyt-edge-cache
HIT
x-nyt-meridiem
PM
x-nyt-region
DE
x-samizdat-query-exe-id
a25f5d4063167acd
x-samizdat-query-field-errors
0
x-served-by
cache-bfi-krnt7300088-BFI
x-timer
S1702401120.336886,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
2872a6283f92a0e48691020c8f3b4d021f42c03a7e2d4354c6a33ff8da206fe5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
0
age
443
x-samizdat-query-field-errors
0
x-samizdat-query-cache
H
x-samizdat-query-exe-id
1c6cdfe88189d74b
samizdat-x-canary
false
x-served-by
cache-bfi-kbfi7400031-BFI
x-graphiti-gateway
411667ba
x-nyt-country
US
x-timer
S1702401120.491892,VS0,VE0
x-nyt-continent
NA
vary
Accept-Encoding, Samizdat-X-Personalize, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
DE
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
NA:PM
x-nyt-edge-cache
HIT
x-samizdat-query-op-id
project-vi.v2.getOffer
x-cache-hits
12
x-samizdat-query-sup-code
date
Tue, 12 Dec 2023 17:12:00 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
HIT
samizdat-x-instance
5084f405
x-envoy-upstream-service-time
79
x-samizdat-query-personalized
content-length
1183
last-modified
Tue, 12 Dec 2023 16:11:21 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1
x-samizdat-query-surrogates-size
0
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
/
mwcm.nytimes.com/capi/metered_assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&gr=OPEN&mr=1&ma=1&counted=false&granted=true&us=anon&context-type=&areas=barOne
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
8d07ee45cc44c2e3bf79fb5088dcb9a1b6114d2a183fd4ce7506b9525defdca0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/reviews/movies
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
capi-prd.growth-mc.nyti.nyt.net:443/*
x-cache
MISS
x-envoy-upstream-service-time
188
x-served-by
cache-bfi-kbfi7400031-BFI
server
envoy
x-cmots-campaign-names
{"barOne":"MAG_bar1_test_subcon"}
x-timer
S1702401120.358122,VS0,VE199
vary
x-nyt-country, x-nyt-user-status, x-nyt-cmots-purr-ad-conf, x-nyt-device, X-NYT-Currency, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
9e1970784d0cfa4aae7a4a52435b043c
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-nyt-route
mwcm-muassets
x-nyt-edge-cache
MISS
accept-ranges
bytes
access-control-allow-headers
Content-Type, x-requested-by, *
x-cache-hits
0
client
accounts.google.com/gsi/ 		206 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f84.1e100.net
Software
ESF /
Resource Hash
8ce9a994ceb4f8cff9792b1d5488be268f344f049f965147471613951464bbe9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-au7mqtI5WPWffv32V3UitA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-au7mqtI5WPWffv32V3UitA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 12 Dec 2023 17:12:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 17:12:00 GMT
dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt...
adservice.google.com/ddm/fls/i/ Frame 77A5 		655 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Requested by
Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ac2cb6d1d2e31eab68e589b13017145e16f2b9ac161907ace66c0380b60bae7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5290727.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
347
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:12:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
65568.js
cdn.brandmetrics.com/scripts/bundle/ 		60 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd9c8deec417c77b8b70e299a2de0746a2f264a8a1594f2edbc5d01840f875f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:00 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 12 Dec 2023 17:00:32 GMT
server
cloudflare
age
688
cf-polished
origSize=62706
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlE4JzXL6KttSqDrdjgwgvY8FjBZs4YPw56Ezuqo2N3Q3uJXGlkNeXAJlpyCalI2TfWdVMTTEO51hU8Lbj42csRv8xI%2FRg0nPFLaTMP0bBSEFJ9LwvEGnUIHHtTfWHGZ2fkuS7nJ"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
834796fabfd5a817-SYD
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
c.js
collector.brandmetrics.com/ 		0
143 B 		Script
General
Check archive.org
Download Go to
Full URL
https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=2052648
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date
Tue, 12 Dec 2023 17:12:00 GMT
content-length
0
content-type
text/javascript;charset=utf-8
ping
pnytimes.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Freviews%2Fmovies&u=jVu4eDCnsCADl3dAs&d=nytimes.com&g=16698&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=6519&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies&b=2232&t=CUemWJi9jIpDlrO3TBfXMoCDJrD7a&V=141&i=Movie%20Reviews%20-%20The%20New%20York%20Times&tz=-480&_acct=anon&sn=1&sv=C2sRxRn566jfKuECQ5OjZDwlV3H&sd=1&im=06679ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.121.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-121-59.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame 7DAD 		267 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66526060b2ec171583eb8573415c1e2b455d38eef0e031cc740969d9378fe829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:40:29 GMT
x-amz-version-id
frmSGdd9O44e5JrreLBI6hRMO3KBheRk
content-encoding
br
last-modified
Tue, 12 Dec 2023 16:20:07 GMT
server
AmazonS3
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
etag
W/"1bd9041a343233c9683190238524337e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1892
x-amz-cf-id
1pPKK12Cmi5XfRFXLswFJKLGwh9PSRZPOZE0x1y1kG7VF6z7Q1ON8A==
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 7DAD 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 10:52:31 GMT
age
368370
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 10:52:31 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7DAD 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 12:20:31 GMT
age
363090
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 12:20:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7DAD 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 12:30:43 GMT
age
362478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 12:30:43 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7DAD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 12:28:08 GMT
age
362633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 12:28:08 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 7DAD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 06 Dec 2023 17:20:38 GMT
age
517883
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Dec 2024 17:20:38 GMT
truncated
/ Frame 7DAD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b070b333b6468bbf2e14770d4f3467d061f6d089f34a2a58d41d3d73e52259a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
16611184874176702030
tpc.googlesyndication.com/simgad/ Frame 7DAD 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16611184874176702030?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmwGYkeKglIE7IT8Vd8zs8wE33WnA
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
1ebad6a713e64e5567611156a53188efef6c3198a4b8efa32135373943ebf33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 01:05:58 GMT
x-content-type-options
nosniff
age
317162
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35187
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:31:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 01:05:58 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7DAD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:30:21 GMT
x-content-type-options
nosniff
server
cafe
age
52899
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
expires
Wed, 13 Dec 2023 02:30:21 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7DAD 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 12:20:19 GMT
x-content-type-options
nosniff
server
cafe
age
17501
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Wed, 13 Dec 2023 12:20:19 GMT
init
gw.geoedge.be/api/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.109.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-109-223.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:12:01 GMT
via
1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
content-length
0
x-amz-cf-id
VgmNegGdiNmst0z4FD3ag8XFRYdadjg3muzjKvFTJiv6sG3I-DQqpg==
x-cache
Miss from cloudfront
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
pr
s.amazon-adsystem.com/v3/ Frame 021E 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
b7dd0d796ea75b97d7dc427f09eea71a66d046515c1537525e4cced8ecd3f167
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2112
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 12 Dec 2023 17:12:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9Y95NQQ28AHGS0B6Q4VJ
dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt...
adservice.google.com.au/ddm/fls/i/ Frame 8263 		194 B
515 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/ddm/fls/i/dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO6Cp7CyioMDFeSqZgIdb-MIEg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=482736166139;auiddc=987187971.1702401120;u17=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies;u5=;u18=anon;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2Freviews%2Fmovies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:12:01 GMT
expires
Tue, 12 Dec 2023 17:12:01 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
embed
iteratehq.com/api/v1/surveys/ 		64 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTc4OTQ2MGFlZjY4YTAwMDFhZjNjY2QiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzAyNDAxMTIwfQ.XEYm1Bl8Ds_BA6acW9OIz6QRI-UM3mFPKVbqAC8YkQw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Dec 2023 17:12:01 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzZwbQbq4xqOdTb7WDtasYl%2Bi57UDn7kNI%2FidVRczCiOgvAYwjwhxBZ4hlLCNb5CigvRfP2SNujwMvIHHHAAUt4BeucuXlLr%2BywKrFAIsdbSD6XJw1w6nZXExARvlCY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
834796ffb8c25733-SYD
embed
iteratehq.com/api/v1/surveys/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.6.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
834796fe3fd35733-SYD
content-length
0
date
Tue, 12 Dec 2023 17:12:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsWVeOYQvrknJf1Jh3y8YyNyD9VdTsFRJkDm1m8Ew1%2Fc83tJodhNNQQJdq5Hy%2BaO%2FdaBhtVdXqQGJDg4q2m67iO1I035Mz1N08yPzH8avCnlpQSITnxzdYEuXTHWHq4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7DAD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date
Tue, 12 Dec 2023 17:12:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
container.html
ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EEE8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:12:00 GMT
expires
Wed, 11 Dec 2024 17:12:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8E73 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
381719
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 07:10:02 GMT
expires
Sat, 07 Dec 2024 07:10:02 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DADD 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
GSE /
Resource Hash
4c7204c838fc7192fecf7cb51593f1eab0b2ff6ed575b2a9605bf969ab313955
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-k6GPdvcZrUFtJRUNegebgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-k6GPdvcZrUFtJRUNegebgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:12:01 GMT
expires
Tue, 12 Dec 2023 17:12:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
style
accounts.google.com/gsi/ 		533 B
607 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-c6bAULrht21OWM5cJlyMaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-c6bAULrht21OWM5cJlyMaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 12 Dec 2023 17:12:01 GMT
log
accounts.google.com/gsi/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/log?client_id=1005640118348-amh5tgkq641oru4fbhr3psm3gt2tcc94.apps.googleusercontent.com&as=3p%2F08kYIpiNtxn4xjed57g&event=onetap.policy.defaultPosition
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f84.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ktXIqnAJzhpXloET2uZMRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:12:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-ktXIqnAJzhpXloET2uZMRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
log
accounts.google.com/gsi/ 		0
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/log?client_id=1005640118348-amh5tgkq641oru4fbhr3psm3gt2tcc94.apps.googleusercontent.com&as=3p%2F08kYIpiNtxn4xjed57g&event=onetap.policy.uiEvents
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f84.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-s25ft2oqfB0xgEUtJebhaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Tue, 12 Dec 2023 17:12:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-s25ft2oqfB0xgEUtJebhaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
status
accounts.google.com/gsi/ 		40 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=1005640118348-amh5tgkq641oru4fbhr3psm3gt2tcc94.apps.googleusercontent.com&as=3p%2F08kYIpiNtxn4xjed57g
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f84.1e100.net
Software
ESF /
Resource Hash
1ba304ba7fb22add131081d522fa06cd6b254e42c4615087527388f509cd75b7
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-_pOtF0tztR-RVafqBlQO0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-_pOtF0tztR-RVafqBlQO0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame EEE8 		267 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-59.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66526060b2ec171583eb8573415c1e2b455d38eef0e031cc740969d9378fe829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:40:29 GMT
