chromecdn.shabani.store Open in urlscan Pro
2606:4700:3031::ac43:a3b6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://chromecdn.shabani.store/
Effective URL:
https://chromecdn.shabani.store/
Submission: On December 25 via api (December 25th 2023, 4:18:07 pm UTC) from NL — Scanned from NL

Summary HTTP 185 Redirects Links 276 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 26 domains to perform 185 HTTP transactions. The main IP is 2606:4700:3031::ac43:a3b6, located in United States and belongs to CLOUDFLARENET, US. The main domain is chromecdn.shabani.store.
TLS certificate: Issued by E1 on November 22nd 2023. Valid for: 3 months.

This is the only time chromecdn.shabani.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:218f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2606:4700:303... 2606:4700:3031::ac43:a3b6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
1	13.32.26.187 13.32.26.187	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
10	44.211.112.71 44.211.112.71	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:225... 2600:9000:2251:5000:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
4	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	143.204.215.30 143.204.215.30	16509 (AMAZON-02) (AMAZON-02)
2 4	18.245.60.107 18.245.60.107	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.39 99.86.4.39	16509 (AMAZON-02) (AMAZON-02)
5	52.222.192.64 52.222.192.64	16509 (AMAZON-02) (AMAZON-02)
5	2602:803:c003... 2602:803:c003:200::43	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.157.84.191 35.157.84.191	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2646:d600:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:c12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	34.226.90.84 34.226.90.84	14618 (AMAZON-AES) (AMAZON-AES)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::201b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:479c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:6e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2.19.100.239 2.19.100.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
185	41

1 2606:4700:3031::6815:218f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

chromecdn.shabani.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:3031::ac43:a3b6 (United States)

ASN13335 (CLOUDFLARENET, US)

chromecdn.shabani.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vp.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.26.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-26-187.fra56.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 44.211.112.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-112-71.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:5000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-30.fra53.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.60.107 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-39.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.192.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-192-64.cdg50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c003:200::43 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.84.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-84-191.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:d600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:c12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.90.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-90-84.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

nyt-dti-prd-staticjs.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:479c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:6e5 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.100.239 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-100-239.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

nytimes-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	nyt.com g1.nyt.com — Cisco Umbrella Rank: 9094 static01.nyt.com — Cisco Umbrella Rank: 7033 a1.nyt.com — Cisco Umbrella Rank: 7505 vp.nyt.com — Cisco Umbrella Rank: 15540	1 MB
37	shabani.store 1 redirects chromecdn.shabani.store	1 MB
18	nytimes.com a.et.nytimes.com — Cisco Umbrella Rank: 5692 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 6345 Failed als-svc.nytimes.com Failed www.nytimes.com — Cisco Umbrella Rank: 3174 dd.nytimes.com — Cisco Umbrella Rank: 8656 purr.nytimes.com Failed a.nytimes.com Failed meter-svc.nytimes.com — Cisco Umbrella Rank: 19205 static01.nytimes.com — Cisco Umbrella Rank: 12707	347 KB
13	googlesyndication.com e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	511 KB
9	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	77 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 8695	180 KB
6	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 6385 iteratehq.com — Cisco Umbrella Rank: 5693	32 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 537	4 KB
4	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 484 dsum.casalemedia.com — Cisco Umbrella Rank: 1364 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	1 KB
3	gstatic.com fonts.gstatic.com	44 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 nyt-dti-prd-staticjs.storage.googleapis.com — Cisco Umbrella Rank: 18149	6 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 2872 collector.brandmetrics.com — Cisco Umbrella Rank: 3177	20 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	674 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 93 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1498 cs.media.net — Cisco Umbrella Rank: 1381	1 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 695 nytimes-d.openx.net — Cisco Umbrella Rank: 14205	549 B
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 504 image8.pubmatic.com — Cisco Umbrella Rank: 661	160 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 592 eb2.3lift.com — Cisco Umbrella Rank: 372	747 B
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 3375	78 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	183 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 7123	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767	24 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 229	621 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1445	48 KB
185	26

	Domain	Requested by
37	chromecdn.shabani.store	1 redirects chromecdn.shabani.store rumcdn.geoedge.be www.datadoghq-browser-agent.com
35	static01.nyt.com	chromecdn.shabani.store rumcdn.geoedge.be
11	g1.nyt.com	chromecdn.shabani.store g1.nyt.com
9	a.et.nytimes.com	chromecdn.shabani.store www.datadoghq-browser-agent.com
6	tpc.googlesyndication.com	e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com rumcdn.geoedge.be
6	securepubads.g.doubleclick.net	chromecdn.shabani.store rumcdn.geoedge.be www.datadoghq-browser-agent.com e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com www.googletagservices.com
5	pagead2.googlesyndication.com	www.datadoghq-browser-agent.com tpc.googlesyndication.com www.googletagservices.com
5	fastlane.rubiconproject.com	www.datadoghq-browser-agent.com
5	aax.amazon-adsystem.com	www.datadoghq-browser-agent.com
4	iteratehq.com	www.datadoghq-browser-agent.com
4	sb.scorecardresearch.com	2 redirects chromecdn.shabani.store
4	samizdat-graphql.nytimes.com	chromecdn.shabani.store www.datadoghq-browser-agent.com
3	fonts.gstatic.com	fonts.googleapis.com
3	c.amazon-adsystem.com	chromecdn.shabani.store www.datadoghq-browser-agent.com
2	sync-tm.everesttech.net	2 redirects
2	dsum.casalemedia.com	2 redirects
2	vp.nyt.com
2	platform.iteratehq.com	chromecdn.shabani.store platform.iteratehq.com
2	fonts.googleapis.com	client e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
2	e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
2	cdn.brandmetrics.com	www.googletagmanager.com rumcdn.geoedge.be
2	a1.nyt.com	chromecdn.shabani.store www.googletagmanager.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	dd.nytimes.com	chromecdn.shabani.store www.datadoghq-browser-agent.com
2	rumcdn.geoedge.be	chromecdn.shabani.store rumcdn.geoedge.be
2	www.googletagmanager.com	chromecdn.shabani.store www.googletagmanager.com
1	nytimes-d.openx.net
1	dsum-sec.casalemedia.com
1	eb2.3lift.com
1	image8.pubmatic.com
1	cs.media.net
1	www.google.com	rumcdn.geoedge.be
1	nyt-dti-prd-staticjs.storage.googleapis.com	static01.nytimes.com
1	static01.nytimes.com	e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
1	www.googletagservices.com	e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	pnytimes.chartbeat.net	chromecdn.shabani.store
1	adservice.google.com	5290727.fls.doubleclick.net
1	static.chartbeat.com	chromecdn.shabani.store
1	meter-svc.nytimes.com	www.datadoghq-browser-agent.com
1	prebid.media.net	www.datadoghq-browser-agent.com
1	htlb.casalemedia.com	www.datadoghq-browser-agent.com
1	ib.adnxs.com	www.datadoghq-browser-agent.com
1	rtb.openx.net	www.datadoghq-browser-agent.com
1	hbopenbid.pubmatic.com	www.datadoghq-browser-agent.com
1	tlx.3lift.com	www.datadoghq-browser-agent.com
1	config.aps.amazon-adsystem.com	rumcdn.geoedge.be
1	www.nytimes.com	chromecdn.shabani.store
1	www.datadoghq-browser-agent.com	chromecdn.shabani.store
0	a.nytimes.com Failed	www.datadoghq-browser-agent.com
0	purr.nytimes.com Failed	www.datadoghq-browser-agent.com
0	als-svc.nytimes.com Failed	chromecdn.shabani.store
185	52

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com
cn.nytimes.com
cooking.nytimes.com
theathletic.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
shabani.store E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
nytimes.com Thawte RSA CA 2018	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2024-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.et.nytimes.com R3	`2023-11-12` - `2024-02-10`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-08` - `2024-04-06`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-12-24` - `2024-03-23`	3 months	crt.sh
meter-svc.nytimes.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2023-05-10` - `2024-06-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
iteratehq.com E1	`2023-11-22` - `2024-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://chromecdn.shabani.store/
Frame ID: ADD4256994739F390845E5335F2C9922
Requests: 157 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Frame ID: 9FF70E8F1FA6CE772A86AFDB3BF73A00
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJ-RtMf-qoMDFeRlkQUdiA4G_Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=1960846153.1703521081;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fchromecdn.shabani.store%2F
Frame ID: C2C09C6B44549ECD3448CB8A589BCB9D
Requests: 2 HTTP requests in this frame

Frame: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 181219D1DC40FD1B18535C613F2447D7
Requests: 1 HTTP requests in this frame

Frame: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 83EB8E369765536F9C15E2AF83F69F2A
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33CBFB2D43AE5DD6B25ED8CEC719E81E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 94C17C12D1155B9D3C2B873745C52B34
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The New York Times - Breaking News, US News, World News and VideosGroupGroupGroup

Page URL History Show full URLs

http://chromecdn.shabani.store/ HTTP 301
https://chromecdn.shabani.store/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

185
Requests

94 %
HTTPS

45 %
IPv6

26
Domains

52
Subdomains

41
IPs

5
Countries

4133 kB
Transfer

9533 kB
Size

21
Cookies

276 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/es/
Title: Español

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/todayspaper
Title: Today’s Paper

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/us
Title: U.S.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/nyregion
Title: New York

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/california-today
Title: California

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/education
Title: Education

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/obituaries
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/science
Title: Science

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/climate
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/upshot
Title: The Upshot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/magazine
Title: The Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/2024-election
Title: 2024 Elections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-supreme-court
Title: Supreme Court

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-congress
Title: Congress

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/joe-biden
Title: Biden Administration

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/donald-trump-investigations
Title: Trump Investigations

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/eric-adams-mayor-nyc
Title: The Eric Adams Administration

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/abortion-news
Title: Abortion in the U.S.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing
Title: The MorningMake sense of the day’s news and ideas.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/upshot
Title: The UpshotAnalysis that explains politics, policy and everyday life.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters
Title: See all newsletters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-daily
Title: The DailyThe biggest stories of our time, in 20 minutes a day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/election-run-up-podcast
Title: The Run-UpOn the campaign trail with Astead Herndon.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/podcasts
Title: See all podcasts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/africa
Title: Africa

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/americas
Title: Americas

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/asia
Title: Asia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/australia
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/canada
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/europe
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/middleeast
Title: Middle East

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/israel-hamas-gaza
Title: Israel-Hamas War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/ukraine-russia
Title: Russia-Ukraine War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing-europe
Title: Morning Briefing: EuropeGet what you need to know to start your day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-interpreter
Title: The InterpreterOriginal analysis on the week’s biggest global stories.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/australia-letter
Title: Australia LetterNews, features and opinion for readers in the region.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/canada-letter
Title: Canada LetterBackstories and analysis from our Canadian correspondents.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/economy
Title: Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/media
Title: Media

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/markets-overview
Title: Finance and Markets

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/dealbook
Title: DealBook

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology/personaltech
Title: Personal Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/energy-environment
Title: Energy Transition

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/your-money
Title: Your Money

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/economy-business-us
Title: U.S. Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/artificial-intelligence
Title: Artificial Intelligence

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/dealbook
Title: DealBookThe most crucial business and policy news you need to know.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/hard-fork
Title: Hard ForkOur tech journalists help you make sense of the rapidly changing tech world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts
Title: Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/books
Title: Books

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/books/best-sellers
Title: Best Sellers

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/dance
Title: Dance

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/movies
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/television
Title: Television

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/theater
Title: Theater

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/pop-culture
Title: Pop Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/t-magazine
Title: T Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/design
Title: Visual Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/best-of
Title: Best of 2023

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/awards-season
Title: Award Season

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/critics-picks
Title: Critic’s Picks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/books-to-read
Title: What to Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/what-to-watch
Title: What to Watch

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/playlist
Title: What to Listen To

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/10/27/arts/music/music-fivemins-collection.html
Title: 5 Minutes to Make You Love Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/read-like-the-wind
Title: Read Like the WindBook recommendations from our critics.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/watching
Title: WatchingStreaming TV and movie recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/book-review-podcast
Title: Book ReviewThe podcast that takes you inside the literary world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/popcast-pop-music-podcast
Title: PopcastPop music news, new songs and albums, and artists of note.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well
Title: Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/travel
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/style
Title: Style

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/realestate
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/food
Title: Food

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion
Title: Fashion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion/weddings
Title: Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love
Title: Modern Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-hunt
Title: The Hunt

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/social-qs
Title: Social Q’s

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-ethicist
Title: The Ethicist

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/eat
Title: Eat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/move
Title: Move

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/mind
Title: Mind

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/family
Title: Family

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/live
Title: Live

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ask-well
Title: Ask Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/open-thread-fashion
Title: Open ThreadThe latest news on what we wear, by our chief fashion critic.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/love-letter
Title: Love LetterReal stories of relationship highs, lows and woes.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love-podcast
Title: Modern LoveThe complicated love lives of real people.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion
Title: Opinion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/contributors
Title: Guest Essays

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/editorials
Title: Editorials

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/op-docs
Title: Op-Docs

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/opinion-video
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/letters
Title: Letters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/international-world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/business-economics
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/environment
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/culture
Title: Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/charles-m-blow
Title: Charles M. Blow

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/jamelle-bouie
Title: Jamelle Bouie

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/david-brooks
Title: David Brooks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/gail-collins
Title: Gail Collins

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/ross-douthat
Title: Ross Douthat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/maureen-dowd
Title: Maureen Dowd

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/david-french
Title: David French

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/thomas-l-friedman
Title: Thomas L. Friedman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/michelle-goldberg
Title: Michelle Goldberg

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/ezra-klein
Title: Ezra Klein

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/nicholas-kristof
Title: Nicholas Kristof

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/paul-krugman
Title: Paul Krugman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/carlos-lozada
Title: Carlos Lozada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/tressie-mcmillan-cottom
Title: Tressie McMillan Cottom

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/pamela-paul
Title: Pamela Paul

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/lydia-polgreen
Title: Lydia Polgreen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/bret-stephens
Title: Bret Stephens

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/zeynep-tufekci
Title: Zeynep Tufekci

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/matter-of-opinion
Title: Matter of OpinionThoughts, aloud. With Michelle Cottle, Ross Douthat, Carlos Lozada and Lydia Polgreen.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ezra-klein-podcast
Title: The Ezra Klein ShowDiscussions of ideas that matter, plus book recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/audio/app
Title: Download the Audio app on iOS.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-headlines
Title: The Headlines

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/podcasts/serial-productions.html
Title: Serial Productions

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/reporter-reads
Title: Reporter Reads

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/the-sunday-read
Title: The Sunday Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/10/19/podcasts/serial-kids-rutherford-county.html
Title: The Kids of Rutherford CountyA series about how one county illegally jailed children.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/audio
Title: AudioOur editors share their favorite listens from the New York Times Audio app.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription/all-access
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords
Title: Games

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/spelling-bee
Title: Spelling Bee

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/mini
Title: The Mini Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/wordle/index.html
Title: Wordle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/daily/
Title: The Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/vertex
Title: Vertex

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/connections
Title: Connections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/sudoku
Title: Sudoku

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/letter-boxed
Title: Letter Boxed

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/tiles
Title: Tiles

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/spelling-bee-forum
Title: Spelling Bee Forum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/daily-crossword-column
Title: Wordplay Column

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/wordle-review
Title: Wordle Review

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/article/submit-crossword-puzzles-the-new-york-times.html
Title: Submit a Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/puzzle-making
Title: Meet Our Crossword Constructors

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2022/09/19/crosswords/mini-to-maestro-part-1.html
Title: Mini to Maestro

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/upshot/wordle-bot.html
Title: Wordlebot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/gameplay
Title: GameplayPuzzles, brain teasers, solving tips and more.

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-recipes
Title: Easy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/dinner-recipes
Title: Dinner

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/43843372-quick-recipes
Title: Quick

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/healthy-recipes
Title: Healthy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/breakfast
Title: Breakfast

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegetarian
Title: Vegetarian

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegan-recipes
Title: Vegan

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-chicken-recipes
Title: Chicken

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-pasta-recipes
Title: Pasta

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/desserts
Title: Dessert

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/holiday-recipes
Title: Best Holiday Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-weeknight
Title: Easy Weeknight

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/32998034-our-newest-recipes
Title: Newest Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/2370458-one-pot-dinner-recipes
Title: One-Pot Meals

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/950138-amazing-slow-cooker-recipes
Title: Slow Cooker Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/comfort-food
Title: Comfort Food

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/entertaining
Title: Party Recipes

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/cooking
Title: The Cooking NewsletterCulinary inspiration from Sam Sifton and Melissa Clark.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-veggie
Title: The VeggieDelicious vegetarian recipes and tips from Tanya Sichynsky.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/five-weeknight-dishes
Title: Five Weeknight DishesDinner ideas for busy people from Emily Weinstein.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/
Title: Wirecutter

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter
Title: WirecutterReviews and recommendations for thousands of products.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/kitchen-dining/
Title: Kitchen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/electronics/
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/sleep/
Title: Sleep

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/appliances/
Title: Appliances

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/home-garden/
Title: Home and Garden

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/make-a-plan/moving/
Title: Moving

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/gifts/
Title: Gifts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/deals/
Title: Deals

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/baby-kid/
Title: Baby and Kid

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/health-fitness/
Title: Health and Fitness

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-air-purifier/
Title: Air Purifier

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-electric-toothbrush/
Title: Electric Toothbrush

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-pressure-washer/
Title: Pressure Washer

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-cordless-stick-vacuum/
Title: Cordless Stick Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-office-chair/
Title: Office Chair

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-robot-vacuum/
Title: Robot Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-recommendation
Title: The RecommendationThe best independent reviews, expert advice and intensively researched deals.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/clean-everything
Title: Clean EverythingStep-by-step advice on how to keep everything in your home squeaky clean.

Search URL Search Domain Scan URL

URL: https://theathletic.com/
Title: The Athletic

Search URL Search Domain Scan URL

URL: https://theathletic.com/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://theathletic.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://theathletic.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/premier-league/
Title: Premier League

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-football/
Title: NCAAF

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-basketball/
Title: NCAAM

Search URL Search Domain Scan URL

URL: https://theathletic.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://theathletic.com/womens-college-basketball/
Title: NCAAW

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/mls/
Title: MLS

Search URL Search Domain Scan URL

URL: https://theathletic.com/formula-1/
Title: Formula 1

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/nwsl/
Title: NWSL

Search URL Search Domain Scan URL

URL: https://theathletic.com/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://theathletic.com/tag/a1-must-read-stories/
Title: Must-Read Stories

Search URL Search Domain Scan URL

URL: https://theathletic.com/nfl/standings/
Title: NFL Standings

Search URL Search Domain Scan URL

URL: https://theathletic.com/5029170/2023/11/06/free-agents-mlb-list/
Title: MLB Free Agency

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-pulse
Title: The PulseDelivering the top stories in sports, Sunday to Friday.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-windup
Title: The WindupThe biggest stories in baseball, by Levi Weaver with Ken Rosenthal.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-bounce
Title: The BounceEssential NBA news from Zach Harper and Shams Charania.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/full-time
Title: Full TimeThe biggest women's soccer stories, from Emily Olsen, Meg Linehan & Steph Yang

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/world/europe/israel-airstrikes-gaza.html
Title: Netanyahu Visits Gaza After Attack That Palestinians Say Killed DozensPrime Minister Benjamin Netanyahu vowed to stay the course of the war.Gazan officials blamed Israeli airstrikes for the deaths, and Israel’s military said it was reviewing the episode.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/world/middleeast/saudi-arabia-yemen-houthis-gaza.html
Title: Hoping for Peace With Houthis, Saudis Keep Low Profile in Red Sea ConflictRiyadh is seeking to avoid another bloody clash with the Yemeni militia, which has sowed chaos by attacking shipping and firing missiles at Israel.6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/world/europe/popi-urbi-et-orbi-israel-hamas-gaza.html
Title: In his annual Christmas address, Pope Francis lamented the “appalling” loss of life in Gaza.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/world/middleeast/israel-economy-gaza-war.html
Title: Israel’s economy is expected to shrink two percent as workers are called up to fight or become jobless.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/12/24/climate/groundwater-crisis-chicken-cheese.html
Title: How America’s Diet Is Feeding the Groundwater CrisisAs dinner tables and snack menus feature far more chicken and cheese, farms are expanding where water is scarce.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/world/europe/ukraine-russia-christmas-ukrainian-orthodox-church.html
Title: Christmas Moves to Dec. 25 in Ukraine, Another Rebuff of RussiaThe Ukrainian Orthodox Church formally changed the date for celebrating, departing from the Russian tradition of celebrating on Jan. 7.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/world/europe/russia-navalny-found-prison.html
Title: Aleksei Navalny Found in Arctic Prison, Easing Fears Over His SafetySupporters of the Russian opposition leader lost contact with him 20 days ago, fueling concern about his health and whereabouts.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/us/harvard-corporation-claudine-gay.html
Title: Claudine Gay Turmoil Forces Harvard’s Secretive ‘Corporation’ Into SpotlightHarvard’s powerful board has backed its president and said little else, yet a member privately said “generational change” may be needed.7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/us/harvard-corporation-members.html
Title: Who are the members of the Harvard Corporation?4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/12/22/magazine/people-who-died.html
Title: The Lives They LivedTina Turner, Rosalynn Carter, Jerry Springer, Sinead O’Connor and Harry Belafonte were among those who died this year.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/us/politics/haley-iowa-super-pac.html
Title: Newly Flush With Cash, Nikki Haley Makes Her Move in IowaA super PAC backing the former governor of South Carolina plans to knock on 100,000 doors in Iowa, but it’s running out of time to spread her message.5 min read<img src="https://static01.nyt.com/images/2023/12/26/multimedia/26pol-haley-iowa-topart-zcmk/26pol-haley-iowa-topart-zcmk-threeByTwoMediumAt2X-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A person wearing winter gloves and holding campaign literature hangs a sign in support of Nikki Haley on the door handle of a house." class="css-122y91a"/>Jordan Gale for The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/business/media/movies-box-office.html
Title: 2023 Box Office Lessons: Audiences Sought Comfort, Skipped SpectacleMoviegoers flocked to Taylor Swift, “Barbie” and “Oppenheimer” but were cooler toward returning superheroes like the Flash, Captain Marvel and Aquaman.6 min read<img src="https://static01.nyt.com/images/2023/06/30/business/00franchises/00franchises-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration depicts the disembodied head of the Indiana Jones character shrinking as it moves left to right." class="css-122y91a"/>Cristiana Couceiro

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/technology/bitrush-bitcoin-cryptocurrency-china.html
Title: This N.Y.U. Student Owns a $6 Million Crypto Mine. His Secret Is Out.A legal dispute in a tiny Texas town reveals how Chinese nationals can move money to the U.S. without authorities in either country noticing.5 min read<img src="https://static01.nyt.com/images/2023/12/21/multimedia/00bitrush-01-flgc/00bitrush-01-flgc-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A spare landscape with rows of metallic structures." class="css-122y91a"/>Paul Ratje for The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/style/barbra-streisand-fashion-memoir.html
Title: Barbra Streisand Talks Style“I looked different, I dressed different,” the multi-hyphenate star said in her first interview on fashion.5 min read<img src="https://static01.nyt.com/images/2023/01/12/multimedia/streisand-style-top-wmqc/streisand-style-top-wmqc-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="In a 1960s portrait, Ms. Streisand wears a man-tailored glen plaid suit jacket and vest with a cream-colored shirt and narrow burgundy tie. Her brunette hair is cropped short. " class="css-122y91a"/>via Getty Images

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/12/15/travel/15-holiday-lights-quiz.html
Title: Do You See What I See? A Holiday Lights Quiz.Test your knowledge of festive displays around the world.<img src="https://static01.nyt.com/images/2023/12/18/multimedia/18Holiday-Lights-Quiz-01-lmqz/18Holiday-Lights-Quiz-01-lmqz-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="" class="css-122y91a"/>Hiroko Masuike/The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/opinion/doctors-false-hope-medicine.html
Title: <img src="https://static01.nyt.com/images/2021/04/23/opinion/daniela-lamas/daniela-lamas-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Daniela J. Lamas" class="css-122y91a"/>Daniela J. LamasCan Hope Ever Be a Form of Medicine?7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/opinion/global-immune-system-public-health.html
Title: <img src="https://static01.nyt.com/images/2023/12/25/opinion/25gawande/25gawande-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A sketch of a globe with a makeshift umbrella sitting on top of it." class="css-122y91a"/>Atul GawandeWhy the World Needs Its Own Immune System7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/opinion/editorials/weeping-beech-tree-ritual.html
Title: Jesse WegmanIn the Shelter of a Weeping Beech6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/opinion/christmas-jesus-wept-compassion.html
Title: <img src="https://static01.nyt.com/images/2015/03/16/opinion/Wehner-Peter-circular/Wehner-Peter-circular-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Peter Wehner" class="css-122y91a"/>Peter WehnerThis Is Why Jesus Wept6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/opinion/christmas-holidays-family.html
Title: <img src="https://static01.nyt.com/images/2023/12/25/opinion/25mccaulley-image/25mccaulley-image-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration of two men in an argument, seen from the outside of building through two windows. It’s snowing outside." class="css-122y91a"/>Esau McCaulleyWhy Arguing Is My Cherished Holiday Tradition5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/opinion/frederick-cook-explorer-scammer.html
Title: Allegra RosenbergThe Polar Explorer, and Scammer, Who Should Be an American Hero6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/opinion/food-comfort-processed.html
Title: <img src="https://static01.nyt.com/images/2023/12/23/opinion/23opinions-rivera-image/23opinions-rivera-image-square640.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A hand holds a hamburger." class="css-122y91a"/>The OpinionsAudioThe Yearning for a McNugget From My Youth7 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/opinion/culinary-diplomacy-state-dinners.html
Title: Alex Prud’hommeDiplomacy Is Best Conducted at the Dinner Table6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/opinion/letters/the-controversy-over-tongue-surgery-for-infants.html
Title: Letters From Our ReadersThe Controversy Over Tongue Surgery for Infants5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2022/10/18/opinion/svonni-swedish-tax-agency-sami.html
Title: Maria FredrikssonMy Mother and the Swedish Tax Agency Are in a Fight Over Our Reindeer-Herding Dog1 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/opinion/pain-crisis-opioid-addiction.html
Title: Maia SzalavitzWhy Don’t We Care About Pain?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/opinion/fairytale-new-york-the-pogues.html
Title: Darran Anderson‘Fairytale of New York’ Isn’t Like Any Other Christmas Song5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/opinion/gaza-city-palestine-war.html
Title: Yahya R. SarrajLet Me Walk You Through the Gaza I See Today3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/opinion/goodreads-books-reviews.html
Title: Maris KreizmanLet’s Rescue Book Lovers From This Online Hellscape5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/opinion/theres-not-just-one-way-to-be-japanese.html
Title: Shina Peng and Ema Ryan YamazakiJapanese Society Is Evolving. So Are Its Views on Race.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/opinion/parenting-stinks-joy.html
Title: Karen KicakI Used to Write Jokes About How Parenting Is Terrible. Then I Had My Daughter.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/briefing/holiday-games.html
Title: <img src="https://static01.nyt.com/images/2022/03/15/multimedia/the-morning-icon/the-morning-icon-square320.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A dark yellow circle against a light yellow background with the words "The Morning" written in black on the top left." class="css-122y91a"/>The MorningEnjoy this selection of games and music for the holiday.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/25/us/george-gascon-los-angeles-district-attorney.html
Title: In L.A. District Attorney Race, Rhetoric Shifts From Reform to FearGeorge Gascón is running for re-election in a changed climate, where concerns about crime have overtaken demands for equity and accountability.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/world/europe/rivesaltes-camp-france-algeria-harkis.html
Title: An Abandoned Cemetery Highlights a Painful Colonial Episode for FranceFamily groups have been calling for the excavation of land believed to hold the bodies of at least 50 Algerian children who died in internment camps.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/23/books/banned-picture-books.html
Title: Are These Topics Too Adult for the Youngest Readers?Here’s a look at books that have been banned at least once in a public school district, and what their critics found objectionable.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/24/science/space/astronomy-black-holes.html
Title: <img src="https://static01.nyt.com/images/2023/12/26/multimedia/00SCI-BLACKHOLE-fvtm/00SCI-BLACKHOLE-fvtm-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A composite image shows a field of stars and galaxies littered across space with large purple clouds center left and a smaller purple cloud at right. Two inset detail images of a small portion of the image highlights a purple dot identified as a black hole and the other a small reddish dot identified as a black hole host galaxy." class="css-122y91a"/>X-ray: NASA/CXC/SAO/Ákos Bogdán; Infrared: NASA/ESA/CSA/STScIHow to Create a Black Hole Out of Thin AirBlack holes were thought to arise from the collapse of dead stars. But a Webb telescope image showing the early universe hints at an alternative pathway.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/23/style/christmas-wedding-holidays.html
Title: Hannah Beier for The New York TimesIn the ‘Christmas City,’ Yuletide Weddings Are the Main EventFor couples looking to recreate a Hallmark Christmas movie setting, the Historic Hotel Bethlehem has become a popular destination for holiday nuptials.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/15/nyregion/new-york-city-auction-dcas.html
Title: Reporter ReadsStill Need a Gift? N.Y.C.’s Detritus Is Up for Auction9 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/11/realestate/christmas-lights-world-record-ny.html
Title: Reporter ReadsThey Hold a World Record for Their Light Show16 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/07/05/podcasts/the-gift-of-holiday-men.html
Title: Modern LoveThe Gift of Holiday Men11 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/12/23/podcasts/it-wouldnt-be-make-believe-if-youd-believe-in-me.html
Title: This American LifeIt Wouldn’t Be Make-Believe if You’d Believe in Me61 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/connections-companion
Title: Connections CompanionIn case you need some puzzle help.<img src="https://static01.nyt.com/images/2023/10/19/crosswords/19connections-column-133/19connections-column-133-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration of a person giving a figure a thumbs up." class="css-122y91a"/>