x-amz-version-id
frmSGdd9O44e5JrreLBI6hRMO3KBheRk
content-encoding
br
last-modified
Tue, 12 Dec 2023 16:20:07 GMT
server
AmazonS3
via
1.1 c2fff340a6d5f4b9c17041a88b37f0f4.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P1
etag
W/"1bd9041a343233c9683190238524337e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1893
x-amz-cf-id
U85fI59ge6FhBneqIfJd-zArWwb7EZuZpZ8kTtm41n8-3Uq1QYYFkw==
ecm3
s.amazon-adsystem.com/ Frame 021E
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3454027212889704000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3454027212889704000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VB3K08TC371QW83V0NEH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:01 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3454027212889704000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 17:12:01 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3A74
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b47db35446b173d14189841cb885bf0af9fac22ac8d80dfb4e4afb68a73a8bf1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
834797005c17a93b-SYD
content-encoding
br
content-type
text/html
date
Tue, 12 Dec 2023 17:12:01 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYOexKGSl6zNxpvneQVvzgkqYoW7o1z6ueH1jbfwx26B5P0GKAzt7VnozdyaYxvOQRSHQIsU8ApDwvAxvDv%2FysrQMgwpm4eYLNzCAkXu2TpZYrU1yT%2BQER4iBYsLmfM6jQMcFdEBMQh9ow%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
834796ff6bc1a93b-SYD
content-length
0
date
Tue, 12 Dec 2023 17:12:01 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJ9assReVqgpb08PRr3IHLUrjMqp0LxLV8Fjl0wJm3iDHdxSNgAecstsnLmvq7Rq6TFMh4A0ZNjcVG%2BBY3nJTOw6lF3aSgcrzBt0ON4Flq%2F8%2B8XMnT1H995xuYzzQ7PIRHBtGi%2FBxta6HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FDE1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.202.169.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48665
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 12 Dec 2023 17:12:01 GMT
expires
Wed, 13 Dec 2023 06:43:06 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1140 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.74 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-74.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Dec 2023 17:12:01 GMT
ETag
"20525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 4C61
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcU04Y3loRTJ1SjZrdi4yd0lxeU9icnZ5TGxjVkFncH5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcU04Y3loRTJ1SjZrdi4yd0lxeU9icnZ5TGxjVkFncH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 17:12:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
382CBZRKJPRN8KD3506E

Redirect headers

age
0
content-length
0
date
Tue, 12 Dec 2023 17:12:01 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hcU04Y3loRTJ1SjZrdi4yd0lxeU9icnZ5TGxjVkFncH5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame D060
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
583 B
682 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3fc18ac226a513695dd69231e13a1c8d2290269576ca3cec798e886ffd1a86be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
360
content-type
text/html
date
Tue, 12 Dec 2023 17:12:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 12 Dec 2023 17:12:01 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 45D6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6825988506243253190&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6825988506243253190&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 17:12:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
5HXG74EK3MT305FBPSKV

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
901555ab-05fb-4901-961f-44baa97460c1
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 17:12:01 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=6825988506243253190&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
66.203.112.161; 66.203.112.161; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame F10B
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2866959518845116034902
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2866959518845116034902
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 17:12:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
W3TD6JCVBTX254HQPS7Y

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Dec 2023 17:12:01 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2866959518845116034902
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
adview
securepubads.g.doubleclick.net/pagead/ Frame 7DAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChgH4X5R4ZeL3N7CCssUPsKqSmAOwqfm2b4KT08W4Eo3xoduhORABIMjW9RlgpYCAgJABoAHkm9PhA8gBAqkCopoRvjUcpj7gAgCoAwHIAwiqBLsCT9Aq7LPBDAflSyjRpg5Mb7w4k5kTzroiVyeKrxQEU-7UHcWUVkgNFAEfQm7mgltecuqKH-MlloOzo58irxIgKJx4Cb_AhAznsPv-ONd-qbp4ti8nQ-wrEITb-Xh2PD5Jam9m7f_86sFziaILTvAmsA0gpFK6GGlsxqW4yEEBG16uklewtyZwarPocpQ0byy5ZYPTCgGKjy1uf4waDugmDcGaNMirGtHRI2OC1oL_V6GW5hWWB-0e6XMB295S2kpJUYrJH1cSdg1epMrgyevQHQmp1wuifNzZRHTRUX8DfASd6cZ5wPy4mNM3MqJRn-frS5OM9nDxXYdzApRXY7-VAjoslUsHIYe7kTeMNURPGjZDKiN2R8rsgbMnt_zr0SwZX78lRLJOF-Uk4xilwtfM02rSHrO2zOB04VI7wASuqqLpnQTgBAGIBYqvvNdJkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4TkrB6oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCbnjjSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WJ2xkLCyioMDmgkpaHR0cHM6Ly9jb2JsaS5uZXQvYm9hdHMvYXhvcGFyLTI4LWhlcm9lcy-ACgPICwGiDBAqDgoM5LSxAu61sQK1uLEC2gwQCgoQoOuJuZ_g8souEgIBA-INEwi055CwsoqDAxUwgawCHTCVBDPYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTU0MjEyNjQyNjk5MzcxNBie5xU&sigh=Uea3XUnNbTc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_y15BXGBKz_QdrAzGqCZaJUlHkgvTVCxY5rFc8HSoS5_1bJ59rWm98iTwjV0IFUgGfR_RCi85AQsOpn1DxKWcUs3YboLou1NHgeYYAQ&cbvp=2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8E73 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
35918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 07:13:23 GMT
usync.js
eus.rubiconproject.com/ Frame 1140 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.74 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-74.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9d29bd3d743d6136eeaaa2f19ea175e6679f5c5d897c3b5c5c5caa7c265e3b2b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:12:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Dec 2023 20:47:39 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12894
Connection
keep-alive
Content-Length
13232
Expires
Tue, 12 Dec 2023 20:46:55 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9359 		624 B
825 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCf4NOIBBjd6K__ATAB&v=APEucNWOGKHKa6kDH5ZpM7R-ptCieHKnii0P29lzhq5Wr12CVkFyNjSeEaL9p0dMhh9KnY14J4sFL1uOcO4BubccQLWgiveWQA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Dec 2023 17:12:01 GMT
expires
Tue, 12 Dec 2023 17:12:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1852562/76760880/ Frame EEE8 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1852562/76760880/skeleton.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.207.62 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-207-62.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
561a296975ac6ce51dd78f118d4b941a5098221cfe4ef331c21e1fd686a37ccb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame EEE8 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
Origin
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 16:20:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3091
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Dec 2023 16:20:30 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame EEE8 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 03:15:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
50195
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 03:15:26 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EEE8 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 02:46:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
51952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 02:46:09 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame EEE8 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:45:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
361597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 12:45:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EEE8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
55112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EEE8 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 01:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
55112
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Dec 2023 01:53:29 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EEE8 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
sffe /
Resource Hash
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65486
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702315402350014"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Dec 2023 17:12:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EEE8 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrIwRd5H3aESPmCmDQXPq9KS0ybaoZjxW455LA0h89Zh34r-dfKjJDQgETATQyfgFEmge48KNV5gR6DgDWqAGHvkC0Jig357lEOfZ-gGiHOPo60Qc
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FDE1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87331872&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3789b068b764553bdb096e6069d9ec02e59efa9932e306e163201845fdb1189b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 17:12:01 GMT
content-length
1672
content-type
text/html; charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 1140 		7 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
main.19.8.464.js
static.adsafeprotected.com/ Frame EEE8 		213 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.464.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.205.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-205-63.slc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:14:57 GMT
x-amz-version-id
UVhHGORh2DNEUMNNkt_WUa02s5tqiqCw
content-encoding
gzip
via
1.1 df0a4ea7de0fa05190904df4271e5d1e.cloudfront.net (CloudFront)
x-amz-cf-pop
SLC50-C1
age
421026
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 07 Dec 2023 18:46:00 GMT
server
AmazonS3
etag
W/"abf69ba4c667ac44b2f9c28f5047f6bd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Ejko1LFEpI_A77svCPlDZgrwHy7HQHq1J2331S4zeKuH5JRnkDyyjQ==
truncated
/ Frame EEE8 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38461bda57c16fd7a313569c9ec36326d5af8df58f203d92bbc54b7dd31c7a48

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6AD5 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
362637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 12:28:04 GMT
expires
Sat, 07 Dec 2024 12:28:04 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6AD5 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
35918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Dec 2024 07:13:23 GMT
ecm3
s.amazon-adsystem.com/ Frame D060 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=16b01741-c4e3-8322-9e85-35cf783f030c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C01T1H4KZR17QCECKBC9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
syncd
x.bidswitch.net/ Frame D060
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4e666b3c-d849-38d8-5e8b-b758100cc8ec&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWMyMzY2NDUtYWFjNS00NGVjLWFjYzItNjk0MzllMWYwMTZi&gdpr=0&gdpr_consent=&ttd_tdid=9c236645-aac5-44ec-acc2-69439...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9c236645-aac5-44ec-acc2-69439e1f016b&google_gid=CAESEEt9fnxdAWyLDb_uHx-Su3M&google_cver=1
  • https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=9c236645-aac5-44ec-acc2-69439e1f016b&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=9c236645-aac5-44ec-acc2-69439e1f016b&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:12:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=9c236645-aac5-44ec-acc2-69439e1f016b&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
date
Tue, 12 Dec 2023 17:12:01 GMT
server
Kestrel
content-length
413
sd
jp-u.openx.net/w/1.0/ Frame D060
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXiUYsCo8YUAAAv681wAAAAA
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXiUYsCo8YUAAAv681wAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 12 Dec 2023 17:12:02 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"66.203.112.161","key":"ZXiUYsCo8YUAAAv681wAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40146"}
X-SO-Key
ZXiUYsCo8YUAAAv681wAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40146
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXiUYsCo8YUAAAv681wAAAAA
Cache-Control
private
X-SO-HostName
a-ad40146.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
84
Content-Length
0
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-IP
66.203.112.161
sd
jp-u.openx.net/w/1.0/ Frame D060
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbRIWMcX3GJQks8AEDxkC8B3Qs8AAAGMXwOdcQ
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbRIWMcX3GJQks8AEDxkC8B3Qs8AAAGMXwOdcQ
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