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2023 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/cookie-policy#how-do-i-manage-trackers
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/ca/
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/international/
Title: International

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription?campaignId=37WXW
Title: Subscriptions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://chromecdn.shabani.store/ HTTP 301
https://chromecdn.shabani.store/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1703521080115&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fchromecdn.shabani.store%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1703521080115&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fchromecdn.shabani.store%2F&c9=

Request Chain 120

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=1960846153.1703521081;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fchromecdn.shabani.store%2F HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJ-RtMf-qoMDFeRlkQUdiA4G_Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=1960846153.1703521081;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fchromecdn.shabani.store%2F

Request Chain 157

https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

Request Chain 185

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0&_test=ZYmrPAAJmrFnZwBH HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZYmrPAAJmrFnZwBH&gdpr=0&_test=ZYmrPAAJmrFnZwBH

185 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
chromecdn.shabani.store/
Redirect Chain

http://chromecdn.shabani.store/
https://chromecdn.shabani.store/

702 KB
107 KB

132ms
60ms

Document
text/html

2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75137550e4bc1f061586fb99d8cb98b789c6caec1b4e168720d6dcd42b93d8f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 36
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=30,no-cache
cf-cache-status: DYNAMIC
cf-ray: 83b265ba5e100b4a-AMS
content-encoding: br
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Mon, 25 Dec 2023 16:17:59 GMT
last-modified: Mon, 25 Dec 2023 16:15:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGglbNpvTXSLxQ3WR8UaY%2FF10GJpCe5%2FdWA%2FWQCdKQNtQCEkWi3zcNCojVwjIqbD1AYomgUfr2Ztb4vubInTdm4RwZuwRghqcugT4iXuubN%2Bu39guvjmiOVGsBPNQSePptkUH7ZR9HxwcAusd9C%2Ba00qAeu73g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 0f289cc8d6f644eb8d41cd2f8c07fcb1
x-cache: HIT, HIT
x-cache-hits: 5, 1
x-content-type-options: nosniff
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Mon, 25 Dec 2023 16:15:02 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: homepage
x-origin-time: 2023-12-25 16:15:12 UTC
x-pagetype: vi-homepage
x-served-by: cache-lga21967-LGA, cache-ams21030-AMS
x-timer: S1703521079.444337,VS0,VE3
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 83b265b9ae485c49-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 25 Dec 2023 16:17:59 GMT
Expires: Mon, 25 Dec 2023 17:17:59 GMT
Location: https://chromecdn.shabani.store/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmG0VdnlfbD%2BywR9PpYFB32KobSGgTX3y95sXLtxZsgA5xbxywZ2cqHGVrishbZsQ1g4KQVRyWuUz0Yjq8GpAXAnVQLFJBJAi%2FtqZDcE%2FJuagdm6RHj%2BsEGhchjdP5nPgxpFpqrju7foqST6pTnX6%2F0xQvn3QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 138ms
34ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Nov 2024 22:14:41 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2484199
x-guploader-uploadid: ABPtcPq8niU0w42zfaeaMEr1NvJhgqmmL7CuDBebZ4HrNapa7Ae8Y5fIIt-0IVrGLLRtMbbIur4pXLCYmQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9868
x-served-by: cache-ams21072-AMS
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1703521080.616589,VS0,VE0
etag: "b79308aee772cf8921761a4fdb884fe5"
vary: Accept-Encoding
x-goog-generation: 1673991774978541
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 18882

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
chromecdn.shabani.store/vi-assets/static-assets/ 6 KB
3 KB 58ms
55ms Stylesheet
text/css 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycdtEGeLr7IdeWmgQDyJP2JfDId1sweC9qdeKeEDA7H5RO_Rv24Dh2i0hQlK8xoGS70bhTrpJleAWAmjxTueEjeS5xE7c2hLa
x-goog-stored-content-encoding: identity
x-origin-time: 2022-10-24 22:53:01 UTC
x-served-by: cache-ams21056-AMS
x-timer: S1703521080.534867,VS0,VE1
etag: W/"e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1666410832896313
content-type: text/css; charset=utf-8
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 22278
expires: Tue, 24 Oct 2023 22:53:01 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Oct 2022 22:47:42 GMT
server: cloudflare
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84ukeHGJICVIbtYv0NbKW3uSXtguG36%2FBVMXrBo%2F8TyP6vAyZBDoxbbrLAkUUTgHVUZIg34TD9idiV2Bs8egTkbkM3k1aHwXl10QDB361mhnRPoqvJ%2BUH2ZeFpQqG7X%2BnmWRbCnp54eBywf0yir8skCgx2hYPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 5656
cf-ray: 83b265bafec80b4a-AMS

GET
H3 200 adslot-fc0f7e331087dfa9b3b7.js Show response
chromecdn.shabani.store/vi-assets/static-assets/ 23 KB
9 KB 87ms
81ms Script
application/javascript 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/adslot-fc0f7e331087dfa9b3b7.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86b7e85d953eeaa975f082eddc76b211336c93df749dad4d292663c107c98e57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPpRty97oz0GGDlicCQFDYbHekSKpY09_tKM1QZzkDu6MgBQt9UJaYadC4_RucfXeTRu36vSCBwDcw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-19 17:50:55 UTC
x-served-by: cache-ams21049-AMS
x-timer: S1703521080.694015,VS0,VE1
etag: W/"71f457ad10d0779751e340b536dfb1ef"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1703008114304913
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-fc0f7e331087dfa9b3b7.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7769
expires: Wed, 18 Dec 2024 17:50:55 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Dec 2023 17:48:34 GMT
server: cloudflare
x-goog-hash: crc32c=3AOzsg==, md5=cfRXrRDQd5dR40C1Nt+x7w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRW3ZYvNJIeLEfLgOG%2BhyeOKB%2BgdgIoB%2Bnv50VDXapE18hRZRfUStB9p1A5BejTONh1jkuXe0T%2FcIbMkL8kHLRk9Myy8xFdGDNiexJHi757gQcNKi9oK8JhqEl67eADcAHl6lv31kU5E%2BqiLZYAK%2BFMFv8kTjw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 23084
cf-ray: 83b265bbeaab0b60-AMS

GET
H2 200 icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp
chromecdn.shabani.store/vi-assets/static-assets/ 986 B
2 KB 68ms
67ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63cd01bf8a87ddc8a07e6491ea1ab7bb28613587cfddd7c9664dda47f71dcda3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPp8gNogJszrRFM5UcmQtWd3CgS5YjIGABQUWkEbK4GJAAbXDReCo2FTVzFjwgiwV0g4Djg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-28 22:54:53 UTC
x-served-by: cache-ams21071-AMS
x-timer: S1703521080.545979,VS0,VE1
etag: "bfcd0980517659122c43c38b3e4e9a02"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1701212037201797
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4839
expires: Wed, 27 Nov 2024 22:54:53 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 986
last-modified: Tue, 28 Nov 2023 22:53:57 GMT
server: cloudflare
x-goog-hash: crc32c=chcsKA==, md5=v80JgFF2WRIsQ8OLPk6aAg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPXj0WjswLLt71D%2BHKio2VHXz8vMd0REa16CllCTdzvinaORdnEubDs7xh8nOxz1sM0X4OtfFsWuypH%2Bjs4Yy8O%2Bigs0crvuoP%2FsyhtBsBSGEXUfa4sPWqe8gpOns7t93wnTo%2F6AhmpSHbmsMs0AdZtmdCTyCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 986
accept-ranges: bytes
cf-ray: 83b265bafecc0b4a-AMS

GET
H2 200 icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp
chromecdn.shabani.store/vi-assets/static-assets/ 696 B
2 KB 76ms
75ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e58c4c90b85eda4055a5b30fe55ef60cbcf6ea093311f2ff38861c7b4fe448a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrZxeUSQt0YeIIy2Nif7pBvEh3Bk_07SMFGeLVQZ4kpauKGem6E3tMuZsIf3DNnA5kbAVk
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-28 20:36:10 UTC
x-served-by: cache-ams21057-AMS
x-timer: S1703521080.545342,VS0,VE1
etag: "2437584c92e9c7204837b9eb1745bc86"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1701203492260746
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 8173
expires: Wed, 27 Nov 2024 20:36:10 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 696
last-modified: Tue, 28 Nov 2023 20:31:32 GMT
server: cloudflare
x-goog-hash: crc32c=hF6+VA==, md5=JDdYTJLpxyBIN7nrF0W8hg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j06cK6xvcgQ7gOZBnG2tc7cBrvSoS3hakEKuoxvwaeID6EiHJvuRmuAt0kIro3DjxszjOAXJAimdWFKqW4831scsKr13s9ztOXnhENbSDmHqt0xvqwkfi6XLHpuouqEgMGpHkOLsepJPtceETAxvCGtpE78%2BQA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 696
accept-ranges: bytes
cf-ray: 83b265bafecd0b4a-AMS

GET
H2 200 the-daily-album-art-square320-v5.jpg
static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/ 4 KB
4 KB 68ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/the-daily-album-art-square320-v5.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

66debd0db62a3f53e72503a053f862b586a886e6a399fd8243b5e0180d304dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 29 Sep 2023 10:45:09 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300715
age: 466757
x-guploader-uploadid: ADPycdvtmUFuH2IqGtRydqdk8XMfHW3aPOf2BbKd23GoBIcmbIB_o4L228iF-n8prhSUTQVLZqZ3zeYd5HK9eTRe4fWr2A
x-cache: HIT, HIT
fastly-io-info: ifsz=15986 idim=320x320 ifmt=jpeg ofsz=3614 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3614
x-served-by: cache-iad-kcgs7200066-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.616583,VS0,VE0
etag: "HnnVz93O4bK0D9Smvlwnf0lv96YmNmLNlX7IWtdXh7Q"
vary: Accept
x-goog-generation: 1688068264438165
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=JiXB7Q==, md5=PfDXw6toN2ZQvpOKxIlHug==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 15986
x-amz-checksum-crc32c: JiXB7Q==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 834, 1197

GET
H2 200 the-run-up-album-art-thumbLarge.jpg
static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/ 5 KB
6 KB 60ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/the-run-up-album-art-thumbLarge.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 04 Oct 2023 07:17:37 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300720
age: 346914
x-guploader-uploadid: ADPycdtHTcE6oJpJUyUJnS6FTqtIPAzmrvyHf2ozzBd7EyI2NabnUMlD_D4MBVpxerg89VPOoGGvALuUGSQuPelDzTjXtQ
x-cache: HIT, HIT
fastly-io-info: ifsz=13823 idim=150x150 ifmt=jpeg ofsz=5314 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 5314
x-served-by: cache-iad-kiad7000132-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.616568,VS0,VE0
etag: "hoyyH5q1+NTFT41vUc5DQY1n5mPXI75JtPWFn4Jaf4Q"
vary: Accept
x-goog-generation: 1688683994203172
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=10HhSg==, md5=VVlpmckmFDe4+jzoN3ttXQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 13823
x-amz-checksum-crc32c: 10HhSg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5558, 770