via
1.1 d464a17a20fc9cad7861828ec660c392.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SYD1-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbRIWMcX3GJQks8AEDxkC8B3Qs8AAAGMXwOdcQ
cache-control
no-cache
content-length
0
x-amz-cf-id
dUeERYm-V2sCcn6KTqDCmHiT-9G23qu17KDtXKwQOIluj3ILqNbP3Q==
expires
-1
pixel
cm.g.doubleclick.net/ Frame D060 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjIwOWI4ZjYtMTEzZS02NjdjLTRiNmItZWRlMWRhZWUwNjhj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame D060
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOGFhRF5VgkV_TyO3T98Bo&google_cver=1
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOGFhRF5VgkV_TyO3T98Bo&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGOGFhRF5VgkV_TyO3T98Bo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3A74
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZXiUYWhCAflCJ.Dm4-LGbAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL0IrPoyGb96VwCSoW-yI8k&google_cver=1&google_hm=2
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL0IrPoyGb96VwCSoW-yI8k&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAIGYPUBDr2KiLamMrosUznn1VKyvMmcqamlOI30WLG4fxu%2BMzhOiId9FBzIz9S5jyfhEyuD8MHP%2BV0HiyoEt6uD%2Bceizyi4r9rCcEAQpN33e81CZ3tqEKK7e%2FvUY7LscG6Jga20X%2F4mFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83479702aa2c5721-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL0IrPoyGb96VwCSoW-yI8k&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3A74
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9c236645-aac5-44ec-acc2-69439e1f016b&expiration=1704993121&gdpr=0&gdpr_consent=
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9c236645-aac5-44ec-acc2-69439e1f016b&expiration=1704993121&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQbIJpgcULpkqBSphwNLjFM54JI2Op7RQh9mJRxsj6ueyqXwi3s4QMBA6BuNb1M5AufpWNIl4BWdf0U1eSFnhTg18aMa3%2BpcQbaemAztjKa794z1cjCiOaCb3ol4lT6fq61gWZ6Q5FQ0bA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834797012c76a93b-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9c236645-aac5-44ec-acc2-69439e1f016b&expiration=1704993121&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 17:12:01 GMT
server
Kestrel
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 3A74
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZXiUYWhCAflCJ-Dm4_LGbAAAFNsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHa1c0VnhTbt75lUNn7Q4-k&google_cver=1
43 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHa1c0VnhTbt75lUNn7Q4-k&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFxD8YJjTnvCy8b%2BNM73VYCLZ3K2%2B%2BjRMnEpVbG7K9QBtBdguoVggVfOmQ%2BZD%2B9S3%2B0M14pwgEUcEijZUrOQ0m%2BAxY0iJvivvwttaHR9fAWjzmRRZYMbdxHqJH43xDwIzeRe%2Bn3XqyWEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8347970209fa5721-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHa1c0VnhTbt75lUNn7Q4-k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3A74 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZXiUYWhCAflCJ-Dm4_LGbAAAFNsAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S0V7SNJKGN7JEKPQ8K7S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 3A74 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZXiUYWhCAflCJ-Dm4_LGbAAAFNsAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.96.232 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-96-232.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:01 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1702401121521000-82
Expires
Tue, 12 Dec 2023 17:12:01 GMT
crum
dsum-sec.casalemedia.com/ Frame 3A74
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGYq07K8SkAABRHtZPEoA&expiration=1703610721
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGYq07K8SkAABRHtZPEoA&expiration=1703610721
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMhwOoBIzglm2u4Imnl9K6e17IDA76UUFjquUyBM9CPNG6CN8xUReyyFnF4zB%2FTZ2NilMQfNaBADIQKhhHRNd%2F9rgklp1bRehk1ATlo5jg6%2BjlU4egMD5Eset5jJc9C4WuA06FQvN%2FguZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83479704cb4f5721-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAGYq07K8SkAABRHtZPEoA&expiration=1703610721
Date
Tue, 12 Dec 2023 17:12:01 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 3A74
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=T5JGdZOhWWx9qO_rLbwWkELLcKE
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=T5JGdZOhWWx9qO_rLbwWkELLcKE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgthNt%2FzEk3MzF%2BLw4FVZv%2F9gwyajTfEsKF0Q5j6U2MWvbYXIv%2BSqRpKY0eqnluIy0EUocquld54M1REK3d1%2F623Q%2ByicONPxC45LpRY0YD%2FUkAORxJT13emE3l2N5zsF6tnE1AXx6l9jw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
834797065c045721-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=T5JGdZOhWWx9qO_rLbwWkELLcKE
Date
Tue, 12 Dec 2023 17:12:02 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 3A74
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7b55995c72k9oyp00lq2lo8l6
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7b55995c72k9oyp00lq2lo8l6
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDMjlhLanCeWFLrf6Y6n3nOfe7%2BcIcPwyrOmpQulWnC0IDJHilV593z7RITtg74jHXxG9DVAKqZC12BfHJXpjOzSqe%2B7HYwCbKHqEDmpzkxmGq0Anlq1SBkRwy6q1RhMal1bDghtiQcCpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83479704cb4e5721-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 17:12:01 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=81fa84b7b55995c72k9oyp00lq2lo8l6
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 3A74 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZXiUYWhCAflCJ-Dm4_LGbAAAFNsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GHRVVQZCBAZAK23PJCNN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DADD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=956673897408410&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
SYD_Water_Dishwasher_HTML5_970x250.html
s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/ Frame F107 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/SYD_Water_Dishwasher_HTML5_970x250.html?ev=01_250
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
sffe /
Resource Hash
51fc1736047ff5a2fb788cad8eead74e86e7549ba856df915c2722e4c0f00280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
274077
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2794
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 13:04:05 GMT
expires
Sun, 08 Dec 2024 13:04:05 GMT
last-modified
Fri, 24 Nov 2023 02:04:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame EEE8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssxNi_2L5nbGE7c_9P42zIRY0JuFklk7-tY0_6FwjlNTmGCFbXi8VDxlX-U87ra1vhSlje9v4P9ta-e4SpD8g-9n4kqfQh3Jx17VtAqZHc8foeZm5hayxuZufjL_ioj-Qf2TsqYeggt8QaKOCFuO5-JlbppU9F3_H-5JLYOSoi5QCv1xYbQTx5PgmDS-s7HeFw43CnLqawnehCG4XnqOX5ikiKVtmq91rHjRz498VJSXCm61xjwyzCcFbizNd86T-vG8A5AYji4dSGcz5HM-D-1GEU-9fUsGFnbXfp6X5gOD22EqwCsD7ZFbI_x71a8-bdyLw-SXan-nduR1YUJhPU3C3GMvbBG6eP52Mcn7OSpnDtHyy9DWY47Kf-Wm_vSWca27ou6TrBlhSVeLHlVuqmylCXXY4UYmCasCeFHVyX9M9keBFGcDnx5q4zUVcqZt3FsjfBxvkiZtjwSFWYHjcP-bywyj3LVGmDGkSBMEvZ3z6jOsvqlBwyJ_iywLnR6Aomp7QJe7DrEXUJtX5EI6hYwkp0Fy_uXPXUCx305nYw0RDBoNhyV__8AVTroqmsvU0dHhW_FpeqkBA1dY2mJ7qRrIdljMEUrUPJXdrAosLVLtHmZc5e5369OipkhTFcxwoMAjzYCXUYknm_qRHtk1upcmRUq9uaEqd2o0lN2YBDjK5B8tOXrNg6LCtt13D756w-DKEyGTWHcETr6XLjaEtKb63vjPua7gsf_UiaeLWyRBENU0WqlhGe3MCgTr_eYMzTOyKKyznsKP8t3U3-YjMfrtD_Z2GEA_eYZZ_CarK9l2uhWTt2uR1tOPYSgmn328cHarAhTvfBRPrQMua5qSf6vAUa65FVMHNwafJfSbNtQooTgkyKIE3CxKm7JDWW297xhErtbGvuAtrms8D3wUUuXyesCiKqpMm5x-RJvC0daXZkUQVPbBCeTI0OppMdsgZxr1lK2AAzNfMm1RBUC-8waLUN3zB6z6xr1i0dTfqWLUnPzwYrzy6RlbyrgIZvMW2-V_AwTT8iSVEgcRvY-d1LPKNb6R0apE_Xirabg7B68GeGMsv2EJjCwHo9GMM_LdujHIC9WAE68etsqcMBEG2CV2NChMpJUpE8S3vwfKH6NFueGnvKKSgjlgGXdBEv2pWwu6e_vrE7O8lu8W0Hxt1Z0NAp1SJACKrzP8Wa92K3s4dYI7rY-ndoYrWqcOPcsiD6PG3BRcX2zO-CKc5BI4fR1qyI8Sj5HdsRn3OiQKXjgYtUlgCbA4297MtYcsE6RmMFA6QOkb5fUpilEK6NSImmxpyfcNb-BpzMnkdr5GhTQyZWtUQYDWlFUMuGXEnTTBaE9eH2lR73cSC5wT_z-XqxaCm0UgSLuPVS4qT5X--1m_17dSeXi5EjhiK0X1ycVehjnacftT08PxDeVAWn8PdgG4OBKUMjWOskyw7YKOgXqo3gCt_qneJvIxj-DlmDnZ7E7lg&sai=AMfl-YTDYiHePSo8TkV3xULl__dwbJzRyaoBQkf4R9i4zR0oerC0tI-HhfX1UmbWWmrFYQTyIybr2a0uFzC3LqGHE26U4jZJqThbShFMNoBh9e35se8bxIVlXNG2xpHtx1TteYa0lfYc5G99fis_r0ufDBHS7pmkSquue-xl_UkTOczNw4SEfUSBnk6gAIE-LfkSvxQgT0Bs8uEyWVa1mOHaP6sDJ0_spELJ6wd8KCuliOaM1y0lRhW0oR1zo0ioq3ovBGQnbLW9vxJAabUFMTJ7FdSj3iA7LCb_fiP_IJEqnjflvkEF7Et3PRpOgPxWosoV6kRAoOM4LbyZ3dkmSrKLEbwk83ycFh05fWmDd3GpdxM-VTKdQKDQrKjsqf_EpGfNwAcQAwtCTDwa0knA7XnMDVVPGbsYXpprRRIepY7d6_PYtGqkucAiQK1C8PsiUpYpt-85V9FfVSKnIOiO3hlyNQd2jnJNZ-nc0y6uNayQAhfPVYjkmF896wu2txRo--_D3CfdzbUJsCLgxg&sig=Cg0ArKJSzIINdgr-He3jEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zeWRuZXl3YXRlci5jb20uYXU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=476&cbvp=1&cstd=467&cisv=r20231207.29085&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 12 Dec 2023 17:12:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 9359
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEABDbp-Iwxdle1YnaCQkOoY&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEABDbp-Iwxdle1YnaCQkOoY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCf4NOIBBjd6K__ATAB&v=APEucNWOGKHKa6kDH5ZpM7R-ptCieHKnii0P29lzhq5Wr12CVkFyNjSeEaL9p0dMhh9KnY14J4sFL1uOcO4BubccQLWgiveWQA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foeNNKJjfv7tr%2FFK6lPlB%2BvcgxZgVLSbI1NIcEhCe7kPgk6Bjf12T55S6PvUr18jbyGfKjob%2F2vFr3Cq9HvB2BJWsQ2YJLZfChND35qr916kVGeAMBOcytHyLR1ddONX7EOtNXqN45VxQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83479703eaa55721-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEABDbp-Iwxdle1YnaCQkOoY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9359
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXiUYWhCAflCJ.Dm4-LGbAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEABDbp-Iwxdle1YnaCQkOoY&google_cver=1&google_hm=2
43 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEABDbp-Iwxdle1YnaCQkOoY&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCf4NOIBBjd6K__ATAB&v=APEucNWOGKHKa6kDH5ZpM7R-ptCieHKnii0P29lzhq5Wr12CVkFyNjSeEaL9p0dMhh9KnY14J4sFL1uOcO4BubccQLWgiveWQA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7wX2Svlw3wXATO4CvgWmkp2p%2BMXSImUUpnY%2FPA%2B38C%2BbIAf1BqwZuhJ%2FmH%2B4HuQiZBE%2BtuucfIY%2B6vDvMjNSZdXT5%2FM0Fi%2FsCIQAAW2n5zEO5mX0lDDlHqFlY1yoASSHR6OOWcOiF7PUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83479704db545721-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEABDbp-Iwxdle1YnaCQkOoY&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9359
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJrUQ91AMy7KHg-gVbPra0U&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJrUQ91AMy7KHg-gVbPra0U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCf4NOIBBjd6K__ATAB&v=APEucNWOGKHKa6kDH5ZpM7R-ptCieHKnii0P29lzhq5Wr12CVkFyNjSeEaL9p0dMhh9KnY14J4sFL1uOcO4BubccQLWgiveWQA
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
an-x-request-uuid
68510d4f-0f97-45ad-8a21-aaef3740e474
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.161; 66.203.112.161; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJrUQ91AMy7KHg-gVbPra0U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9359
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgyNTk4ODUwNjI0MzI1MzE5MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgyNTk4ODUwNjI0MzI1MzE5MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJWJFRCf4NOIBBjd6K__ATAB&v=APEucNWOGKHKa6kDH5ZpM7R-ptCieHKnii0P29lzhq5Wr12CVkFyNjSeEaL9p0dMhh9KnY14J4sFL1uOcO4BubccQLWgiveWQA
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
an-x-request-uuid
18e8b259-a4e2-4852-91d2-4f8094027d07
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgyNTk4ODUwNjI0MzI1MzE5MA%3D%3D
x-proxy-origin
66.203.112.161; 66.203.112.161; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
img
sync.mathtag.com/sync/ Frame E781 		0
0
ecm3
s.amazon-adsystem.com/ Frame 3AFD 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0C10E377-4130-4FAB-A688-B8BE568CAD10
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 17:12:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
EGYCGNYVQ7GT9241R6QH
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FDE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DBDjd0EwT6umiLi-VoytEA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.202.169.82 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-169-82.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:01 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=48665
accept-ranges
bytes
content-length
5622
expires
Wed, 13 Dec 2023 06:43:06 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame FDE1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=0C10E377-4130-4FAB-A688-B8BE568CAD10
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=0C10E377-4130-4FAB-A688-B8BE568CAD10
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=81aa8fb6-c08a-48e4-9401-14de9cb00f27%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9c236645-aac5-44ec-acc2-69439e1f016b&ttd_puid=81aa8fb6-c08a-48e4-9401-14de9cb00f27%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9c236645-aac5-44ec-acc2-69439e1f016b&ttd_puid=81aa8fb6-c08a-48e4-9401-14de9cb00f27%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9c236645-aac5-44ec-acc2-69439e1f016b&ttd_puid=81aa8fb6-c08a-48e4-9401-14de9cb00f27%2C%2C
date
Tue, 12 Dec 2023 17:12:02 GMT
server
Kestrel
content-length
359
qmap
sync.crwdcntrl.net/ Frame FDE1
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=&ct=y
49 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
13.251.194.25 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-194-25.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.11.120
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.7.110
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame FDE1
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=0C10E377-4130-4FAB-A688-B8BE568CAD10&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0C10E377-4130-4FAB-A688-B8BE568CAD10&sInitiator=external&gdpr=0&gdpr_consent=
42 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=0C10E377-4130-4FAB-A688-B8BE568CAD10&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:11:22 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
42
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:11:22 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=0C10E377-4130-4FAB-A688-B8BE568CAD10&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FDE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEMxMEUzNzctNDEzMC00RkFCLUE2ODgtQjhCRTU2OENBRDEw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 14:45:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FDE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJB48_5mXeWPTmgSxaJHcT0&google_cver=1
42 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJB48_5mXeWPTmgSxaJHcT0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 09:27:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJB48_5mXeWPTmgSxaJHcT0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FDE1
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0DB90CB79E914B9489B936A855371254
42 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0DB90CB79E914B9489B936A855371254
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.82 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 17:12:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 12 Dec 2023 17:12:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0DB90CB79E914B9489B936A855371254
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 17:12:02 GMT
0C10E377-4130-4FAB-A688-B8BE568CAD10
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FDE1 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0C10E377-4130-4FAB-A688-B8BE568CAD10?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.162.48 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-162-48.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame FDE1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=
42 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 17:12:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 17:12:01 GMT
server
Kestrel
content-length
355
ecm3
s.amazon-adsystem.com/ Frame 1140
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LQ2LO7P9-1W-CLTP
  • https://s.amazon-adsystem.com/ecm3?id=LQ2LO7P9-1W-CLTP&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ2LO7P9-1W-CLTP&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
28WHSFP0NF0FH2ZC7JHZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ2LO7P9-1W-CLTP&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
03d4828e33e22cf7b4098c5a68746480
Expires
0
init
gw.geoedge.be/api/ Frame EEE8 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.109.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-109-223.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 12 Dec 2023 17:12:02 GMT
via
1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
content-length
0
x-amz-cf-id
spAzWVfMDO8XkJYb-o2v9tCTYqH7bKqCF5tXRkIiFCl0rzyf4xaXVA==
x-cache
Miss from cloudfront
generate_204
tpc.googlesyndication.com/ Frame 8E73 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fmpL5g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6AD5 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BIsw_YJR4ZcrmG_O9ssUP5bS7kAYAAAAAOAHgBAI&bg=!Q0ClQA_NAAY3kmNgF5I7ADQBe5WfOKe_uo2xW52GphjgXmZhhjpqQDBLAgVEnuZd-H-T_T3zxgijW1QcZBITcMXOGmZyAgAAAKNSAAAAAmgBB5kDOGBZ-9GhvMiVhPC0lFNh6xnvP9KZBEiqQPqLhFrBAVGA6yKciRCVhGUETEyNfOBN1BpAWBvaJKpGOaaNmi_ASEDrVwGubopO1K0V5HPt7k5EbClAtLu6if-UWvHVCkY5okSn4Wa8BLiRnZtmDNIcd1qIU902deTVw5xRTclEJN9V0LUxbx9NgHa-KTHDuG6gzxZoa5SmLoJ2zhKzvC4LJpufMD-_CK30ynpevfAWel402ZJK8dr2psJlHVtLMW-ixSBmzBuMsWQjNSGDdwkB9ZJqsD-5usPlVyWVfgHBRCMTZCggLau7l-ww41DRhVI2f5ISOmB6jm_TSvxVSKiMEMz5G_Ayh0YBvOnJ8HNrILRKJG3reUfIzlZrNTNYHvXS7vQG6aZDSAP1IfWvbTusbpSmqBtIeE2CyDXwDSguFCdAPVAg63aiUZkCKVK3RRvYuzTmO6OZ8_fNKeExy-tiflwt2967V_c6e81HmiN6Tralvn0EhUshOL9xDRbwplft8UHL-_pLsrRNYMkdCdEBATi95Dc0hKL_sw9Jadoxzb47dNQr-RMU4MZy-qlZxDvuONZ0YBgLATNXFGrl_b5IhLwKVBw3w_sydULAcZLy7Hja7ufnO-yD0R9zMFKt8hLah-9dtkC1R5prENGvV0LKI-0OYmMsBD8V_WpqMIvjDFKquwQMYPVjEOk2LAoqKodW_vHIyYeA_qg8fOv7WPircORQZSGS07FseZPKf0eBOyBh6-rd5eOte5U7PnBRhHO-6bcetnVbvlGpBmWYcJipaMwfy9bVTVL5NOawlgFYzENC3aDT-yNEdSn82-rD02X6Q2PqVMx5iue5T7m3nXzIeenIeLIS3wPAfRAjNaseDcu5Vq1S4YEWhX8-Et_rrfNxp9sHQk2ouwo0I0FA7mtypV66VX3_C-lCPSthdhMhQkN7JmKN6ScPDVWyQRfTO-pDZ9rKkXJAmaD30QnVxt11EgCfCb2Nzh_-2TD0pT9dL51q18HREIMZQhtbQ-akO3cB62Lsar6-U_Y5g3Fl0dYoz2KZxUS1iD4mQK505RBv0MUJpp6oTCbevO4diBrrBkt2GNFu58e_7lI4
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 1140 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5848SCC36T1856C8HDB9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 1140
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ2LO7P9-1W-CLTP
0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ2LO7P9-1W-CLTP
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:01 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E4A98CFFC456452FA3096FBF9D9A8E16 Ref B: SYD03EDGE1319 Ref C: 2023-12-12T17:12:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYMUyYvvSlRYE7wWQdvBw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQ2LO7P9-1W-CLTP
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1140
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/ZzG7wlx5uQ2LEwhZ9AkuAcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MPLX_JpE2oLYHa8H2mx9F7ob5I6hTngpkDZPiA--~A
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MPLX_JpE2oLYHa8H2mx9F7ob5I6hTngpkDZPiA--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 12 Dec 2023 17:12:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-MPLX_JpE2oLYHa8H2mx9F7ob5I6hTngpkDZPiA--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 1140
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAp7zGUjgoeNjjuzHlj6tVY&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAp7zGUjgoeNjjuzHlj6tVY&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAp7zGUjgoeNjjuzHlj6tVY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1140
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c80248407eff6cf595ce43a76c04e23f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=9c236645-aac5-44ec-acc2-69439e1f016b&gdpr=0&gdpr_consent=&expires=30
date
Tue, 12 Dec 2023 17:12:02 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame 1140
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQ2LO7P9-1W-CLTP&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQ2LO7P9-1W-CLTP&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AS11YM8WG1FCTMWHZEMS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQ2LO7P9-1W-CLTP&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1140
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFEyTE83UDktMVctQ0xUUA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELJauUDmuse1VyyEI3i5LRA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyTE83UDktMVctQ0xUUA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyTE83UDktMVctQ0xUUA==&google_push=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFEyTE83UDktMVctQ0xUUA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 1140
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=4YgAabOXR6i2fMRAH9AaNA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4YgAabOXR6i2fMRAH9AaNA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4YgAabOXR6i2fMRAH9AaNA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MJMH4HSZJYPH2CRKWGE9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=4YgAabOXR6i2fMRAH9AaNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1140
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzA1ZTE1Yzg3ZjU3NDU0NTIyMjZkMDM4MzEyODliMTRkMjY4ZDVjMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzA1ZTE1Yzg3ZjU3NDU0NTIyMjZkMDM4MzEyODliMTRkMjY4ZDVjMg
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.66.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzA1ZTE1Yzg3ZjU3NDU0NTIyMjZkMDM4MzEyODliMTRkMjY4ZDVjMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1140
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGYq07K8SkAABRHtZPEoA&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGYq07K8SkAABRHtZPEoA&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d335433bbbe0efeac67146df47932f6f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAGYq07K8SkAABRHtZPEoA&expires=30
Date
Tue, 12 Dec 2023 17:12:02 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 1140
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQ2LO7P9-1W-CLTP
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ2LO7P9-1W-CLTP
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ2LO7P9-1W-CLTP&ckls=true&ci=9TdHoUEXMW&nc=false&trid=-1347026077
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ2LO7P9-1W-CLTP&ckls=true&ci=9TdHoUEXMW&nc=false&trid=-1347026077
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
13.35.147.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-147-55.syd1.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:04 GMT
via
1.1 fd2442d18add87f1fea3351cec311828.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
GtUVCAhQcB5U1LyMe5QAd9Ns7SaYSlrThub_Yod2w27Yg7EfmIIsHA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:04 GMT
via
1.1 fd2442d18add87f1fea3351cec311828.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQ2LO7P9-1W-CLTP&ckls=true&ci=9TdHoUEXMW&nc=false&trid=-1347026077
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
gZLPoPxwUyDrh1i5t8FyiDBixMscM9wy-IMUWlJ-bGUUjADOt1AVjA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
capi.connatix.com/us/ Frame 1140
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQ2LO7P9-1W-CLTP&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQ2LO7P9-1W-CLTP&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQ2LO7P9-1W-CLTP&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8347970c0fa25593-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 12 Dec 2023 17:12:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQ2LO7P9-1W-CLTP&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
8347970acf715593-SYD
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
merge
ce.lijit.com/ Frame 1140
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQ2LO7P9-1W-CLTP
  • https://ce.lijit.com/merge?pid=80&3pid=LQ2LO7P9-1W-CLTP&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQ2LO7P9-1W-CLTP&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.191.163.210 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:03 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LQ2LO7P9-1W-CLTP&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 1140
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ2LO7P9-1W-CLTP
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ2LO7P9-1W-CLTP
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQ2LO7P9-1W-CLTP
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
ib.adnxs.com/prebid/ Frame 1140
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ2LO7P9-1W-CLTP
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ2LO7P9-1W-CLTP
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
an-x-request-uuid
da76879d-69cd-44b3-9f84-aa449787d264
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
66.203.112.161; 66.203.112.161; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQ2LO7P9-1W-CLTP
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Expires
0
v1
match.sharethrough.com/sync/ Frame 1140
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ2LO7P9-1W-CLTP
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ2LO7P9-1W-CLTP
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.220.248.255 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-248-255.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:03 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQ2LO7P9-1W-CLTP
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7DAD 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKkUHTFc9goxkSoC226a52Xn4gCv8RmgbrI98dhfQ0FhjSHILFzv_i7gF7CzccnbnESgNz_FDDJvJkpcynmwKg-8kJLeAgfk_fco2l1tTaS-3NqeS6l3_A79YN_7d2Qh3uWxjlT-TIVbxbjtNih8K7q9MV&sai=AMfl-YR7Nzf183HMjk7bEXloHkNFMlSsMBcpVCIcupQoiMApdpaRo-HSGGlRnUqQ2dznGXsEvUvsi40OtrutWFpaj4ZymVqHyqPEpCnC9CJVpHSUSjm-0mhk_hgOp2HkJiXkDbLZbD6DBU8LEt3KAEs45w&sig=Cg0ArKJSzDp96Z3qzoHVEAE&cid=CAQSTwAvHhf_y15BXGBKz_QdrAzGqCZaJUlHkgvTVCxY5rFc8HSoS5_1bJ59rWm98iTwjV0IFUgGfR_RCi85AQsOpn1DxKWcUs3YboLou1NHgeYYAQ&id=ampim&o=1100,698&d=300,300&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=640&tls=1640&g=100&h=100&tt=1640&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
static.adsafeprotected.com/ Frame EEE8
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1852562/76760880/skeleton.js?adsafe_url=https%3A%2F%2Fwww.nytimes.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.nytimes.com%2F&adsafe_type=e&adsafe_url=https%...