GET
H3 200 icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp
chromecdn.shabani.store/vi-assets/static-assets/ 676 B
2 KB 63ms
62ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01bb7101c3b034d4e913bdc36280e1a3034d84ab1f8ab674e0d43e75f20e229

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqM3QQW6ZarnoLv5zV-9-i68UE5bFM55ux1UBLGiuuRPQ73wipa5WXRVtQ2EB4OCX_m6oA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-29 01:12:26 UTC
x-served-by: cache-ams21077-AMS
x-timer: S1703521080.684072,VS0,VE1
etag: "07aebeb8fa8f52b4cc27a52f35fbb07e"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1701216243016074
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 8182
expires: Thu, 28 Nov 2024 01:12:26 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 676
last-modified: Wed, 29 Nov 2023 00:04:03 GMT
server: cloudflare
x-goog-hash: crc32c=VLRZ1Q==, md5=B66+uPqPUrTMJ6UvNfuwfg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F67yoVnlrn4v3If%2Fuffad7COjtkGvsm6tFGjlyTgN%2BcyYwL2SIqzH1eOwPcd76mZ21bQ0npvQ8Y0bGnfiiObOjb1jSKwWsvAIY1P4Er7c7quJVUSnh2UGXQ%2FuYpyUrzkXIMbZukJJFU%2Bo6f2MVRpXbBh5tSkKg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 676
accept-ranges: bytes
cf-ray: 83b265bbdaa00b60-AMS

GET
H3 200 icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp
chromecdn.shabani.store/vi-assets/static-assets/ 1 KB
3 KB 89ms
84ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de417027b3c04d64f0f0e42493e0cb5a6936609eb56f6f0440580a191d6d6b2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPp9U2bLjHJ_Dt_IWhhr1KqZgAaevCI1AxGx4I6WIcMKafWoC2UxS9zL5PdvoyQrb2D27HWxKuuheA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-14 00:31:43 UTC
x-served-by: cache-ams21051-AMS
x-timer: S1703521080.690442,VS0,VE1
etag: "c00e7e36e294d9f8e173eb4405f1af3a"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1702508054842453
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4904
expires: Fri, 13 Dec 2024 00:31:42 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1336
last-modified: Wed, 13 Dec 2023 22:54:14 GMT
server: cloudflare
x-goog-hash: crc32c=5qx58A==, md5=wA5+NuKU2fjhc+tEBfGvOg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHHMkiDDnP5QN3E68kdwMNky%2FboAQu3CsC%2BnMTZ0e7%2FkPeQBfZtDhs3toftgeNyIMY2wv9MLQVv3CL5YQqwQtrWZm2Ex%2B%2FFxOsUjy0bnOlzDb76vIybHSr0%2Bb93XJWM1vfGNErERH4JPxgg9mqLjnygWJhZUnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1336
accept-ranges: bytes
cf-ray: 83b265bbeaad0b60-AMS

GET
H3 200 icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp
chromecdn.shabani.store/vi-assets/static-assets/ 862 B
2 KB 113ms
107ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcb0ab4f6d3a4da0916061428974c4e222922d127a1da82f2e79173fa2fea1ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpUzZ_zZ53lkPLvlIU1yAZLpztZHx98HZB5tq1y9epBWqh7wP9HzN0jfMzH5hMbTHEth3VGXDDmCA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-09 23:24:09 UTC
x-served-by: cache-ams21054-AMS
x-timer: S1703521080.717346,VS0,VE1
etag: "ac88f362d87d31af374e54b4f1bdc6e3"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1699569163465360
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 18932
expires: Fri, 08 Nov 2024 23:24:09 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 862
last-modified: Thu, 09 Nov 2023 22:32:43 GMT
server: cloudflare
x-goog-hash: crc32c=4mYSIg==, md5=rIjzYth9Ma83TlS08b3G4w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7g5067h0K%2FRICc1sGP0qQ%2FX23Nq%2FaOaB58u5hAnuJlF4SrQKnARPz4yhA1AeI2Fj9O9MCZNG5AQZ0GGKSdKfXSJ6tGN4wmU1ZkhFbBevW%2FlhIPuguKPAghVitwK5t2qglih6dSRi3WjG1DAC13QZjKiT1RkRA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 862
accept-ranges: bytes
cf-ray: 83b265bbeaaf0b60-AMS

GET
H3 200 icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp
chromecdn.shabani.store/vi-assets/static-assets/ 860 B
2 KB 61ms
56ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

007070e6f905e2aefbfcc7568cdf61c38a422d933c9c8166a6ba2f6223dd9ec5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrtW8qTPnG5qjK9sKQqlf7hxd6tgC6KwHX1ma0ITxHtWfcWjWlGFkPaDHgaCYM_h3NLQnI
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-08 04:17:08 UTC
x-served-by: cache-ams21046-AMS
x-timer: S1703521080.688974,VS0,VE1
etag: "98ffc313a69bea78c5a4ffb0cd8bf09e"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1699417011680051
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 18584
expires: Thu, 07 Nov 2024 04:17:08 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 860
last-modified: Wed, 08 Nov 2023 04:16:51 GMT
server: cloudflare
x-goog-hash: crc32c=IvjhWA==, md5=mP/DE6ab6njFpP+wzYvwng==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hq%2B1Tep7F9kC29JK1BVTeLgT6kNzR8YwmyeyvkzpOdc3tvDaRcT1%2FKl3MTqpE89%2BoWjLvd7W52c49qYMu0jbbHb2%2FmNFtlQupJzl00pYQ%2F0JXlEuG5k0NdCDCTo0vip%2Bqld0%2FGrtzRu90bs2StZrPygD8PEaA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 860
accept-ranges: bytes
cf-ray: 83b265bbeab00b60-AMS

GET
H3 200 icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp
chromecdn.shabani.store/vi-assets/static-assets/ 652 B
2 KB 92ms
86ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f4ae3d77496807413afb4a0d56451b31667200c0293d3e89df130190e1f10b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPoz-LbqHysNdmMAbZaL-HYg7gnpxFNUKsTlpAi7ZXoxWcO7YTOOuw_FEJ4Ygd9CD4Rv06o
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-07 02:25:39 UTC
x-served-by: cache-ams21066-AMS
x-timer: S1703521080.703447,VS0,VE1
etag: "98014cde1d5d5ee7342a2bef5387c8a8"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1699316991967931
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 18693
expires: Wed, 06 Nov 2024 02:25:39 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 652
last-modified: Tue, 07 Nov 2023 00:29:52 GMT
server: cloudflare
x-goog-hash: crc32c=/vnRlQ==, md5=mAFM3h1dXuc0KivvU4fIqA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paEwsIEMEJJW1nMIoyRTp3Jzz%2F3pH0dEhfnppNjsHSNXAlUngxarZ2314%2But3J%2F5CPwQ4OIYWfO7u71AkJB33z%2BSqwSIPZlbcnANSXo%2BQ%2FOMCbGhpQWXiy9vIX7j6ShTLwWoTI84A%2Fhn9Sea5om9bjhs95gsMw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 652
accept-ranges: bytes
cf-ray: 83b265bbeab30b60-AMS

GET
H2 200 hard-fork-album-art-square320-v2.png
static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/ 116 KB
117 KB 33ms
26ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/hard-fork-album-art-square320-v2.png?quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5ed9e9f81abee651d7645c6ae932a099ff7595eb893df2bd66306c818adf5a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 07:32:06 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300714
age: 456841
x-guploader-uploadid: ADPycdvAro6FIHXrWKU-xFoLnePFfiridFNWn-OoyXOaU4DFNV4ZhH0Q9DjI0pzE4gWTsDfBfohAxPpUxQAKg9br83tMQARl8HOD
x-cache: HIT, HIT
fastly-io-info: ifsz=171964 idim=320x320 ifmt=png ofsz=118748 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 118748
x-served-by: cache-iad-kjyo7100038-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.666336,VS0,VE0
etag: "MIre+hRw2cMgJa2uP+CeD5Zo0tG02ZYiidiRIV/6TxQ"
vary: Accept
x-goog-generation: 1666018564084320
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=rwW/FQ==, md5=QcPAglE24zD6+D1DXSLedQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 171964
x-amz-checksum-crc32c: rwW/FQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15, 1140

GET
H3 200 icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp
chromecdn.shabani.store/vi-assets/static-assets/ 788 B
2 KB 63ms
57ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d61937d6f1b2b8887f735949cb30f7be1f3027a5d495621672f0d8fd3f9d14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrz_qakmaqequPtGb0vCV_XXfdPYCq_0R6aYFV0bd_gmcheaVTgr8mJC4ASbjBvskeXy4iSzsQ80A
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-06 01:35:18 UTC
x-served-by: cache-ams21049-AMS
x-timer: S1703521080.690394,VS0,VE1
etag: "0167446aebebfe34aa60d544d95c5818"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1701823626695726
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7676
expires: Thu, 05 Dec 2024 01:35:18 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 788
last-modified: Wed, 06 Dec 2023 00:47:06 GMT
server: cloudflare
x-goog-hash: crc32c=z6+8Rg==, md5=AWdEauvr/jSqYNVE2VxYGA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VNMGzW0nBaGewrj5HFP%2B%2FxFewZeAhGcnnFFN43hpuZE9JqP9JJpW2OgJ4CrqgD%2Bcwif78Y62M7crZqqVnOTmBmVpM9OHI4E7OStLtn5y%2BBMrltKi6L%2Fr5CphANHMmymQW%2Bj0KyygMbhAt4mnxadiSzNuqU%2B6g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 788
accept-ranges: bytes
cf-ray: 83b265bbeab40b60-AMS

GET
H3 200 icon-watching-0fa860946d704b26aae6f0a562f26011.webp
chromecdn.shabani.store/vi-assets/static-assets/ 534 B
2 KB 113ms
108ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-watching-0fa860946d704b26aae6f0a562f26011.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc288edaf30d3566c6a43f7db44c69243ef51481f3ae50a4b35868d6ac11706a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPodBbI_c3l0fcnYGhAD6i7Hu4pxeosSh74A1JFvp9G7uB6J0oW2c8lc_d6-BzJV0vG30ZU
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 23:59:41 UTC
x-served-by: cache-ams21046-AMS
x-timer: S1703521080.710264,VS0,VE1
etag: "9237616fe80765aedc1571c6438498bc"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1699313929262291
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-watching-0fa860946d704b26aae6f0a562f26011.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 18502
expires: Tue, 05 Nov 2024 23:59:41 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 534
last-modified: Mon, 06 Nov 2023 23:38:49 GMT
server: cloudflare
x-goog-hash: crc32c=UOL/EA==, md5=kjdhb+gHZa7cFXHGQ4SYvA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tupzCin7i%2BAJMUoaGgnNYRF11gWg%2F8kYlHJrXhpiOedWBGZ1%2FRllpKor0jQh1UA4ThGsfgxV5QSKpyfQTIboX7ZEEmxR8YgY8URBamu4aQXRre2OfOcY5UbSgbmTY2e7K6ueZkTArmXeqLkWoAEpD4J6%2Fxrvog%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 534
accept-ranges: bytes
cf-ray: 83b265bbeab60b60-AMS

GET
H2 200 book-review-album-art-v2-thumbLarge-v3.jpg
static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/ 3 KB
3 KB 69ms
62ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/book-review-album-art-v2-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 13:23:18 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 527552
x-guploader-uploadid: ADPycdvWAmkx95gCPu14IQ4q4BE3dphI347Cam23BbGkeCIoa-nNMMO9_VMy5Xo8Q1qd4tiwBGGtFt-VA9JTnOfOljAGxQ
x-cache: HIT, HIT
fastly-io-info: ifsz=10250 idim=150x150 ifmt=jpeg ofsz=2772 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 2772
x-served-by: cache-iad-kjyo7100097-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.667389,VS0,VE0
etag: "f6YZ2ZJovRqmFs0MIuaEVzpH2+CtkFFBiLmf31seml4"
vary: Accept
x-goog-generation: 1662891747534151
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=EsOybg==, md5=cjEwJ43bqRCDXcDgnJcMnA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10250
x-amz-checksum-crc32c: EsOybg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2225, 1349

GET
H2 200 music-popcast-thumbLarge-v3.jpg
static01.nyt.com/images/2011/05/20/multimedia/music-popcast/ 4 KB
4 KB 40ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2011/05/20/multimedia/music-popcast/music-popcast-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 10 Oct 2023 16:00:57 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300701
age: 359098
x-guploader-uploadid: ADPycdt8GLzOK2GA-IX_ZuZPrjYsWk_7iJzaF1bRZysGkxzR67iJrwH3T01KlbrUrDKZ87h5mxJ_z1U3NdBU81wR4hJ1lQ
x-cache: HIT, HIT
fastly-io-info: ifsz=24419 idim=150x150 ifmt=jpeg ofsz=3828 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3828
x-served-by: cache-iad-kiad7000117-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.667366,VS0,VE0
etag: "qr3LW0rNOUvnYKyDbm09gWnw94oFzi+G4wvyjqveNos"
vary: Accept
x-goog-generation: 1538741982829422
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=VUkWbw==, md5=jSTktUwT+uCRgjlqA0y9BQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 24419
x-amz-checksum-crc32c: VUkWbw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7505, 827

GET
H3 200 icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp
chromecdn.shabani.store/vi-assets/static-assets/ 1 KB
3 KB 92ms
87ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba9c62e2d791768ee9cf91a2257b631d3d3d3e4d0039b2d60affb962b562219