  • https://static.adsafeprotected.com/skeleton.js
17 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
13.249.205.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-205-63.slc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 02:11:42 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 df0a4ea7de0fa05190904df4271e5d1e.cloudfront.net (CloudFront)
x-amz-cf-pop
SLC50-C1
age
7916421
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
i1T_th2_CWgWbAUL_29TJdghCh5kGVMDaI3ytyANGn9l3jGBEB9rmw==

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:02 GMT
server
nginx
x-server-name
app01.au.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 4367 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.205.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-205-63.slc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 11 Sep 2023 19:12:12 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 df0a4ea7de0fa05190904df4271e5d1e.cloudfront.net (CloudFront)
x-amz-cf-pop
SLC50-C1
age
7941591
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
64rAlc68N3AnBfU0stZPQbS3wQzi44tl492QZ98LuJcoTN_6F5C80Q==
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame F107 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/SYD_Water_Dishwasher_HTML5_970x250.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/SYD_Water_Dishwasher_HTML5_970x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 12 Dec 2023 17:12:02 GMT
SYD_Water_Dishwasher_HTML5_970x250.js
s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/ Frame F107 		46 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/SYD_Water_Dishwasher_HTML5_970x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/SYD_Water_Dishwasher_HTML5_970x250.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
sffe /
Resource Hash
8c5accbbca00d4eac05ee0bd2cbdd25bed8531894372cb122f5f74216508bfcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/SYD_Water_Dishwasher_HTML5_970x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 13:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11349
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 02:04:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 13:04:05 GMT
dt
dt.adsafeprotected.com/ Frame EEE8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1852562&asId=a68aeadc-84f4-f9bd-a417-6fbfa41129b4&tv=%7Bc:wDpZwJ,pingTime:-3,time:1116,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:1080%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1116,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1079,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B94~0%5D,as:%5B94~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYfjC21+11%7C12%7C1311%7C13121%7C13122%7C1313%7C1314%7C1315%7C1316%7C1317%7C1411%7C15%7C16*.1852562-76760880%7C161%7C162%7C163%7C17%7C18,idMap:16*,rmeas:1,rend:0,renddet:DIV,siq:1081%7D&br=c
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-142.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EEE8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1852562&asId=a68aeadc-84f4-f9bd-a417-6fbfa41129b4&tv=%7Bc:wDpZwK,pingTime:-6,time:1117,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1079,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B95~0%5D,as:%5B95~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYfjC21+11%7C12%7C1311%7C13121%7C13122%7C1313%7C1314%7C1315%7C1316%7C1317%7C1411%7C15%7C16*.1852562-76760880%7C161%7C162%7C163%7C17%7C18,idMap:16*,rmeas:1,rend:0,renddet:DIV,siq:1081%7D&tpiLookup=ao:www.nytimes.com*&br=c
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-142.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EEE8 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1852562&asId=a68aeadc-84f4-f9bd-a417-6fbfa41129b4&tv=%7Bc:wDpZwS,pingTime:-2,time:1125,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:146,bdZ:164,beA:235,beZ:236,mfA:1254,cmA:1255,inA:1255,inZ:1259,prA:1259,prZ:1309,si:1315,poA:1316,poZ:1333,cmZ:1333,mfZ:1333,loA:1352,loZ:1355,ltA:1359,ltZ:1359,mdA:237,mdZ:1229%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:1080%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1125,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1079,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B103~0%5D,as:%5B103~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYfjC21+11%7C12%7C1311%7C13121%7C13122%7C1313%7C1314%7C1315%7C1316%7C1317%7C1411%7C15%7C16*.1852562-76760880%7C161%7C162%7C163%7C17%7C18,idMap:16*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:1081,sinceFw:42,readyFired:true%7D&br=c
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-142.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Main970x250.jpg
s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/images/ Frame F107 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/images/Main970x250.jpg?1700700521954
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
sffe /
Resource Hash
d7d06304f40fe0cd8b8fa9e6a32073908bab2dbab7b5b3646b457e16ab7ecaa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/SYD_Water_Dishwasher_HTML5_970x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 13:04:05 GMT
x-content-type-options
nosniff
age
274077
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74665
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 02:04:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 Dec 2024 13:04:05 GMT
view
ad.doubleclick.net/pcs/ Frame EEE8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssxNi_2L5nbGE7c_9P42zIRY0JuFklk7-tY0_6FwjlNTmGCFbXi8VDxlX-U87ra1vhSlje9v4P9ta-e4SpD8g-9n4kqfQh3Jx17VtAqZHc8foeZm5hayxuZufjL_ioj-Qf2TsqYeggt8QaKOCFuO5-JlbppU9F3_H-5JLYOSoi5QCv1xYbQTx5PgmDS-s7HeFw43CnLqawnehCG4XnqOX5ikiKVtmq91rHjRz498VJSXCm61xjwyzCcFbizNd86T-vG8A5AYji4dSGcz5HM-D-1GEU-9fUsGFnbXfp6X5gOD22EqwCsD7ZFbI_x71a8-bdyLw-SXan-nduR1YUJhPU3C3GMvbBG6eP52Mcn7OSpnDtHyy9DWY47Kf-Wm_vSWca27ou6TrBlhSVeLHlVuqmylCXXY4UYmCasCeFHVyX9M9keBFGcDnx5q4zUVcqZt3FsjfBxvkiZtjwSFWYHjcP-bywyj3LVGmDGkSBMEvZ3z6jOsvqlBwyJ_iywLnR6Aomp7QJe7DrEXUJtX5EI6hYwkp0Fy_uXPXUCx305nYw0RDBoNhyV__8AVTroqmsvU0dHhW_FpeqkBA1dY2mJ7qRrIdljMEUrUPJXdrAosLVLtHmZc5e5369OipkhTFcxwoMAjzYCXUYknm_qRHtk1upcmRUq9uaEqd2o0lN2YBDjK5B8tOXrNg6LCtt13D756w-DKEyGTWHcETr6XLjaEtKb63vjPua7gsf_UiaeLWyRBENU0WqlhGe3MCgTr_eYMzTOyKKyznsKP8t3U3-YjMfrtD_Z2GEA_eYZZ_CarK9l2uhWTt2uR1tOPYSgmn328cHarAhTvfBRPrQMua5qSf6vAUa65FVMHNwafJfSbNtQooTgkyKIE3CxKm7JDWW297xhErtbGvuAtrms8D3wUUuXyesCiKqpMm5x-RJvC0daXZkUQVPbBCeTI0OppMdsgZxr1lK2AAzNfMm1RBUC-8waLUN3zB6z6xr1i0dTfqWLUnPzwYrzy6RlbyrgIZvMW2-V_AwTT8iSVEgcRvY-d1LPKNb6R0apE_Xirabg7B68GeGMsv2EJjCwHo9GMM_LdujHIC9WAE68etsqcMBEG2CV2NChMpJUpE8S3vwfKH6NFueGnvKKSgjlgGXdBEv2pWwu6e_vrE7O8lu8W0Hxt1Z0NAp1SJACKrzP8Wa92K3s4dYI7rY-ndoYrWqcOPcsiD6PG3BRcX2zO-CKc5BI4fR1qyI8Sj5HdsRn3OiQKXjgYtUlgCbA4297MtYcsE6RmMFA6QOkb5fUpilEK6NSImmxpyfcNb-BpzMnkdr5GhTQyZWtUQYDWlFUMuGXEnTTBaE9eH2lR73cSC5wT_z-XqxaCm0UgSLuPVS4qT5X--1m_17dSeXi5EjhiK0X1ycVehjnacftT08PxDeVAWn8PdgG4OBKUMjWOskyw7YKOgXqo3gCt_qneJvIxj-DlmDnZ7E7lg&sai=AMfl-YTDYiHePSo8TkV3xULl__dwbJzRyaoBQkf4R9i4zR0oerC0tI-HhfX1UmbWWmrFYQTyIybr2a0uFzC3LqGHE26U4jZJqThbShFMNoBh9e35se8bxIVlXNG2xpHtx1TteYa0lfYc5G99fis_r0ufDBHS7pmkSquue-xl_UkTOczNw4SEfUSBnk6gAIE-LfkSvxQgT0Bs8uEyWVa1mOHaP6sDJ0_spELJ6wd8KCuliOaM1y0lRhW0oR1zo0ioq3ovBGQnbLW9vxJAabUFMTJ7FdSj3iA7LCb_fiP_IJEqnjflvkEF7Et3PRpOgPxWosoV6kRAoOM4LbyZ3dkmSrKLEbwk83ycFh05fWmDd3GpdxM-VTKdQKDQrKjsqf_EpGfNwAcQAwtCTDwa0knA7XnMDVVPGbsYXpprRRIepY7d6_PYtGqkucAiQK1C8PsiUpYpt-85V9FfVSKnIOiO3hlyNQd2jnJNZ-nc0y6uNayQAhfPVYjkmF896wu2txRo--_D3CfdzbUJsCLgxg&sig=Cg0ArKJSzIINdgr-He3jEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zeWRuZXl3YXRlci5jb20uYXU&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1349&vt=11&dtpt=873&dett=3&cstd=467&cisv=r20231207.29085&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Steam300x250.png
s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/images/ Frame F107 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/images/Steam300x250.png?1700700521954
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.198 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f6.1e100.net
Software
sffe /
Resource Hash
8423998724e9f658de352932887d3052d50a8d2db138428989017be43d62e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9068869906007291383/SYD_Water_Dishwasher_HTML5_970x250/SYD_Water_Dishwasher_HTML5_970x250.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:01:02 GMT
x-content-type-options
nosniff
age
360660
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8875
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 02:04:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 07 Dec 2024 13:01:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=956673897408410&bg=!z8ylzIPNAAY3kmNgF5I7ADQBe5WfOBy-9DtrgCKBxu-mV1Gnk_Sr0CRG7wvH-oTQGauRF6s22RNkX4XO-Q5RZLGpMVyUAgAAAMFSAAAAAmgBB5kC661cuSj1mCgmWEgkxRAri4cJMBRVKmGMQGAXIa064KSU3SC0NkcYBEpOxhxL0tSkO1XmrXVgviR4OO4vrIMdqqGRF9bD_bBJDozjfSCM4ioTiqGhpTyuXofkEC8BSuVyCdUaSxdm54b8wPf_EHlLT3LzwyUXF_YkKB_TlblTHrSPbYakmUC5zwtPH46ZnvK2XBpN5EcMBEWohVmObGWwoXOEky1yRwSUloBmOxvaS9jdiZSYKm2ochCJhHbip-r59IwyX34R34YUTqIdS0l-4Ma3eIiJYqWf9xtPqOxmFJkygZJMQn9nZNcySXZ0rvj7wrZwAaq-X907i0pikMlXHIJeP5z3cPKXiLeS2rLo5rOU--ptxrcSm0xS53kU8i0HAXFBw2Bx2H8zsVa20wiS33DwFU_LCIYxUpm6_4L9w_VErmSGcYP7CYaPsH5jaLY4FHgWHvUG_1qcZzs82Cj76p68WcrPWKBroweqQzsij-XBNeIGc0SpDLnE8hCz66IeSFPOwU1AeBl2vlZ8HTI-TuWRJlpqnd3kMkqnPMiGjjcq0NWRyhlFydS5U6cXOr1Eo-af963jik-1hEJ93zgzhnCIgZbjy-ja8jqvSr96uHEyfrFyQXWioJuZYc7gLdRrieh9y5d0Y7erXfQxtBHngLmz80lBDDGGFzp2jCFiG_dfZqVl_x_5ZLwbzKYWZ804LOJxajmEMHs6kF9Hfea9ZG_q62SvuAbZmFo6DNLQP_UnST5hHYf_ryJa0Ma6x9ZL-CzREJN_YB-foTCSOiEq3J0g4ezM5X_lOjiiDf3FI8ueViZAJpeA_pOQ4QpUc0rFHeiTpWU-Ob9E5BiDlegmn4oEGO48n05_F3jU2GdzU2LAO8bunC7-8QdSIIj0jNNp_-blp5K9r_Zw5Ins2NjHuXJE0PxfXTq6iSQw6WPWMtovRJsxghXCw3sHaIPKpAL5r9S7UJlOmtgtM2M9mPGzrWJNacVVDwdidwXMRw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame EEE8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1852562&asId=a68aeadc-84f4-f9bd-a417-6fbfa41129b4&tv=%7Bc:wDpZAr,time:1346,type:e,im:%7Bimprf:%7Bttecl:1400,ecd:208,tsecr:22%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1346,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1079,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B324~0%5D,as:%5B324~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYfjC21+11%7C12%7C1311%7C13121%7C13122%7C1313%7C1314%7C1315%7C1316%7C1317%7C1411%7C15%7C16*.1852562-76760880%7C161%7C162%7C163%7C17%7C18,idMap:16*,rmeas:1,rend:0,renddet:DIV,siq:1081,sis:1312%7D&br=c
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-142.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EEE8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1852562&asId=a68aeadc-84f4-f9bd-a417-6fbfa41129b4&tv=%7Bc:wDpZEI,pingTime:-10,time:1611,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS43MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702401122934%7C%7C2ee67fc203c8fe65ff6d236d179e556f%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C9adbf9e8613914aa2a967bc4e6251dd4%7C%7Cf27f88e304303a6501f3dc4a4f8fd921%7C%7C45f4eb7aeeabeeac32125a8618074ce8%7C%7C591208822664bacc34201ea91285cc13%7C%7C8c7e9765790b54b5aedcf5a4a0895580%7C%7C1663701684%7D
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-142.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
server
nginx
x-server-name
dt27.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame EEE8 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_1smAsO7A4wJIOfz0Ck6pn_0VgZD8C6hJIftFXTxmAQyChPNTdmDT4melFCPNA6qUF7TEH_tXNiVJ2My2jYAEaapJDYgauJm-H72AmVHaM_3iE4zgxtZ8teqrKhcqiZ6YtM7mKYB-5D4&sai=AMfl-YRvfx3L7u5WuK_zHf-WaZ9TP4UIlkiLj0JyN2g39tKXnNiBHDtW1TsvlzzGFulfsE11mRM2RlHrBvUISh9CAsaBBokphVewL7A70zb4hLGeDMxvdlUBscWqioy2q5h3URHfyA2hQqXSyF-o717hUA&sig=Cg0ArKJSzKtr0DfDCDquEAE&cid=CAQSTwAvHhf_i3WxMnxUOTZ-Q47V7-Tz0b9nca_RGA3BewyflFA4FVLTQvh0524mpXKkcMqXZtGpUt581HPG7MVG0WVxi8XfymTlyRQv-vCsIycYAQ&id=lidar2&mcvt=1011&p=75,315,325,1285&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2614277642&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702401121090&rpt=946&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame EEE8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1852562&asId=a68aeadc-84f4-f9bd-a417-6fbfa41129b4&tv=%7Bc:wDpZNb,time:2136,type:e,im:%7Bpci:%7Btdr:1014%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:8,o:2128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1079,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1107~0,0~100%5D,as:%5B1107~970.250%5D%7D%7D,%7Bsl:i,t:2128,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B8~100%5D,as:%5B8~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:423,fm:tYfjC21+11%7C12%7C1311%7C13121%7C13122%7C1313%7C1314%7C1315%7C1316%7C1317%7C1411%7C15%7C16*.1852562-76760880%7C161%7C162%7C163%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:1081,sis:1312%7D&br=c
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-142.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cksync.php
cs.media.net/
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=A1cczI681Rd6iE5
53 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=A1cczI681Rd6iE5
Protocol
HTTP/1.1
Server
23.202.170.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-128.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:04 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
53
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 17:12:04 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:04 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0ad8138d56a9ec354@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=A1cczI681Rd6iE5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.med...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=855b41fc-b971-4e2a-9d72-cc82e2530243&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=
57 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=855b41fc-b971-4e2a-9d72-cc82e2530243&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=
Protocol
H2
Server
23.202.170.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-128.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 12 Dec 2023 17:12:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 12 Dec 2023 17:12:04 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=855b41fc-b971-4e2a-9d72-cc82e2530243&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1140177
content-length
0
expires
Tue, 12 Dec 2023 00:00:00 GMT
crum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0DB90CB79E914B9489B936A855371254
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0DB90CB79E914B9489B936A855371254
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66xzz9yfW%2FXKyLVPNGfwftz69iqvCRv%2FoHltC0ZdaqcWcteU%2B3YnTFy7imZyf%2Fn5qvECgL7Ln2rQP5dPU0YSgQJy4LJAeZ3oOZlAZXaa2gf6%2BXNYHz7Ru83htqxMqbOpRbhhzMgxSnTfgg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83479711f9175721-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 12 Dec 2023 17:12:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0DB90CB79E914B9489B936A855371254
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 11 Dec 2023 17:12:04 GMT
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Tue, 12 Dec 2023 17:12:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
cs.media.net/
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsi...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=450c4d13a7b61fa8&is_secure=true&version=1&networkId=57734&gdpr=%24%7BGDPR%7D&gdpr_consent=%24%7BGDPR_CONSENT%7D&redir=https%3A%2F%2...
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAALPyUwwsMvRgNL1z_SAAAAAAA&expiration=1702487525&is_secure=true&gdpr_consent=${GDPR_CONSENT}&gdpr=${GDPR}
53 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAALPyUwwsMvRgNL1z_SAAAAAAA&expiration=1702487525&is_secure=true&gdpr_consent=${GDPR_CONSENT}&gdpr=${GDPR}
Protocol
HTTP/1.1
Server
23.202.170.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-128.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:05 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
53
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 17:12:05 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:05 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAALPyUwwsMvRgNL1z_SAAAAAAA&expiration=1702487525&is_secure=true&gdpr_consent=${GDPR_CONSENT}&gdpr=${GDPR}
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
cs.media.net/ 		52 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync.php?cs=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.202.170.128 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-202-170-128.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Dec 2023 17:12:03 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
52
x-mnet-hl2
E
Expires
Tue, 12 Dec 2023 17:12:03 GMT
xuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=9c236645-aac5-44ec-acc2-69439e1f016b&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=9c236645-aac5-44ec-acc2-69439e1f016b&dongle=0cfd&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 12 Dec 2023 17:12:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=9c236645-aac5-44ec-acc2-69439e1f016b&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 12 Dec 2023 17:12:03 GMT
server
Kestrel
content-length
251
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=163427
  • https://ad.turn.com/r/cs?pid=1&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3029515200975040487&gdpr=&gdpr_consent=&us_privacy=
1 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3029515200975040487&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 12 Dec 2023 17:12:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3029515200975040487&gdpr=&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 12 Dec 2023 17:12:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pd
nytimes-d.openx.net/w/1.0/ 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nytimes-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame FDE1 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame FDE1 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54859182&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.83 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d76bb99d809a1d0e38a067aef0a868891d4bcdb3babca9e0c772309e2c2b204

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 12 Dec 2023 17:12:03 GMT
content-length
1210
content-type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ Frame EEE8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1852562&asId=a68aeadc-84f4-f9bd-a417-6fbfa41129b4&tv=%7Bc:wDq03c,pingTime:1,time:3129,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:1080%7D,%7Bpiv:100,vs:i,r:,t:2128%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:2128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1079,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1107~0,0~100%5D,as:%5B1107~970.250%5D%7D%7D,%7Bsl:i,t:2128,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:154,fm:tYfjC21+11%7C12%7C1311%7C13121%7C13122%7C1313%7C1314%7C1315%7C1316%7C1317%7C1411%7C15%7C16*.1852562-76760880%7C161%7C162%7C163%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:1081,sis:1312%7D&br=c
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-142.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:04 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EEE8 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1852562&asId=a68aeadc-84f4-f9bd-a417-6fbfa41129b4&tv=%7Bc:wDq03d,pingTime:1,time:3130,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:1080%7D,%7Bpiv:100,vs:i,r:,t:2128%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:2128,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1079,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1107~0,0~100%5D,as:%5B1107~970.250%5D%7D%7D,%7Bsl:i,t:2128,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:154,fm:tYfjC21+11%7C12%7C1311%7C13121%7C13122%7C1313%7C1314%7C1315%7C1316%7C1317%7C1411%7C15%7C16*.1852562-76760880%7C161%7C162%7C163%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:1081,sis:1312%7D&br=c
Requested by
Host: ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
URL: https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.170.142 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-170-142.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 17:12:04 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
track
a.et.nytimes.com/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/reviews/movies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
match
c1.adform.net/serving/cookie/ Frame C9F7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=
35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 12 Dec 2023 17:12:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 12 Dec 2023 17:12:05 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
ImgSync
image8.pubmatic.com/AdServer/ Frame 7491
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6825988506243253190&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7945162027332330560
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.79 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 12 Dec 2023 17:12:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 12 Dec 2023 14:09:20 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
x.bidswitch.net/ Frame 5621
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5d99b166-bfda-46d6-89cc-08284f2dc59d
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=5d99b166-bfda-46d6-89cc-08284f2dc59d
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4af2e288-8435-4a6a-b733-6b9f4962e332&user_group=1&ssp=pubmatic&bsw_param=5d99b166-bfda-46d6-89cc-08284f2dc59d
43 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4af2e288-8435-4a6a-b733-6b9f4962e332&user_group=1&ssp=pubmatic&bsw_param=5d99b166-bfda-46d6-89cc-08284f2dc59d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 17:12:05 GMT
Server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 12 Dec 2023 17:12:05 GMT
Location
//x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4af2e288-8435-4a6a-b733-6b9f4962e332&user_group=1&ssp=pubmatic&bsw_param=5d99b166-bfda-46d6-89cc-08284f2dc59d
Pug
simage2.pubmatic.com/AdServer/ Frame 6195
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0WaxX95nsFLKZrdU1zGrAYUw5FXKNbYG3jACJkV7
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3daa2b0f7ade1fbf&is_secure=true&networkId=17100&version=1&nuid=0C10E377-4130-4FAB-A688-B8BE568CAD10&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALR1EHPWPhvANWUls0AAAAAAA&expiration=1702487526&nuid=0C10E377-4130-4FAB-A688-B8BE568CAD10&...
42 B
375 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALR1EHPWPhvANWUls0AAAAAAA&expiration=1702487526&nuid=0C10E377-4130-4FAB-A688-B8BE568CAD10&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 12 Dec 2023 14:08:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Tue, 12 Dec 2023 17:12:06 GMT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALR1EHPWPhvANWUls0AAAAAAA&expiration=1702487526&nuid=0C10E377-4130-4FAB-A688-B8BE568CAD10&is_secure=true&gdpr_consent=&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 8A39
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXiUZQAGbD5MNgBd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 12 Dec 2023 17:12:05 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300072-BFI
x-timer
S1702401125.205527,VS0,VE126

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 12 Dec 2023 17:12:05 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZXiUZQAGbD5MNgBd
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bfi-krnt7300072-BFI
x-timer
S1702401125.990644,VS0,VE63
ImgSync
image8.pubmatic.com/AdServer/ Frame 135C
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=12omrhl1uoiw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.79 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

date
Tue, 12 Dec 2023 17:12:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 12 Dec 2023 17:12:05 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 94AF 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID0C10E377-4130-4FAB-A688-B8BE568CAD10
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 12 Dec 2023 17:12:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0438YMG08RXRZGPHNX1X
458249.gif
idsync.rlcdn.com/ Frame FDE1
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=0C10E377-4130-4FAB-A688-B8BE568CAD10
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDBDMTBFMzc3LTQxMzAtNEZBQi1BNjg4LUI4QkU1NjhDQUQxMBAAGg0I5KjiqwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=7fa2f97fb908b6a3d959c3af2d845f9fd4bd6588196876859225858e304ae519791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA3ZmEyZjk3ZmI5MDhiNmEzZDk1OWMzYWYyZDg0NWY5ZmQ0YmQ2NTg4MTk2ODc2ODU5MjI1ODU4ZTMwNGFlNTE5NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA3ZmEyZjk3ZmI5MDhiNmEzZDk1OWMzYWYyZDg0NWY5ZmQ0YmQ2NTg4MTk2ODc2ODU5MjI1ODU4ZTMwNGFlNTE5NzkxNDI2YjU0MTdkY2UyMRAAGgwI5ajiqwYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=72e9f4af-6ad2-4244-9422-977630d0c2a8
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=72e9f4af-6ad2-4244-9422-977630d0c2a8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:05 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 12 Dec 2023 17:12:05 GMT
via
1.1 google
strict-transport-security
max-age=31536000
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/458249.gif?partner_uid=72e9f4af-6ad2-4244-9422-977630d0c2a8
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
SPug
image4.pubmatic.com/AdServer/ Frame FDE1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0C10E377-4130-4FAB-A688-B8BE568CAD10&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nkDUcCNE2uX93jbHX21h9t92WhgUxA8-~A&gdpr=0
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nkDUcCNE2uX93jbHX21h9t92WhgUxA8-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
207.65.33.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nkDUcCNE2uX93jbHX21h9t92WhgUxA8-~A&gdpr=0
date
Tue, 12 Dec 2023 17:12:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
SPug