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdswQIdjWZNHwkCY7_8Lz7NbACOjwhCATlyeK3RT1UU7Vm8ZgTiY5lmTrYYL6SLIKtMxwfjI4pdpx2jqeqJIKbnSPjj97bNE
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-04 04:47:50 UTC
x-served-by: cache-ams21071-AMS
x-timer: S1703521080.693920,VS0,VE1
etag: "425dea063366376915979217fff73e16"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1696367556248756
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4835
expires: Thu, 03 Oct 2024 04:47:50 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1286
last-modified: Tue, 03 Oct 2023 21:12:36 GMT
server: cloudflare
x-goog-hash: crc32c=kvn+Sw==, md5=Ql3qBjNmN2kVl5IX//c+Fg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyZzgC9sKheZ%2FnbTbdqktj82XxozB1ZioYJzUhm%2Fm9o8%2BnVIsDyLx%2FCi%2F5YNm1Br4GKh3z6LvwpuwYkaJZJbTa8t4SUuL2yWbEh68kAQ0L%2BjR0Gr9Aq1wDWG0UXMrMB0v4KGTmLqXnFA3dVGspgU1D1yRbDVLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1286
accept-ranges: bytes
cf-ray: 83b265bbeab70b60-AMS

GET
H3 200 icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp
chromecdn.shabani.store/vi-assets/static-assets/ 1 KB
3 KB 92ms
87ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644159a517427813378bf283fb86f497ef2fd81c8656225b3e209972f0e4ccbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpxLOWkLiglaipwGHuyB1Uwg063jrVaVm939tjyqOCFI9fiLzRGY-xxgQLoykFYpNxmSiU
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-01 03:35:45 UTC
x-served-by: cache-ams21045-AMS
x-timer: S1703521080.703917,VS0,VE1
etag: "681a68b635f1dde16fd3ded972ee2c5e"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1701398841394959
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 8557
expires: Sat, 30 Nov 2024 03:35:45 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1160
last-modified: Fri, 01 Dec 2023 02:47:21 GMT
server: cloudflare
x-goog-hash: crc32c=Ay99EQ==, md5=aBpotjXx3eFv097Zcu4sXg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfR6xfhVOIo2JBfYiYIcb2J5ox7qLkPZ0rBW7%2FOEQ79psKp2CSvRb%2FeOpWkMRvdX1kZp6bMQeR4KjREzQNv3txiS9nDbx5JHvkGTASjB5R0yejvmGzKz5vNT88n90HAk7J%2FAoatfUGQvEoIKqb8w%2FvTeS8EBnA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1160
accept-ranges: bytes
cf-ray: 83b265bbeab80b60-AMS

GET
H2 200 modernlove-logo-thumbLarge-v3.jpg
static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/ 4 KB
4 KB 68ms
62ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/modernlove-logo-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 27 Sep 2023 08:44:33 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300709
age: 537902
x-guploader-uploadid: ADPycdsx7nyltROzFP1GN7HHaG2oSsI2FR9QqsLBmydSQHedugQCUqhZqVfC25b3XveH6xF0tQ3yeJeRXd6dJVeH24NNywae28a8
x-cache: HIT, HIT
fastly-io-info: ifsz=11068 idim=150x150 ifmt=jpeg ofsz=4084 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4084
x-served-by: cache-iad-kcgs7200165-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.667339,VS0,VE0
etag: "m/kFRv2O1tFCo0C85yLpe5fDFs//5pFoSBOWMgnJf9E"
vary: Accept
x-goog-generation: 1665608966820623
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=BQuLtQ==, md5=p/lR9gCKmtliQRSN6dd/dg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 11068
x-amz-checksum-crc32c: BQuLtQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37, 1381

GET
H2 200 matter-of-opinion-album-art-thumbLarge-v2.jpg
static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/ 4 KB
5 KB 40ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/matter-of-opinion-album-art-thumbLarge-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 02 Oct 2023 15:32:50 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300710
age: 604696
x-guploader-uploadid: ADPycdt0TrNqndBEgkmC118TvA85g415qMWEAee92mC0Bcva_u9DBgWVzdZgq8SIX8GJuvMvlfmIJIZaC4IYtgW7H_q0ZA
x-cache: HIT, HIT
fastly-io-info: ifsz=12674 idim=150x150 ifmt=jpeg ofsz=4132 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4132
x-served-by: cache-iad-kiad7000079-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.667315,VS0,VE0
etag: "yoekWzapvzDgK5g1tJpvXR4Q3abo6OZMw027E8Ag3Fo"
vary: Accept
x-goog-generation: 1685027532007855
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=cBstdQ==, md5=af0IeRKwURQQpabIs66V1Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 12674
x-amz-checksum-crc32c: cBstdQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2915, 1586

GET
H2 200 ezra-klein-album-art-square320-v2.jpg
static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ 9 KB
9 KB 40ms
35ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ezra-klein-album-art-square320-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eb66d19d76b2a591f290eb9cbefa2faf0a2c8f90b124cb937270ab4b8adee08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 16 Oct 2023 14:27:05 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300714
age: 449182
x-guploader-uploadid: ADPycdspqG6-fLvP9i97lYm9c5SKNUuw465dhKvldoricRjIMSS_SOVbbpDHAnHmDXbHzmC62BJZpQzndscHzHgJtdJGf2adT8Z_
x-cache: HIT, HIT
fastly-io-info: ifsz=26546 idim=320x320 ifmt=jpeg ofsz=9114 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 9114
x-served-by: cache-iad-kiad7000062-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.667273,VS0,VE0
etag: "I8CFstK+e/z6clnl3bXOFjL81AzI4rEnG10lPXiE8TY"
vary: Accept
x-goog-generation: 1635784873905458
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=bgL3XA==, md5=gRKhpC1X4GNr6vjxBbhc7g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 26546
x-amz-checksum-crc32c: bgL3XA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5308, 1085

GET
H2 200 headlines-albumartwork-audioapp-2-thumbLarge.png
static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/ 13 KB
13 KB 26ms
26ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/headlines-albumartwork-audioapp-2-thumbLarge.png?quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 14:00:23 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 384291
x-guploader-uploadid: ADPycdvcZw_RvVMFlkZc-xVGK9Qm1jixjRMOF1OZQTuJz-ns8UHD7U3fmD1ap8dkm3WKHbSW9KRYqouno2vTFey4_12ZycrQY02c
x-cache: HIT, HIT
fastly-io-info: ifsz=20844 idim=150x150 ifmt=png ofsz=12952 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 12952
x-served-by: cache-iad-kcgs7200036-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.726993,VS0,VE0
etag: "LbFwq71cDcti1tLA50q2p9CsL0R7Xg7ULZY6QK7bdcY"
vary: Accept
x-goog-generation: 1680812038156789
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5MfQCw==, md5=qqLRi3ewu5a5crO4pskKzg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 20844
x-amz-checksum-crc32c: 5MfQCw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2037, 911

GET
H3 200 icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp
chromecdn.shabani.store/vi-assets/static-assets/ 2 KB
3 KB 64ms
60ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9619e7a1dc4ec09dc3d6c5df8aa6eada684c79482d283459eac511852d5bb3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrxzsxCdUPY8KPGh_9XGZfAzmnLlJojPGMkIDj6t_tAyuVE9JSwsNt6cVS5orG73U7gaaBnIlritQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-13 22:26:12 UTC
x-served-by: cache-ams21029-AMS
x-timer: S1703521080.692858,VS0,VE1
etag: "28bc2710ecd2b1d5d9556b8ae390a943"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1702506156179074
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4501
expires: Thu, 12 Dec 2024 22:26:12 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1954
last-modified: Wed, 13 Dec 2023 22:22:36 GMT
server: cloudflare
x-goog-hash: crc32c=XaQJPw==, md5=KLwnEOzSsdXZVWuK45CpQw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ho8dJsp7BVddknyIiJIuOa%2B5Dpac8J1LO5UG7Iuhh7mF1AivVrCo1Bm9a9ojz%2B42OgfocDqYypftqr7U9HJAGQQM0fgHvl9YT6eryqESUnKVjP30DVvLcqkYoR4M20bTcLJQgIphnUmr7Ljigl6lFEn2VYsgXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1954
accept-ranges: bytes
cf-ray: 83b265bbeaba0b60-AMS

GET
H3 200 icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp
chromecdn.shabani.store/vi-assets/static-assets/ 448 B
2 KB 114ms
109ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c65354f69fbaf3704fa399fb2755f8f1e12a4febd45037a125f17de050fca7c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPoWI7oHFSnW475furClRV9jhG0Ss-FnrVsAZsKszwOQXPDfsas9puaOQwSfz5KCu3HmDjkbvrlooa01v2KzZtpmU0I0v6bH
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-31 04:07:45 UTC
x-served-by: cache-ams21056-AMS
x-timer: S1703521080.709646,VS0,VE1
etag: "519c1a44c1767defa217a278d164b36c"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1698723433599743
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 11914
expires: Wed, 30 Oct 2024 04:07:45 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 448
last-modified: Tue, 31 Oct 2023 03:37:13 GMT
server: cloudflare
x-goog-hash: crc32c=CbwOcA==, md5=UZwaRMF2fe+iF6J40WSzbA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov7mGI6SWuNY5EAiAnOYFBlf2dKB0f8PiEcHPM%2FbdXa7clOhVOxaFG2QzRSG4L0wzi1aeh%2BfZqd31OVyL1fltPo43tYaMnjoegAlJzzQ36hKcn1uqB3ItfH37EtF9woqXGIv0b8%2FESyukWsADqnQr2U0UCX01w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 448
accept-ranges: bytes
cf-ray: 83b265bbeabb0b60-AMS

GET
H3 200 icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp
chromecdn.shabani.store/vi-assets/static-assets/ 424 B
2 KB 114ms
110ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d7824c56fadbab811bb6be7b48d8eec8fd4269877246eeed5b9b33d1a953292

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpdAzkeUq-dL6ONFinETGQwXV_rWj0koNjXq8G_YFida1u6xczZ_eJotVP_1h0acEIUqLUA1PvcLSXU47nYb0W2b-K4lK3K
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 16:19:52 UTC
x-served-by: cache-ams21030-AMS
x-timer: S1703521080.706539,VS0,VE1
etag: "ca44229b7404d9077baf5bd2f0fcebb0"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1698077567160430
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4539
expires: Tue, 22 Oct 2024 16:19:52 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 424
last-modified: Mon, 23 Oct 2023 16:12:47 GMT
server: cloudflare
x-goog-hash: crc32c=m+UYtg==, md5=ykQim3QE2Qd7r1vS8PzrsA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5Y%2BFIIAIGz6BpdaWZq4O%2BerS4ybG91hZMWF7mKtyc5FLHfiEx3TAnou9u0yAYWjdMFIZHgsGHS5AP6jgPRpDCwFaSg%2F4jEQ4BDSwmQxBtpZRvCGypMSz0lvJxlwJFLwE%2FG0PHYk8Meg2ZxtY8qAF16rJmaE4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 424
accept-ranges: bytes
cf-ray: 83b265bbeabc0b60-AMS

GET
H3 200 icon-gameplay-0e0a0696c194512474af7462274eaa97.webp
chromecdn.shabani.store/vi-assets/static-assets/ 516 B
2 KB 116ms
112ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-gameplay-0e0a0696c194512474af7462274eaa97.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a1e05cca983d2c838b5637de79857db90bd69705e38126260f9dca7fc29186

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPp-JxAbzk5szh5rfWTB90X5VaLcv2PjrvlC5BEDBaqrtYVtsoXphYB7NkXzzxfq2MdgJb5VQAUedQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-08 04:17:09 UTC
x-served-by: cache-ams21042-AMS
x-timer: S1703521080.715879,VS0,VE1
etag: "8fb0705de15ee3fb853d82b64fc3fbfa"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1699417011687100
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-gameplay-0e0a0696c194512474af7462274eaa97.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 19275
expires: Thu, 07 Nov 2024 04:17:09 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 516
last-modified: Wed, 08 Nov 2023 04:16:51 GMT
server: cloudflare
x-goog-hash: crc32c=6krs5Q==, md5=j7BwXeFe4/uFPYK2T8P7+g==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgLVZIP24m5n757qsCBDauR3ooZvReAPBH%2BoryEqh5Pkr00hjZssAB9Th%2FR4qnmxLWe0tg%2FaN6H7QKjm%2B%2B5RRKoBfikPrkEZVupzJ4CFQXICmAzBwqQg1B6CaUVAH314AJQe9txAkw7EfTvRWpZuNqIzJ0aGkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 516
accept-ranges: bytes
cf-ray: 83b265bbeabd0b60-AMS

GET
H3 200 icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp
chromecdn.shabani.store/vi-assets/static-assets/ 748 B
2 KB 117ms
113ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e4eb2e6499e7805732b936694778a0547e32010bca773807743cfcd8e4b049

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpQ5WeeaLuZ5eZuTo4l0kXmX79gPuwkmYn2cHb3m6IkzGJHurjYUtjzqiV78FnQbNAYHg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-13 22:26:12 UTC
x-served-by: cache-ams21083-AMS
x-timer: S1703521080.715020,VS0,VE1
etag: "9894fb012dcd739cdcecf1bc31d507a4"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1702506156122380
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4755
expires: Thu, 12 Dec 2024 22:26:12 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 748
last-modified: Wed, 13 Dec 2023 22:22:36 GMT
server: cloudflare
x-goog-hash: crc32c=PJBKmg==, md5=mJT7AS3Nc5zc7PG8MdUHpA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVE9rHGhDoH7M3KEZod%2BLflULvyX%2F84W4igercfq2fDjIzFkWfO4s1ZNS5ife9JQ2lT5Sbz2Bq%2BrI57oc4KxsGONHYar4MrjhUnstB1gnf5EG10awIkwpKXNW8tSbJokf7j6776Vk6CGqcB7pH34oOiH%2FW5p9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 748
accept-ranges: bytes
cf-ray: 83b265bbeabf0b60-AMS