simage4.pubmatic.com/AdServer/ Frame FDE1 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 Saint Joseph, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:12:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| event object| documentPictureInPicture object| DD_RUM number| viHeadScriptSize object| NYTD object| vi boolean| hybrid function| initWebview function| nyt_et object| UnifiedTracking function| Abra object| swgUserInfoXhrObject object| dataLayer object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge function| onInitNativeAds object| webpackJsonp object| adClientUtils object| googletag object| AdSlot4 object| grumi object| apstag object| __preloadedData object| _aps boolean| apstagLOADED object| apscustom string| sov object| AdSlot object| win object| doc object| regeneratorRuntime function| setImmediate function| clearImmediate function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __SECRET_LIGHTS__ boolean| canTrackPerformance object| google_tag_manager object| google_tag_data object| nytAnalytics string| ddjskey object| ddoptions object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet boolean| NYT_VI_RENDERED object| selection boolean| initialDeviceTypeResizeCallback object| ggeac object| google_js_reporting_queue boolean| dataDomeProcessed object| dataDomeOptions undefined| google_measure_js_timing number| google_unique_id object| gaGlobal string| slotElement object| iterateSettings string| IterateObjectName function| Iterate string| subscriberInfo string| uType string| eduSubscriber string| userType string| surveyTriggerCookie object| params undefined| AIQ_DATA object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript undefined| Raven boolean| adBlockDetected object| ns_ boolean| hasStoppedMeasuringMessageSelectionRequest object| offerPresentation object| meter object| GoogleGcLKhOms object| brandmetrics function| __spreadArray object| _brandmetrics object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv boolean| hasStoppedMeasuringOfferPresentationRequest object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_577357 object| google_image_requests

128 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgkIOhCvzI74xTE=
.nytimes.com/ Name: nyt-a
Value: qUE_RwL60wgK0fa3xvfuR6
.nytimes.com/ Name: nyt-gdpr
Value: 0
.nytimes.com/ Name: nyt-purr
Value: cfhhcfhhhckfhdfsh
.nytimes.com/ Name: nyt-b3-traceid
Value: cf4a0de0dcef4cc89397f1cfcc898412
.et.nytimes.com/ Name: sessionActive
Value: true
.et.nytimes.com/ Name: sessionIndex
Value: 1|1702401119158|qUE_RwL60wgK0fa3xvfuR6|1702401119158
.et.nytimes.com/ Name: et-ppvid
Value: https://www.nytimes.com/reviews/movies=xpYl5WixUh2yY6PA2KSRXvTd
.scorecardresearch.com/ Name: UID
Value: 10B9df46f01a5f02c0c35891702401119
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.www.nytimes.com/ Name: datadome
Value: atDwAtRGpbIZKSzRN52BJb7uVUNf2Whw3a6xdkAEX_nvhlbYOxyFNW8tAaBxHJM45AN6dmbCIZkswiRRtWjGCR9DTQ407RhQby5kwOn62X9k56ZWDJYYzAwdVTN3u6zf
.3lift.com/ Name: tluid
Value: 2866959518845116034902
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1702401119947&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
a.nytimes.com/ Name: jkidd-s
Value: referrer=&landing=&start=1702401119947&isNew=1&pageIndex=1
a.nytimes.com/ Name: jkidd-p
Value: prevPage=&currPage=
.nytimes.com/ Name: _gcl_au
Value: 1.1.987187971.1702401120
.nytimes.com/ Name: purr-cache
Value: <K0<r<C_<G_<S0<a0<ua<T0
.adsrvr.org/ Name: TDID
Value: 9c236645-aac5-44ec-acc2-69439e1f016b
.nytimes.com/ Name: _cb
Value: jVu4eDCnsCADl3dAs
.nytimes.com/ Name: _chartbeat2
Value: .1702401120492.1702401120492.1.C2sRxRn566jfKuECQ5OjZDwlV3H.1
.nytimes.com/ Name: _cb_svref
Value: null
.rubiconproject.com/ Name: khaos
Value: LQ2LO7P9-1W-CLTP
.amazon-adsystem.com/ Name: ad-id
Value: A7gn90A4K00PoNM3QCcw5uw
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.nytimes.com/ Name: iter_id
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTc4OTQ2MGFlZjY4YTAwMDFhZjNjY2QiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzAyNDAxMTIwfQ.XEYm1Bl8Ds_BA6acW9OIz6QRI-UM3mFPKVbqAC8YkQw
.nytimes.com/ Name: __gads
Value: ID=f7118b470e31f67e:T=1702401119:RT=1702401119:S=ALNI_MaMccnDWC9SRE9zFBcM2a0Hed8sFA
.nytimes.com/ Name: __gpi
Value: UID=00000caad7045de4:T=1702401119:RT=1702401119:S=ALNI_MaCa7elNe7lYviz7DVrwX7wMzuy1Q
.media.net/ Name: visitor-id
Value: 3454027212889704000V10
.openx.net/ Name: i
Value: 9dca5465-71ce-072f-045d-7fb0742bfb11|1702401121
.casalemedia.com/ Name: CMID
Value: ZXiUYWhCAflCJ.Dm4-LGbAAA
.casalemedia.com/ Name: CMPS
Value: 5339
.casalemedia.com/ Name: CMPRO
Value: 5339
.adnxs.com/ Name: uuid2
Value: 6825988506243253190
.openx.net/ Name: pd
Value: v2|1702401121|jElYiuvOhI
.ladsp.com/ Name: cr
Value: 1
.ads.stickyadstv.com/ Name: UID
Value: 184c35d867d3d6f37c3b223d187fa6f
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZXiUYWhCAflCJ-Dm4_LGbAAAFNsAAAIB
.yahoo.com/ Name: A3
Value: d=AQABBGGUeGUCEHGxPtFCreEc18oL4Tliy38FEgEBAQHleWWCZdww0iMA_eMAAA&S=AQAAAr_aSJby8j5Tf7qynYB0-cg
.ladsp.com/ Name: smn_uid
Value: Y71kgwZaAfIy-_jJmVwC2RA8ZAvAd0I
.ladsp.com/ Name: lum
Value: CPG6jvjFMRIFCAMQ0AU
.doubleclick.net/ Name: IDE
Value: AHWqTUlo60v0Q3B3KfYOtrnpTEXMf4u5A1AD31jfo0unlHWKHK6XZ4pMofdsYkzZ
.hb.yahoo.net/ Name: visitor-id
Value: 3454027212889751000V10
.hb.yahoo.net/ Name: data-ttd
Value: 9c236645-aac5-44ec-acc2-69439e1f016b~~63
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0C10E377-4130-4FAB-A688-B8BE568CAD10
.doubleclick.net/ Name: DSID
Value: NO_DATA
.tapad.com/ Name: TapAd_TS
Value: 1702401121923
.tapad.com/ Name: TapAd_DID
Value: 81aa8fb6-c08a-48e4-9401-14de9cb00f27
.mediago.io/ Name: __mguid_
Value: 81fa84b7b55995c72k9oyp00lq2lo8l6
.bidr.io/ Name: bito
Value: AAGYq07K8SkAABRHtZPEoA
.bidr.io/ Name: bitoIsSecure
Value: ok
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8321
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAyNDAxMTIyfQ
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f924675-93a1-596c-7da8-efeb2dbc1690.8S6NTx51zXfmrng2kA7Gz1FHLMWcmx3RD44TlEbytLo
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f924675-93a1-596c-7da8-efeb2dbc1690.8S6NTx51zXfmrng2kA7Gz1FHLMWcmx3RD44TlEbytLo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AT5JGdZOhWWx9qO_rLbwWkELLcKE.aLAJ5k7N9KWx0YwG8MGLGFm8427KGOqlyLZu7oHttao
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AT5JGdZOhWWx9qO_rLbwWkELLcKE.aLAJ5k7N9KWx0YwG8MGLGFm8427KGOqlyLZu7oHttao
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILovhLiGAgKAdc7qBYyU4ubRjw4vi41nWfuYi8SK06g0EHwYBCDiqOKrBjABOgQtwj9GQgSKZL5s.y2l0%2B6Dx%2B1QhUpcOmd8q53bsDTFJYT%2FB4DOXDw59rHo
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKILovhLiGAgKAdc7qBYyU4ubRjw4vi41nWfuYi8SK06g0EHwYBCDiqOKrBjABOgQtwj9GQgSKZL5s.y2l0%2B6Dx%2B1QhUpcOmd8q53bsDTFJYT%2FB4DOXDw59rHo
.semasio.net/ Name: SEUNCY
Value: CAC5A4C677F9EBC6
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-9c236645-aac5-44ec-acc2-69439e1f016b&KRTB&22918-9c236645-aac5-44ec-acc2-69439e1f016b&KRTB&22926-9c236645-aac5-44ec-acc2-69439e1f016b&KRTB&23031-9c236645-aac5-44ec-acc2-69439e1f016b
.simpli.fi/ Name: suid
Value: 0DB90CB79E914B9489B936A855371254
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJB48_5mXeWPTmgSxaJHcT0&KRTB&23025-CAESEJB48_5mXeWPTmgSxaJHcT0&KRTB&23386-CAESEJB48_5mXeWPTmgSxaJHcT0
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 22a58dcc93797f85b66a8ba9ecb481f3
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:0DB90CB79E914B9489B936A855371254&KRTB&23486-uid:0DB90CB79E914B9489B936A855371254&KRTB&23489-uid:0DB90CB79E914B9489B936A855371254&KRTB&23539-uid:0DB90CB79E914B9489B936A855371254
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&2280b47a-e7ab-4dc4-88c8-d0fbceefc21c"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2699:u=1:x=1:i=1702401122:t=1702487522:v=2:sig=AQGbDJRRcfk29nyFadY0uFQvxx3I4PBW"
.rubiconproject.com/ Name: audit
Value: 1|AtoEs9YB3OiHB1cj8JMxhSnfaEUubx4aQyZVfR8INbFrLxq/6nQ6FZJYi/pNN15qZ7Dmn7238sswHTRO1/p4iHX0qfg68IpFQAPcN3ARK84ox8BT5QTphym7C3oAK3G2JX2oCsT/y5uA0ph1nCGTvQnRSm4COeBDGXoqGdnIIYjREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.connatix.com/ Name: cnx_userId
Value: 46f017f6625a45bfb9534b11cfb92a0f
.adnxs.com/ Name: anj
Value: dTM7k!M40]D>6NRF']wIg2E?ank[Sm!]tcc8i_iqf!oN/@E'zz<*Z0Q^K3F2=4+8/<tsu6JT_WsYp$40O5D.m1nyl+TD._*Pl[h>o'uTXn^*dj5#P2v(%]TD'.k]v$rm2k%wOxE>w-/6]F9Ts
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxRMkxPN1A5LTFXLUNMVFAiLCJleHBpcmVzIjoiMjAyNC0wMy0xMVQxNzoxMjowM1oifX0sImJpcnRoZGF5IjoiMjAyMy0xMi0xMlQxNzoxMjowM1oifQ==
.lijit.com/ Name: ljt_reader
Value: Hz0oEQZHLb5JHmi0T7OlPuwi
.lijit.com/ Name: _ljtrtb_80
Value: LQ2LO7P9-1W-CLTP
.sharethrough.com/ Name: stx_user_id
Value: 2fca2061-24ca-431f-a5b7-6bd1bd7a8da2
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCObDptjvz708EAUSGQoKcmlnaHRtZWRpYRILCObD6svvz708EAUSFQoGZ29vZ2xlEgsI6rD90u_PvTwQBRIVCgZjYXNhbGUSCwj2gsfR78-9PBAFEhgKCWJpZHN3aXRjaBILCP7T_dLvz708EAUSFwoIcHVibWF0aWMSCwisi6XV78-9PBAFEhQKBXRhcGFkEgsIvK2E2O_PvTwQBRIWCgdzdng5dDUwEgsI_Nqc6e_PvTwQBRgBIAEoAjILCLLRn5aG0L08EAU4AVoHc3Z4OXQ1MGAC
.primis.tech/ Name: csuuid
Value: 657894640bef9
.criteo.com/ Name: uid
Value: 855b41fc-b971-4e2a-9d72-cc82e2530243
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: 9TdHoUEXMW
.ads.pubmatic.com/ Name: KCCH
Value: YES
.media.net/ Name: data-c
Value: 855b41fc-b971-4e2a-9d72-cc82e2530243~~1
.media.net/ Name: data-c-ts
Value: 1702401124
.pubmatic.com/ Name: SPugT
Value: 1702401123
.w55c.net/ Name: wfivefivec
Value: A1cczI681Rd6iE5
.pubmatic.com/ Name: DPSync3
Value: 1702425600%3A248%7C1703548800%3A197_245_226_201%7C1702944000%3A164
.intentiq.com/ Name: intentIQCDate
Value: 1702401124506
.intentiq.com/ Name: IQPData
Value: 1120628897#1702401124504#0#1702401124504
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUeUZKY3JM
.bidswitch.net/ Name: tuuid
Value: 5d99b166-bfda-46d6-89cc-08284f2dc59d
.bidswitch.net/ Name: c
Value: 1702401124
.bidswitch.net/ Name: tuuid_lu
Value: 1702401124
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-xu
Value: A1cczI681Rd6iE5~~8
.analytics.yahoo.com/ Name: IDSYNC
Value: "1769~2fkh:19e0~2fkh:18z8~2fkh"
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6825988506243253190&KRTB&23339-6825988506243253190
.rlcdn.com/ Name: pxrc
Value: COSo4qsGEgUI6AcQABIFCOhHEAA=
.dotomi.com/ Name: DotomiTest
Value: 450c4d13a7b61fa8
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXiUZQAGbD5MNgBd
.ambientdsp.com/ Name: _aGeoIp
Value: AU-Sydney
.ambientdsp.com/ Name: _aUID
Value: 12omrhl1uoiw
.pippio.com/ Name: did
Value: qPosZVLK-Bq3biCO
.pippio.com/ Name: didts
Value: 1702401125
.pippio.com/ Name: nnls
Value:
.media.net/ Name: data-co
Value: AAALPyUwwsMvRgNL1z_SAAAAAAA~~8
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-12omrhl1uoiw
.pubmatic.com/ Name: PugT
Value: 1702401125
.quantserve.com/ Name: d
Value: ELgBCwHSKvijAA
.quantserve.com/ Name: mc
Value: 65789465-5130b-fbcb2-f0a9c
.pippio.com/ Name: pxrc
Value: COWo4qsGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 72e9f4af-6ad2-4244-9422-977630d0c2a8
.linksynergy.com/ Name: icts
Value: 2023-12-12T17:12:05Z
pool.admedo.com/ Name: tuuid
Value: 4af2e288-8435-4a6a-b733-6b9f4962e332
pool.admedo.com/ Name: c
Value: 1702401125
pool.admedo.com/ Name: tuuid_lu
Value: 1702401125
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-0WaxX95nsFLKZrdU1zGrAYUw5FXKNbYG3jACJkV7&KRTB&19420-0WaxX95nsFLKZrdU1zGrAYUw5FXKNbYG3jACJkV7&KRTB&22979-0WaxX95nsFLKZrdU1zGrAYUw5FXKNbYG3jACJkV7&KRTB&23462-0WaxX95nsFLKZrdU1zGrAYUw5FXKNbYG3jACJkV7
.rlcdn.com/ Name: rlas3
Value: 1rgl98mlLYxYLCwSwqYHKKLHtOsTRviRNCajJhQBMYs=
.adform.net/ Name: C
Value: 1
www.nytimes.com/ Name: _dd_s
Value: rum=0&expire=1702402018730
.turn.com/ Name: uid
Value: 3029515200975040487