GET
H3 200 icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp
chromecdn.shabani.store/vi-assets/static-assets/ 2 KB
4 KB 118ms
114ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af9b52b5cf0f6a694ec51e283ccabc662be7881a3ecefecccf5441a687a894a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPr61-5CXPRnOZLDBwKWJrYY6EN92AtBN7L3qisssW1tmbCE7_tzv6dNuqhAbYo_m-DRN_mkoMSIxw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-30 22:47:43 UTC
x-served-by: cache-ams21038-AMS
x-timer: S1703521080.695721,VS0,VE1
etag: "75dce34b2cab91f7347cbe697eaec668"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1698704958322472
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 18522
expires: Tue, 29 Oct 2024 22:47:43 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2122
last-modified: Mon, 30 Oct 2023 22:29:18 GMT
server: cloudflare
x-goog-hash: crc32c=ORbazQ==, md5=ddzjSyyrkfc0fL5pfq7GaA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hT8yjSEjeSRHlvxvXmyKbSEFR4YnKJdXCBwtn9gO06aM1F8NcUBSuKblHashuFqlyR2KuTU8%2F9tWABrTycDIDKk%2FjI19WjoG8jEXLtwLvBTMsOx8k2rrhokyqdQZKPMTIQfVkGsele2pM2NXMTCykxmxbORwAA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2122
accept-ranges: bytes
cf-ray: 83b265bbeac00b60-AMS

GET
H3 200 icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp
chromecdn.shabani.store/vi-assets/static-assets/ 1 KB
3 KB 118ms
114ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fd486c427aff4879822fc8e342979aa0110d283582bbee589cb941de95f39f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqy5g_jRWao6nZYvmnFOs78Y9WcBShju6eDjRvXaDE4I_65IsmJzDYQmrObKqRrq3Nf1Q
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-13 22:26:12 UTC
x-served-by: cache-ams21071-AMS
x-timer: S1703521080.696867,VS0,VE1
etag: "2b654162f60dd23c00417299cce80666"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1702506156132953
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4857
expires: Thu, 12 Dec 2024 22:26:12 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1486
last-modified: Wed, 13 Dec 2023 22:22:36 GMT
server: cloudflare
x-goog-hash: crc32c=125xEQ==, md5=K2VBYvYN0jwAQXKZzOgGZg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZvpAKV9WEjY5nlxGFbFjiJTIhyt8ayhwuWMnhNTfzzjnBkzJTGUOhZoKCm%2F60CM4pFmAZBtSSgTg4BZkfKghWuGaKUoVqmdtDPUHWnOXENY4gBh9v8U4l4ce9rgOOOpU1519bl20tby10bhSB16naHQl8YWbCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1486
accept-ranges: bytes
cf-ray: 83b265bbeac20b60-AMS

GET
H3 200 icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp
chromecdn.shabani.store/vi-assets/static-assets/ 480 B
2 KB 119ms
115ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

832c2e84f40e3512fc4a9326e54e6c3a8e8b91d691dd601e5716ab8b4cd01f32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycduulKC_JqGee2ZqVTDEnb2fgVpaMPTXjh_Wy3yK3jfPWZnknw_3F8siXKRToNbvQrAw7Llp_ZtJEm--XmfF1Gph7y9pRLDY
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-14 10:47:15 UTC
x-served-by: cache-ams21038-AMS
x-timer: S1703521080.695379,VS0,VE1
etag: "31e3b5a35faa43e94c8692daca44339a"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1697228498364920
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 18479
expires: Sun, 13 Oct 2024 10:47:15 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 480
last-modified: Fri, 13 Oct 2023 20:21:38 GMT
server: cloudflare
x-goog-hash: crc32c=qzwDhg==, md5=MeO1o1+qQ+lMhpLaykQzmg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKFkaqwKGOnP8fZ1ZAohT2t7PjkDZRj2XZgK8dOe2YcwjD91a%2FJthv0yfg6UgkNsbW7ZvsNLi4ijsR0McODi6odXNc8vXwJnt2NagvoWcaYIM3LEl4ynEqAsr5d1IWFdSZq8SCiHT5jFHkTCob0frfQ87B%2Fk9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 480
accept-ranges: bytes
cf-ray: 83b265bbeac50b60-AMS

GET
H3 200 icon-clean-everything-2ec25627f12347716015757e012ec04b.webp
chromecdn.shabani.store/vi-assets/static-assets/ 1 KB
3 KB 119ms
115ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-clean-everything-2ec25627f12347716015757e012ec04b.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11cad19b226383c7e859031e5cd320644ad1a33d12abc2689a4d3bdbc8253ab7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdt4TglRixfW5mqwY9SFc_1yVi7aJ4gcfzhe7Awztm8MeeNrRSf027zqhDDBQK7ftsXjGM-THGbO6rxI3aDlztSmxscl_cVd
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 07:19:41 UTC
x-served-by: cache-ams21058-AMS
x-timer: S1703521080.694747,VS0,VE1
etag: "1d11a29b40906c218d08fd261c621573"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695320370149351
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-clean-everything-2ec25627f12347716015757e012ec04b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 19016
expires: Wed, 25 Sep 2024 07:19:41 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1314
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: cloudflare
x-goog-hash: crc32c=dd5g7A==, md5=HRGim0CQbCGNCP0mHGIVcw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmRjxxTQH2fRqbSM5a0S2h5fAJ4sbq7H4w2bvUmeSNrk5ROlGxVOwZfK2v17R15WF3ft2d%2FLVBl1%2B7edtUhVuEHypZbDYGz%2Fhulc7qzS7Dxz7LvvNaz9aG9BZ4kXKQ%2FAhw3zbtWLMhj1NOAOsYcUCL2YgxwTwA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1314
accept-ranges: bytes
cf-ray: 83b265bbeac70b60-AMS

GET
H3 200 icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp
chromecdn.shabani.store/vi-assets/static-assets/ 2 KB
3 KB 121ms
117ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d3928e5b934069fa3b78d716121fd1838737cb5b1aecd98b82e62982435ada6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPq6zGQ1eIItYp0TJXvPBQDae31hlZYqK7Pyb_4C9gQgd2H4eABPtPOlPDrDSGzx2jqXDYwpMoyaTw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-09 23:24:09 UTC
x-served-by: cache-ams21040-AMS
x-timer: S1703521080.729706,VS0,VE1
etag: "8b7a3436254e062758ee1da7e31172ca"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1699569163440168
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 10996
expires: Fri, 08 Nov 2024 23:24:09 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1686
last-modified: Thu, 09 Nov 2023 22:32:43 GMT
server: cloudflare
x-goog-hash: crc32c=IKGGXA==, md5=i3o0NiVOBidY7h2n4xFyyg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVrfEVmS52I%2F6XDrjG%2FQq32WRpL7Q7DizB8ktT229nu%2B6n2X5KtCugc2f0DFkOUOo48P%2F4VzwYpId%2FmfJg51ABa4AAl1J7n9oekBgjxr5b54zGMGWUeru8tSitWnP68ujZ1qHisALvLYnS%2Bk5gnL23Uo2t6H%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1686
accept-ranges: bytes
cf-ray: 83b265bbeac80b60-AMS

GET
H3 200 icon-athletic-windup-d4cce80f590773db71172618038e5787.webp
chromecdn.shabani.store/vi-assets/static-assets/ 2 KB
3 KB 121ms
118ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-athletic-windup-d4cce80f590773db71172618038e5787.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e9b1bcc8b7f6c40a146c67b1ae4d804d1a00f9374ebd5ce5b4f2de65ff69cc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPopo3vB6h_3tFEvpOBG6nwlZkq3NYnjVSDULItksJs0zgari5lrNglpOBUNE18V2XItR1jO2LSy6HCxF0uCTjamDw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-22 11:11:15 UTC
x-served-by: cache-ams21051-AMS
x-timer: S1703521080.709428,VS0,VE1
etag: "cbf08c4ea3747245058f541d8fd30518"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1697824576675792
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-windup-d4cce80f590773db71172618038e5787.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4941
expires: Mon, 21 Oct 2024 11:11:15 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1810
last-modified: Fri, 20 Oct 2023 17:56:16 GMT
server: cloudflare
x-goog-hash: crc32c=DU5MYg==, md5=y/CMTqN0ckUFj1Qdj9MFGA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFxld1JldSC7Z55LL9oeYDQfgdAkhMLdhXJB0f8XDmuUko6%2FDgS7eYGP7O0%2FOrnUq%2FAi4RvMywqFQf0OaEBskEEvYZTGgxc9lg2LlrZNUQzk9aX6IdXBb%2FAInqqXQ0xSt1Y%2B%2BTWBNr9b3re%2B2ZmsxVDUPBaWGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1810
accept-ranges: bytes
cf-ray: 83b265bbeac90b60-AMS

GET
H3 200 icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp
chromecdn.shabani.store/vi-assets/static-assets/ 2 KB
4 KB 122ms
118ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b212ea12e667d35e7127d3c59788897d07d32a661336ccf122b02af12fab96d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPp2pn14r36flsaWImoF55isSZVKugOgHoMRvKDwEYH7yzeA_0hYRdnUT-gYPhrPc1aDhAtwRw1pCQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-09 00:53:26 UTC
x-served-by: cache-ams21073-AMS
x-timer: S1703521080.694939,VS0,VE1
etag: "6da573b90ea5519ac60ae64a15664824"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1699490507243731
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7742
expires: Fri, 08 Nov 2024 00:53:26 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2074
last-modified: Thu, 09 Nov 2023 00:41:47 GMT
server: cloudflare
x-goog-hash: crc32c=JIYI5Q==, md5=baVzuQ6lUZrGCuZKFWZIJA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWSPpy7voEkN32N74zBgaOZxEGkOtWX1MsrHP70XOSJwLcij1Bd7Ok7U9ki257EB9PT0ILPXaPgEDECnfcF3zSU1s%2FwCJlr8Df7ck4mVoJ3HBjcCRbi97yDigpVwACjM5LeeXK0%2Blh%2FP7vjVeTLMNUbJ16xauA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2074
accept-ranges: bytes
cf-ray: 83b265bbeaca0b60-AMS

GET
H3 200 icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp
chromecdn.shabani.store/vi-assets/static-assets/ 2 KB
3 KB 135ms
132ms Image
image/webp 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bafef9de45070f320e6d34730a285286b7b00ae2fbc1757ef49b1ff21d80c24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycduwb4S0hXw6g9YjblabThkesYl1Qfl2O1Tt__vU6YOsngafd17PTELtst10VpQXKjlU9_7Qfr_bGrtEVZwCNbWNsPqIfj69
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-18 10:25:43 UTC
x-served-by: cache-ams21026-AMS
x-timer: S1703521080.698140,VS0,VE1
etag: "b7137a8997feaa89747ffa6457a58125"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1697564864083359
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4475
expires: Thu, 17 Oct 2024 10:25:43 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1800
last-modified: Tue, 17 Oct 2023 17:47:44 GMT
server: cloudflare
x-goog-hash: crc32c=iEBX8g==, md5=txN6iZf+qol0f/pkV6WBJQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnQP5IGFotVAtIUD37qrVQubwLgwByJGRnGB%2FWyeuFlOG4X6VkfRUCpH0hxcmjBXG5V6vS5uFJYz77RcBFlrAi%2FLZ5LiEWbThM%2BwtsG8xp5Sv0quAEskehsbSCfjsKsc87SKSRJkaz%2F5voIlZV74JU9yvHdfhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1800
accept-ranges: bytes
cf-ray: 83b265bbeacc0b60-AMS

GET
H2 200 00cli-animalfeed-chickentruck-ctvw-square640.jpg
static01.nyt.com/images/2023/12/12/multimedia/00cli-animalfeed-chickentruck-ctvw-hppromo/ 60 KB
61 KB 27ms
27ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/12/multimedia/00cli-animalfeed-chickentruck-ctvw-hppromo/00cli-animalfeed-chickentruck-ctvw-square640.jpg?quality=75&auto=webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0f4fdfbd9180e410a867847c2824bb174b8e6cc006debb86ad46b4306064fb14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 09:51:34 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010250
age: 23184
x-guploader-uploadid: ABPtcPqtHwzl9wUC0_HsfS0u_XaZFGMsWhFNxx-AX56VRXPZOr4bstg_9BUE95idmRLZlUF9h2JAS9sUQA
x-cache: HIT, HIT
fastly-io-info: ifsz=129322 idim=640x640 ifmt=jpeg ofsz=61536 odim=640x640 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 61536
x-served-by: cache-iad-kjyo7100049-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.727319,VS0,VE0
etag: "RFM7ZHoJ6DMLic95Zm6aZx3MG7kcpDbfp9RgbyyLVrE"
vary: Accept
x-goog-generation: 1703107337369959
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=y9XbPA==, md5=xQrzaFgkWlT6yQ3SuYnxmA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 129322
x-amz-checksum-crc32c: y9XbPA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7, 99

GET
H2 200 00cli-animalfeed-soy-wkmt-square640.jpg
static01.nyt.com/images/2023/12/12/multimedia/00cli-animalfeed-soy-hppromo/ 27 KB
28 KB 32ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/12/multimedia/00cli-animalfeed-soy-hppromo/00cli-animalfeed-soy-wkmt-square640.jpg?quality=75&auto=webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a66b3644d06f53c2bd6a2ce8607ef5dda03a1474cdaba804fc67a290959a14bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 09:51:34 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010228
age: 23184
x-guploader-uploadid: ABPtcPrcsm0bbK62cKTdkob6IgQMmI4RHQ2I5QpZeAcY8W07ZOrzfWXGVjjTqP94GTHNVfBYSrU
x-cache: HIT, HIT
fastly-io-info: ifsz=78383 idim=640x640 ifmt=jpeg ofsz=28120 odim=640x640 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 28120
x-served-by: cache-iad-kcgs7200149-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.727481,VS0,VE0
etag: "8r+gR7aq4F5lLt1e1ljwkypML3HoQmwv+J9YF4x3nZE"
vary: Accept
x-goog-generation: 1703106405681662
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=d3nhpA==, md5=Js/3+C9ptTvu4ZCSw/VupQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 78383
x-amz-checksum-crc32c: d3nhpA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7, 96