.pubmatic.com/ Name: SyncRTB3
Value: 1703203200%3A63%7C1703548800%3A8_220_22_7_21_54_56_13_3_71_247%7C1702944000%3A223_2_15
.pubmatic.com/ Name: ipc
Value: 0^^2^0
.pubmatic.com/ Name: pi
Value: 0:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6

1 Console Messages

Source Level URL
Text
security warning URL: https://www.nytimes.com/reviews/movies(Line 207)
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accounts.google.com
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.com.au
als-svc.nytimes.com
c.amazon-adsystem.com
c1.adform.net
capi.connatix.com
cdn.ampproject.org
cdn.brandmetrics.com
ce.lijit.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
contextual.media.net
cr-p3.ladsp.com
cs.media.net
dd.nytimes.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ee93b0ef91dd8b3b4c6d5a48a707a0ea.safeframe.googlesyndication.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fw.adsafeprotected.com
g1.nyt.com
googleads.g.doubleclick.net
gw.geoedge.be
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
insight.adsrvr.org
iteratehq.com
jp-u.openx.net
live.primis.tech
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
medianet-match.dotomi.com
movies.nytimes.com
mwcm.nytimes.com
nytimes-d.openx.net
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
platform.iteratehq.com
pm.w55c.net
pnytimes.chartbeat.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
purr.nytimes.com
px.ads.linkedin.com
rtb.openx.net
rumcdn.geoedge.be
s.amazon-adsystem.com
s0.2mdn.net
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static01.nyt.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.intentiq.com
sync.mathtag.com
sync.srv.stackadapt.com
sync1.intentiq.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.datadoghq-browser-agent.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
x.bidswitch.net
sync.mathtag.com
103.229.10.171
103.43.90.54
104.18.41.104
104.26.12.18
104.26.6.229
107.178.254.65
119.9.108.180
124.146.153.169
13.107.42.14
13.112.196.236
13.224.181.56
13.249.205.63
13.251.160.207
13.251.194.25
13.35.147.120
13.35.147.55
142.250.204.1
142.250.66.194
142.250.66.198
142.250.67.2
142.250.71.70
142.250.76.98
142.251.12.84
142.251.221.65
142.251.221.66
142.251.221.68
142.251.221.72
151.101.129.164
151.101.193.164
151.101.194.49
151.101.65.164
172.217.167.66
172.217.167.97
172.217.24.38
172.64.151.101
172.67.71.156
18.138.18.111
18.143.106.89
18.67.107.130
18.67.109.223
18.67.111.52
18.67.111.56
18.67.113.158
18.67.114.43
18.67.172.126
18.67.93.59
18.67.97.42
182.161.73.146
185.84.60.20
20.50.2.28
207.65.33.76
207.65.33.78
207.65.33.79
207.65.33.82
207.65.33.83
209.191.163.210
209.54.182.161
23.202.169.82
23.202.170.128
23.202.170.74
23.206.242.194
23.48.96.232
34.111.113.62
34.120.63.153
34.217.170.142
34.227.121.59
34.98.64.218
34.98.67.3
35.186.253.211
35.208.249.213
35.213.12.39
35.236.220.17
35.244.154.8
35.71.131.137
44.226.14.255
50.112.118.45
50.116.239.135
52.220.248.255
52.223.2.229
52.64.207.62
52.94.222.140
54.184.86.91
54.224.142.7
54.250.210.41
54.251.55.122
54.255.162.48
67.199.150.86
69.173.158.64
69.173.158.65
8.43.72.97
89.207.22.108
0132703d78380e865750ae1766b6c0dc52a12744d86ec104c6e62f55e37b3abd
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
038b0e2fa00e5a0229b1703e199a5a635621d629dea5c116e65cccaf1d28f192
04b49f5baf81d7926c7bb55dab2664e41b0678903d10fa83bcb025f208049d08
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0d76bb99d809a1d0e38a067aef0a868891d4bcdb3babca9e0c772309e2c2b204
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
136dcb31043beb0b95b9c89fc057eb33af980177865a959f92e697ac7a7c8d78
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a5c9a9466a08d39f5b0bf9f6dd838103829a5c991a4dddddcd65ce1a33365bf
1ba304ba7fb22add131081d522fa06cd6b254e42c4615087527388f509cd75b7
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cf44638fc3bdd07abd9b6f74f2d77ef8f93ab6d40c7aec55a95b9764b30ab14
1ebad6a713e64e5567611156a53188efef6c3198a4b8efa32135373943ebf33a
1eddd4a8e44ddfa3f5f5aaae7e67df0ae12b8585dd27f8fef6268244ee21c50c
1fe37d55e6324e8660e627fdf1cd545c9a84f80963bc07f3a564434043650a09
27fa460085eee44b1379209277e8317ca1b659073697b4f21b793c5c6cc10dad
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
285f2e7f03b0a84bf4100707c1dce09102ff382566438a513774b3a0d5017ab5
2872a6283f92a0e48691020c8f3b4d021f42c03a7e2d4354c6a33ff8da206fe5
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3459a86a1a5a0ebefc38ba347c8eee86838664553d2732a9f0d75d9b474bab72
34f604ca35d040e0aef8f000c20100cfd44555b8e432b736206aac3695961060
36ee62cca7aa433c508adb8f937a5e1b73234257638e4297461d777f86fe8afc
3789b068b764553bdb096e6069d9ec02e59efa9932e306e163201845fdb1189b
38461bda57c16fd7a313569c9ec36326d5af8df58f203d92bbc54b7dd31c7a48
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3aadfe219dcb558e321a797516f4b2a58d1a224ba083f6b54f66ed43db7ba042
3dd9c8deec417c77b8b70e299a2de0746a2f264a8a1594f2edbc5d01840f875f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f770f537145bf6ca53f22706f1befe600243936bd5eb48eb4b18456cfca5fb3
3f7f6c5ca73e0ea765589cb559c1ac72908b05004a5805cc9face54eb1d89d6d
3fc18ac226a513695dd69231e13a1c8d2290269576ca3cec798e886ffd1a86be
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4439bb25479700274d60dc82ad93759b1aa270517358eacf8ad61526519a8278
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4a2ff29e2cc3d9c833beb07f7d14d2051a1b16bcce6294d9dc5cafd74be4f8b5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7204c838fc7192fecf7cb51593f1eab0b2ff6ed575b2a9605bf969ab313955
4cf6a4c9a640b9ac4ab7992db4914c018e8040c5583a33726f44bc29f68954d0
4dce82188087b5a879afaed84f7c41579a9ccd759994d30d908879edc355ca62
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51fc1736047ff5a2fb788cad8eead74e86e7549ba856df915c2722e4c0f00280
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c1c58d71465846b68c38303b47228dd7c2b44b9126a3a52008187af6229b5e
561a296975ac6ce51dd78f118d4b941a5098221cfe4ef331c21e1fd686a37ccb
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5b351d22312b1d88788135e41f661d7776b43fedffb796d496ec4ee5eec543cf
5b750ad75528313992ee4ce406d00306b1697afe1ff0a189529d7f7a479f3e08
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f4f1e81df489f3f780a530efdb335cbe594d4c6104c174d7a3222900ba0f4b6
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61051f2e018fa3f7db8101006a8f238bc93a3c362c42c8e522526eed7491d5a1
619941443030f85fe94c95469ef06ecc55642fdab86d48ea451c7cfdac26a100
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
643e0b10ac94d47e17f091339f81e2bc3c1c308c7c46e88970d0daf52ed01095
66526060b2ec171583eb8573415c1e2b455d38eef0e031cc740969d9378fe829
66a4d1ec139ad48e39f57871f592c61130e2d582b991701761ddfda15725fb3f
6ac43e68ea5836f342a79906bb4a50ad83d6abab8ee89de953a8a6f623f9bdf9
6d6c132acf75a3a1c8a16643582f26704523badbf97381455252c0a4fd38e636
6d7b5bbbb9dd319bafc96404c80302a96b5e9025e8fe580d3ef00d7a872e5d27
6ddc63a229a8099f2ba20fd1afc235ee0dc6feb4eca5d5b062fa8637bd33a455
6df254c03f837c5b9b44276033af04266c7efc991abd6af3c2cdd4becb653dfa
704e29a496dffcd529bf0518158c396756abf458723af40bb54273c931c8de65
705dbb724e908be15ccc80ccd3dcd3ff06a2f645c7d2bea782fcd5ea9c28a89b
75280955376c17fe081475abcf3c5d154a4710e2cdd23a5197a84104b61c7a9d
76e946e2c41355e093b26b984ce6558902c2b53f3235c73ce5e45465fc2645a9
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
7a01cec0fb3e7942142ff603214c2b4a107d084890618c6f4bd76af16d5bafa4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8423998724e9f658de352932887d3052d50a8d2db138428989017be43d62e233
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
87bcf4d71e214d38de6aad272a5f585178805e687ed91aca58533530fe0c678c
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8b53ef3431f4d54b21ac676fd38e0a45425ca800c1e0d453bc8f3c3e966b809f
8c5accbbca00d4eac05ee0bd2cbdd25bed8531894372cb122f5f74216508bfcc
8ce9a994ceb4f8cff9792b1d5488be268f344f049f965147471613951464bbe9
8d07ee45cc44c2e3bf79fb5088dcb9a1b6114d2a183fd4ce7506b9525defdca0
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
9323530e6508a9fe7bd1f49bdee67e8392f4ec8b0ba1f3ede5fc12eabd02d734
96da56b9234149ef5651f6257fa372471d8637d97e24e3d1d70e24df80598a42
9863e497691733db74131fb61099b6d3aad4198f442b261fd589ab6a96ab13d9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99c6eb6c3f17d69837d604201ac0453a5677eef91484aee37e72dff818ddadbc
9cbbc9595c107756d2886220e616c1789517f513ddd830ee9bc191187ea43296
9d05ae9b253cab83099387db0d3a4ec1c2be203c3738e2dcb74927c1fd6bc626
9d29bd3d743d6136eeaaa2f19ea175e6679f5c5d897c3b5c5c5caa7c265e3b2b
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9eb6dc8f7f2131a113368dabbffd002980143828f6ab5156fbea1cdb51e6703d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a17f20bbfa5057cf3aeb81d0c9ee465f8d612a38293fdf6e4a4f97fe3a2bef12
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a6a464e55b66da4ea128368c807cf47f6b05c8e939c8ca27a01e30e41f57a914
ab58c90a662cf700705e739676c14e82d7ab3e91ec18689f6f30daf88d8a2194
ac2cb6d1d2e31eab68e589b13017145e16f2b9ac161907ace66c0380b60bae7e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b070b333b6468bbf2e14770d4f3467d061f6d089f34a2a58d41d3d73e52259a9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b154fc6abe114f3ca580758bcd03328f51eb9d3564838bc9575cc547a170db56
b3bdf64ab3c7970c3e968d6bad647be95e6c8d83d52de3996a2d0abe91043854
b47db35446b173d14189841cb885bf0af9fac22ac8d80dfb4e4afb68a73a8bf1
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b7dd0d796ea75b97d7dc427f09eea71a66d046515c1537525e4cced8ecd3f167
b88234418e03da5eeb6e8c06d602609c727f514cb2776789e473f60797171d52
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf2a2e1214400d052638e4990e3ff758d9f60e08b8d411a3ffb44346679a637d
c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e
c1b82e758fd230ef611be3a397612d94ded6b2643d22199733db9a1d05d3a361
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c97bc6a34b621bdf788b8517c610b84546a94ae5dc63ca12bca410bc56cabaaf
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cf270229e004cc9e09e49f17fd5f5de7b0785b9352875f7f9ce4338837b491dc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7d06304f40fe0cd8b8fa9e6a32073908bab2dbab7b5b3646b457e16ab7ecaa4
d8f15d98f79fbe164f176ab67f494bc053de52751a8cb4253ae5357913913d92
daa4ac0962ba278be8aa5b9e6d94b4b32c7f9d56e9cf69aabbcaf5b874d50bb3
dc1d90421ae9ef59c90961bbe87b3067254e05bc7bed6ae8683e450fe7b06a4a
dee2c2bf669b3d2a92787b7c72f77d03f842499ddde93fdd471466c27ede1eb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e580b888ec2ff667515810611d279b0a9ccba891e80dbeb183ac6eea7e5526e1
e62ffba5308ed39f8267d444c8b04375caf88e0258d61e1d7ee89f4867178be1
e77556be87322bade8e837ccfae45cd8e787d9edef78dc03bf5ae7bac8607819
e7a31e9cd83fdacdc10fd448945aad36c523d1850db861bf6bc5118812dd9422
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed3fa5a98ddcb53d94a85530724f550300837c3c6a4a0595920f34ad0c2097b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8018ac0d5ade5c992dccb83915d04af94d42283dadbe071b57f058c27d126ee
fd525284112f344f5691447c129f249cf806916e594472a64848c21cac1d85c6
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54
ff323d92d4a186c9e369d2875d9d25c2afbcd2016bb9681ac6152fe2813dac13