GET
H2 200 00cli-animalfeed-sandwich-fpmq-square640.jpg
static01.nyt.com/images/2023/12/12/multimedia/00cli-animalfeed-sandwich-hppromo/ 29 KB
30 KB 27ms
27ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/12/multimedia/00cli-animalfeed-sandwich-hppromo/00cli-animalfeed-sandwich-fpmq-square640.jpg?quality=75&auto=webp

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

467ade322462ea7732326bff06170916044da4a744bf7a39038ef66345ed3a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 09:51:34 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010228
age: 23184
x-guploader-uploadid: ABPtcPp0G51huFac315c0XJWDkjl_Jsc6bcoEa_eXAlMU4YC8sM3Lej0y39tNWLPi28yInTw8p0
x-cache: HIT, HIT
fastly-io-info: ifsz=85604 idim=640x640 ifmt=jpeg ofsz=30136 odim=640x640 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 30136
x-served-by: cache-iad-kjyo7100166-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521080.740310,VS0,VE0
etag: "UmWeTsV5K8JlfA9ht71IcL8dQtZBdY62qo7+GOn++yo"
vary: Accept
x-goog-generation: 1703106415479267
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=VlvoVg==, md5=OwxpWC72Ozfcs1TY6O9MjQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 85604
x-amz-checksum-crc32c: VlvoVg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7, 98

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v4/ 150 KB
48 KB 144ms
37ms Script
application/javascript 13.32.26.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.26.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-26-187.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:17:28 GMT
content-encoding: br
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 09:24:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 33
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: 6TMTj2rPX8hlDcXsZIm0ALvPqKA7XWWx9sxKcuVR1hytLJ-4N0Ag7Q==

GET
H3 200 vendor-7799bfe3d9a78d57c093.js Show response
chromecdn.shabani.store/vi-assets/static-assets/ 173 KB
49 KB 136ms
133ms Script
application/javascript 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3459a86a1a5a0ebefc38ba347c8eee86838664553d2732a9f0d75d9b474bab72

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPpEt0Sb3KwFTR24b2VVOSq4zv8iNKcPjC5L2ym1cWCrQ4eh9qnBDErINmqaJo5-Yf8Twfs
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-28 20:35:51 UTC
x-served-by: cache-ams21056-AMS
x-timer: S1703521080.714790,VS0,VE1
etag: W/"b5e3f2c1b76554752bb8d61689b81dc5"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701123396490075
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 32077
expires: Wed, 27 Nov 2024 20:35:51 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 Nov 2023 20:31:34 GMT
server: cloudflare
x-goog-hash: crc32c=DUs3dw==, md5=tePywbdlVHUruNYWibgdxQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Slkruaz0UO1Ud%2B2OsjF4PDIJz245w7li1SaHrxrDyswNf3iK%2BmdyWtTToffNjJpqPf65owZcx27sflHQzAaOK4kN7iyY7g%2Bl22d1U2iB8OYnQiTrSMfCEnBdDcau9ONcadgSbxBzmVUXQ2Jo8XT4DFXyCNCKMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 176881
cf-ray: 83b265bbeace0b60-AMS

GET
H3 200 home-2084d70720a04a25476d.js Show response
chromecdn.shabani.store/vi-assets/static-assets/ 955 KB
217 KB 139ms
136ms Script
application/javascript 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/home-2084d70720a04a25476d.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac61aea68847d91ff9ec781d06a6f144819100b5518580251db024e186e8c466

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPqSpxCsqAHqXpL7l5WbsgHiJNx-xdWxXjLy_WM1UCy0ZUmYmMweFyutSiIUafkup3uxSmtN2wGVKQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-21 17:59:42 UTC
x-served-by: cache-ams21030-AMS
x-timer: S1703521080.709440,VS0,VE1
etag: W/"863575bd58e21e23230965a9c246872f"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1703180939441943
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/home-2084d70720a04a25476d.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3
expires: Fri, 20 Dec 2024 17:59:12 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 17:48:59 GMT
server: cloudflare
x-goog-hash: crc32c=jTJIag==, md5=hjV1vVjiHiMjCWWpwkaHLw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3eM7N6VxHyZCQh3%2BZnIwDPWRHNiSWWWVH1WriKnq9VFMaEqRg7zc%2BW%2BHLRTvy4YJdP1%2FJQowgMIOe6Dsclg%2BHPBJUNqlf6XOAEvqJnHkF4CAq54VIneZPYjpJBqfpwyDYMNCwnkDXerWfNSprnHje8nbbv58A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 977510
cf-ray: 83b265bbead00b60-AMS

GET
H3 200 desktopLogoNav-6f959d5094ea4b8c806e.js Show response
chromecdn.shabani.store/vi-assets/static-assets/ 1 KB
2 KB 188ms
185ms Script
application/javascript 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/desktopLogoNav-6f959d5094ea4b8c806e.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9e0de16743ce5453503ea556a0a9d39b834ff4b765aa1161621e840cdf4715

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPq3gzxBhr8vz9Hiicng5bsRUeO_MbWu6m79qEnqLTNCyVjbI6NyruPZnVY0MN1fjAyABw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-19 17:50:55 UTC
x-served-by: cache-ams21048-AMS
x-timer: S1703521080.693451,VS0,VE1
etag: W/"dff6296bdf9c53e7f90337d6ea2c7957"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1703008114556273
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/desktopLogoNav-6f959d5094ea4b8c806e.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3635
expires: Wed, 18 Dec 2024 17:50:55 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Dec 2023 17:48:34 GMT
server: cloudflare
x-goog-hash: crc32c=mfyctQ==, md5=3/Ypa9+cU+f5AzfW6ix5Vw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vNJCbcbSDi9UdyluipmX1WZzI5n8%2Ba5Y3YhuJvZDoQmEPwREz6Xgxfx4OtDOT78A1AVYCKQWLHniJLlU6gJo9NaRAmyNt0Fmw%2BOaRsOAkOQs4RoDHcQVdRjRoMJ%2B4Q7uCmApqGUzwovfGAbZVif3%2BWAO2BF2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1488
cf-ray: 83b265bbead10b60-AMS

GET
H3 200 nestedNav-f48d9cf710328f70759b.js Show response
chromecdn.shabani.store/vi-assets/static-assets/ 108 KB
15 KB 189ms
186ms Script
application/javascript 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/nestedNav-f48d9cf710328f70759b.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ee16888691db8ad184a8a0dca545cfcb56c69f3a84123559ba97fa7e0f1d32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPoHSgC6q10OK6kI6CmBwWMT6ycAVwJfibksn3_PSF7i3J18gSQ3FBjmww9E9htNdijNeXp8XuqRyA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-21 20:32:53 UTC
x-served-by: cache-ams21023-AMS
x-timer: S1703521080.694644,VS0,VE1
etag: W/"e864b0765b802e04b7147f5948e57623"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1703190372404721
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/nestedNav-f48d9cf710328f70759b.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2310
expires: Fri, 20 Dec 2024 20:32:18 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 20:26:12 GMT
server: cloudflare
x-goog-hash: crc32c=uyhs9g==, md5=6GSwdluALgS3FH9ZSOV2Iw==
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
x-gdpr: 1
x-goog-stored-content-length: 111084
cf-ray: 83b265bbead20b60-AMS
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"

GET
H3 200 main-dcaafa2a4e3dd1bc38e8.js Show response
chromecdn.shabani.store/vi-assets/static-assets/ 2 MB
483 KB 191ms
188ms Script
application/javascript 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/main-dcaafa2a4e3dd1bc38e8.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

682eb3c36d44cd32507d581390e8277af04edc3fed0276a2ba4879378481b56b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPqkx1tziVScgk43ZvTNdJRmCsXRcywX0mbzFyCoGZ9MbQkkYIwuk97B2YWPv91OEFlGZfU
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-21 15:37:52 UTC
x-served-by: cache-ams21070-AMS
x-timer: S1703521080.706550,VS0,VE1
etag: W/"71ec37c2a22e3457eccbfb81fe648545"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1703172474457091
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-dcaafa2a4e3dd1bc38e8.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 12
expires: Fri, 20 Dec 2024 15:37:30 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 15:27:54 GMT
server: cloudflare
x-goog-hash: crc32c=zviOmg==, md5=cew3wqIuNFfsy/uB/mSFRQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfjTyjOUbNLO7tz7T6mCBnbzeVvTdHOMCPZfzg4lYLaOM%2FE%2BM%2Fw57pORX5hxdqn2%2BJmNN8FTKfyQwiunosXn2PLFImpuaRAMRa85kKlZqPT3Nb7F7tcTwVeEXim8a8QFIZmxHNwesTaJRQC8q%2BO0SUrPAxfCtg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1827827
cf-ray: 83b265bbead30b60-AMS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 444 KB
121 KB 152ms
42ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee2477989dc118d77f63c90a8cff7b7822bdd72b9bb3f8d59a7e170e52624ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:17:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123484
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 408ms
136ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET als
als-svc.nytimes.com/ 0
0

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 16 KB
6 KB 141ms
30ms Script
application/javascript 2600:9000:2251:5000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:00:28 GMT
x-amz-version-id: nWzCMaBTdG.LJzQd7eqTJCaATWEfreW8
content-encoding: br
last-modified: Mon, 18 Dec 2023 12:16:19 GMT
server: AmazonS3
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"229a75f6b428e87e913ddfb377e45f31"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 1052
x-amz-cf-id: HI9rZyPuf3Y7sN3qYHHzUIZiS9j4LDZZBDasRtQKsTiLXW-CYbi-NA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 160ms
41ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:49:35 GMT
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 1705
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: KS7Q72H084yoykDDzXFXQGGUO0CMwwndhAu5wSrSgcM5M_shxGw6AA==

GET
H2 200 prebid8.25.0.js Show response
www.nytimes.com/ads/ 315 KB
317 KB 214ms
167ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/prebid8.25.0.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpPFUSSF_IEXqFPAH99R5zn7V-Rl2-ULcPCqwJr1ZChb2_pcl7DisWaPJCRQIE3bMeX6xY
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-25 16:17:59 UTC
x-served-by: cache-ams21072-AMS
x-timer: S1703521080.786845,VS0,VE141
etag: "78c86859abaee40f233a9a8c96540124"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701363099682984
content-type: text/javascript
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.25.0.js
x-nyt-route: ads-static-assets
cache-control: private, max-age=0
x-nyt-app-webview: 0
x-nyt-edge-cache: MISS
x-amz-checksum-crc32c: b1VVOA==
x-cache-hits: 0
expires: Mon, 25 Dec 2023 16:17:59 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: MISS
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
content-length: 322837
last-modified: Thu, 30 Nov 2023 16:51:39 GMT
server: UploadServer
x-goog-hash: crc32c=b1VVOA==, md5=eMhoWauu5A8jOpqMllQBJA==
x-gdpr: 1
x-goog-stored-content-length: 322837
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 130 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b84ebfbd15694400df12827c578baf3e0d64b86b13222a7d27a536e236dcb6c

Request headers

Referer
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 80ms
28ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 28 Nov 2024 00:00:26 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2305053
x-guploader-uploadid: ABPtcPqV9xIYEV21NZb3yGTTsAkYPmyTjsS4kogpo_POafQgg5udo6cs4Ibb7JqiegB5dAM6D-U
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-ams21023-AMS
last-modified: Wed, 15 Nov 2023 15:34:45 GMT
server: UploadServer
x-timer: S1703521080.749610,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1700062485851024
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9469

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 79ms
27ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 12 Dec 2024 22:27:03 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1014656
x-guploader-uploadid: ABPtcPpv6u5oo_QtnZ5UJcN6f3J8XpocEKSTdnTeMzRc925oUw1GL0d6ujQ8JV6qenPLt4EO_g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-ams21023-AMS
last-modified: Wed, 15 Nov 2023 15:34:45 GMT
server: UploadServer
x-timer: S1703521080.749594,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation: 1700062485786479
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9668

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 128ms
76ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 05 Dec 2024 01:44:16 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1694023
x-guploader-uploadid: ABPtcPrMaPoxBs7OXIaaFD-El-dlPJWSVJW79iUPHg2zUw8y-E27sa9WzZ1Mi0y5kSCTuK9UxoQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-ams21023-AMS
last-modified: Wed, 15 Nov 2023 15:34:45 GMT
server: UploadServer
x-timer: S1703521080.750641,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
x-goog-generation: 1700062484876785
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5106

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 106ms
54ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 12 Dec 2024 23:31:24 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1010795
x-guploader-uploadid: ABPtcPpycRceeqZlUqsSpT-5BNsep321eQq6m3_ldVTB3cUq7FOQip44CuNpMCNxPQLzfkOtiA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-ams21023-AMS
last-modified: Wed, 15 Nov 2023 15:34:46 GMT
server: UploadServer
x-timer: S1703521080.750563,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation: 1700062486283119
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8714

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 105ms
54ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 06 Dec 2024 03:14:54 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1602185
x-guploader-uploadid: ABPtcPqXc-9t3QNmPnIdvG-0evG8qXP1WF5QadTFkDkobWrhTMB7pnSugfYI4mEYkk4F-9URaQ8
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-ams21023-AMS
last-modified: Wed, 15 Nov 2023 15:34:44 GMT
server: UploadServer
x-timer: S1703521080.750619,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
x-goog-generation: 1700062484685227
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26448
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 4845

GET
H2 200 cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
24 KB 105ms
53ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 02 Dec 2024 03:16:51 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1947668
x-guploader-uploadid: ABPtcPpxMaVTccbOrZsB_Df5AoTnZEqN2eEmE7exKDs215MaLB1rv4yiHQWDSxv2tuWCinYzMHU
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23704
x-served-by: cache-ams21023-AMS
last-modified: Wed, 15 Nov 2023 15:34:45 GMT
server: UploadServer
x-timer: S1703521080.750660,VS0,VE0
etag: "1a0b316424cdebd18086b8dbbc768eef"
x-goog-generation: 1700062485137146
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FTq84Q==, md5=GgsxZCTN69GAhrjbvHaO7w==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23704
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2172

GET
H2 200 cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
g1.nyt.com/fonts/family/cheltenham-text-cond/ 28 KB
28 KB 126ms
75ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-text-cond/cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 12 Dec 2024 21:30:03 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1018075
x-guploader-uploadid: ABPtcPpV94NpYIcDMa5EKKJSpq0ZTmwQ95DoWUaj75-h6LJGB1n_iAfFhEcqMZq_wMCd1XR1Pw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28868
x-served-by: cache-ams21023-AMS
last-modified: Wed, 15 Nov 2023 15:34:45 GMT
server: UploadServer
x-timer: S1703521080.750692,VS0,VE0
etag: "7e78f9e7e6c2e02d82592c4466929fa3"
x-goog-generation: 1700062485142819
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=UQFt6w==, md5=fnj55+bC4C2CWSxEZpKfow==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 249

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 126ms
76ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 17:49:32 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 21508104
x-guploader-uploadid: ADPycdvtrAmusTrSLfmQI-Ze2DFF0WkJk72OyihvIf3cf_xFoz1BIJ8dC4wRmO1fDdJMSU9JREmeciVob79uhJP-peLn73p5hKWp
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-ams21023-AMS
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1703521080.750595,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
x-goog-generation: 1650460180595156
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20196
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7141

GET
H2 200 cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
24 KB 137ms
86ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 16 Dec 2024 18:09:49 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 684490
x-guploader-uploadid: ABPtcPoV0VXynw-RYAA4JpWRvEdQJs3IzJSydKaTytVjrVU3CeRffWQzDawB52oaENoqklG-5aMEZemPBQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24028
x-served-by: cache-ams21023-AMS
last-modified: Wed, 15 Nov 2023 15:34:45 GMT
server: UploadServer
x-timer: S1703521080.773714,VS0,VE0
etag: "cdfa0ec29cca8c2d2f54c79d898e15c1"
x-goog-generation: 1700062485087920
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=2JQyuQ==, md5=zfoOwpzKjC0vVMediY4VwQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24028
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 41

GET
H2 200 karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2
g1.nyt.com/fonts/family/karnak/ 23 KB
23 KB 137ms
87ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/karnak/karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 12 Dec 2024 22:32:22 GMT
date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1014337
x-guploader-uploadid: ABPtcPpQLWNPcqC8-xFX2qdql-cEGE9k484RVTaEYThF92Mpy7pq1VwQIwndh6CwuGu-g1dBYA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23400
x-served-by: cache-ams21023-AMS
last-modified: Wed, 15 Nov 2023 15:34:46 GMT
server: UploadServer
x-timer: S1703521080.773677,VS0,VE0
etag: "4a0c7e79ac2f009f12f9106482c961c4"
x-goog-generation: 1700062486752043
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=a9fAaA==, md5=Sgx+eawvAJ8S+RBkgslhxA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23400
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 3780

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 252ms
137ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://chromecdn.shabani.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Mon, 25 Dec 2023 16:17:59 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 24
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-edge-cache: MISS
x-nyt-meridiem: PM
x-nyt-region: NB
x-samizdat-query-exe-id: aa67a3be28d5b91e
x-samizdat-query-field-errors: 0
x-served-by: cache-ams21066-AMS
x-timer: S1703521080.770509,VS0,VE111

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 190ms
103ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/vi-assets/static-assets/adslot-fc0f7e331087dfa9b3b7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03de96fc40089112d81bc750c7814719bd75491f87467ed756be52f97a9f33e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:17:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29100
x-xss-protection: 0
server: cafe
etag: 912 / 19716 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 16:17:59 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame 9FF7 211 KB
71 KB 38ms
37ms Script
text/javascript 2600:9000:2251:5000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 576ebc0c0c1377533b7225bfda069d029cda9109b720fbf72470cea57725b757

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:00:26 GMT
x-amz-version-id: lYqqSqSJ447x.3M0.2QclXG9ss2FFqDd
content-encoding: br
last-modified: Mon, 25 Dec 2023 15:39:56 GMT
server: AmazonS3
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"06f63432b0c132ed82fceaaae8dfa8bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 1054
x-amz-cf-id: zUmu_1r7JM2x7tp64xnRLHZNJ5xpei5zex7ZqNMT4OT4WMVkoIU6sA==

GET
H3 200 vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-3c9fe90542175afafd75.js Show response
chromecdn.shabani.store/vi-assets/static-assets/ 48 KB
11 KB 69ms
68ms Script
application/javascript 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-3c9fe90542175afafd75.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8018ac0d5ade5c992dccb83915d04af94d42283dadbe071b57f058c27d126ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPp0djkqJYZHWv35SU7GiNhht9w7TpMa02uQIrHCaMNI4Rb6EA_j5i4lE0N9ZUtA7g3XGZ8
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-11 17:26:44 UTC
x-served-by: cache-ams21032-AMS
x-timer: S1703521080.116404,VS0,VE1
etag: W/"7fc801944914d461ed548dbdb2411530"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1702315521085607
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingAppDownloadLandingPage~cookingLandi~3fc321fe-3c9fe90542175afafd75.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 15912
expires: Tue, 10 Dec 2024 17:25:32 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 17:25:21 GMT
server: cloudflare
x-goog-hash: crc32c=j1VBkQ==, md5=f8gBlEkU1GHtVI29skEVMA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=baW41TZ2W%2BCfehDCkyGCf45NKVGiTpwNCcLLaSntOIXYmOlGERAHV%2BaGQagjMSXyEtG8uTe66yDlrqwUsUpuY%2FQFs%2FE9MqzFYjLzXHyYGz%2BkwbdlI%2FVUuYLWoceD%2BbAMPT0bmZHOQz0bDbv2L07Tm8xJUczJBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 48898
cf-ray: 83b265be8dce0b60-AMS

GET
H3 200 vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~50453510-903992bc078886c92266.js Show response
chromecdn.shabani.store/vi-assets/static-assets/ 225 KB
57 KB 61ms
61ms Script
application/javascript 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~50453510-903992bc078886c92266.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c225c9577c4aa7e150a13912ef0e68855c3224851f11f49f90732ee442eb613c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPpiPUopJjPHZ7i8EmRogLykIm6fhIXDB8SQDCOAHRRsw-xzFrkUKUdIk9Dpk9guRveKxOEd7XNoRg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-19 17:50:56 UTC
x-served-by: cache-ams21073-AMS
x-timer: S1703521080.108521,VS0,VE1
etag: W/"1228338ddde268935e0af0360002837d"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1703008116405711
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~50453510-903992bc078886c92266.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6414
expires: Wed, 18 Dec 2024 17:50:56 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Dec 2023 17:48:36 GMT
server: cloudflare
x-goog-hash: crc32c=sKkKYg==, md5=Eigzjd3iaJNeCvA2AAKDfQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFLusIMWYOM4odFJ1WcfA8vbCdJaG2syYogHo0nSMhIiLn%2F2XaTDRZfwgEYGY5Jrb06MyiiFC3Bqda4nkeyRKAPDl7UXdGKSum2LBl9Y7XlGh%2FKckddvPP97FiKHWsdDYmFknmbcT1hv0Iym9g%2FPURrpILFyKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 230091
cf-ray: 83b265be8dd20b60-AMS

GET
H3 200 vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-93bb3586a80ac741220f.js Show response
chromecdn.shabani.store/vi-assets/static-assets/ 46 KB
16 KB 53ms
53ms Script
application/javascript 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/vi-assets/static-assets/vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-93bb3586a80ac741220f.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

660f11bb046501308d2ef5501ebf4d82e14c3d8d2fb0e3a6c70fb2394e330faa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPooc15u3KwDEGatQDuUIKLn1xGNzRDe-WDkP3_Nvd-gvYwJLdrOaiono7aBW17AOlRQrq7M2RPDKQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-12-19 17:50:56 UTC
x-served-by: cache-ams21055-AMS
x-timer: S1703521080.103667,VS0,VE1
etag: W/"afb5e470d26a086558e476c1a41f0fb0"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1703008116405863
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~home~markets~paidpost~reviews~search~slideshow~trending~video~your-list-93bb3586a80ac741220f.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4038
expires: Wed, 18 Dec 2024 17:50:56 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Dec 2023 17:48:36 GMT
server: cloudflare
x-goog-hash: crc32c=vtcKRg==, md5=r7XkcNJqCGVY5HbBpB8PsA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zv5UycHe6%2Fu3%2BYtmEzVirMnfOm4y8MR6m9zG25CmWpggUit8%2FQDyciULE9G9dplEV1Sv5L5u4Rp0ECBUEr%2FyrblgXMMi8I9DVJNYaB%2Bixnrj%2Fo%2BAag1xDX%2FsmtMXXUnM6EC0iqCiWgZZOf9xcHcWvoQqHZ60kw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 46798
cf-ray: 83b265be8dd30b60-AMS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
62 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a10dbba5b7fdf2059586d40eaf90b80e2ac30ee8249844f13498f55b4aae1681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63376
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Dec 2023 16:18:00 GMT

GET
H2 200 tags.js Show response
dd.nytimes.com/ 147 KB
27 KB 224ms
39ms Script
text/javascript 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-30.fra53.r.cloudfront.net

Software

Apache /

Resource Hash

c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
date: Mon, 25 Dec 2023 15:38:44 GMT
x-amz-cf-pop: FRA53-C1
age: 2356
x-cache: Hit from cloudfront
content-length: 27331
last-modified: Wed, 29 Nov 2023 13:37:06 GMT
server: Apache
etag: "24cd6-60b4aa18fa3ca-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: e7-bYqcZ9qKNVyeVv99uyq-0W0Eb5tex6WDgebAscDuh0l-Bt5dsnA==
expires: Mon, 25 Dec 2023 16:38:44 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1703521080115&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1703521080115&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2...

0
224 B

33ms
33ms

Image
text/plain

18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1703521080115&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fchromecdn.shabani.store%2F&c9=
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-amz-cf-id: r6kbx2O0RLdgDhkI0N-joUBduliMO5IE9R3WIRlbG-iH2l4fBnNgTg==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=3005403&ns__t=1703521080115&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fchromecdn.shabani.store%2F&c9=
content-length: 0
x-amz-cf-id: fGWqAjcbEMTxV3KBwesUxCeld1FNkOu5Us1FFe-KL88nVBy4RTNgIA==

GET
H2 200 3030 Show response
config.aps.amazon-adsystem.com/configs/ 532 B
806 B 122ms
39ms Script
application/javascript 99.86.4.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3030
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-39.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4fc676fe659c86c36270516a9344e4fdfee0bb569ef8a0ea551c74b2c5c1d97f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:25:34 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3146
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 532
x-amz-cf-id: hXl-ALHE7aghUA-l2P7IJhdY54RdQwJEkUoBCk_4h-2FU4OrchDaZQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
307 B 132ms
132ms XHR
text/plain 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fchromecdn.shabani.store
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:17:59 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: 3BYE_wxvDoVi4LsIKFMHfJIaLWih0Hf2rimzO0_6HuSe0_8WnHbcrQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
509 B 174ms
59ms XHR
text/javascript 52.222.192.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fchromecdn.shabani.store%2F&pid=LPcxYuElulO0O&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.192.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-192-64.cdg50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:00 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 04a0003b41de711e6a8b7432e24f89a4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG50-P2
x-amz-rid: DTTFAEFYXH51CCA7H1R6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://chromecdn.shabani.store
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: Yqrl0MzapyQdyAx9fPBf7f5WJahRgTqzCG64ITdZyHgnId2DkgYGIw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 489ms
423ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: OPC83wm3NJNYryDR2xv0ydSZCKZ7RldX5KDZeeofNw-rN3gmbIsZrg==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:14:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21804
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 24 Dec 2024 10:14:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 68 B
77 B 136ms
68ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=chromecdn.shabani.store

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1357391ec9a3544a644201bced940a68b1ffe2c28045177d3458cbfa009f3b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
x-xss-protection: 0
expires: Mon, 25 Dec 2023 16:18:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 132ms
131ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://chromecdn.shabani.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Mon, 25 Dec 2023 16:18:00 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 19
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-edge-cache: MISS
x-nyt-meridiem: PM
x-nyt-region: NB
x-samizdat-query-exe-id: b70779c75331c216
x-samizdat-query-field-errors: 0
x-served-by: cache-ams21066-AMS
x-timer: S1703521080.479993,VS0,VE105

GET
H3 200 market Show response
chromecdn.shabani.store/api/ 519 B
1 KB 75ms
75ms Fetch
application/json 2606:4700:3031::ac43:a3b6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chromecdn.shabani.store/api/market

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:a3b6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfeade14cebcdfeb93846c26ccda0b23aebb75a7a0f3b2f320936a0d9ca496ff

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:00 GMT
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-F-X
age: 27
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-origin-time: 2023-12-25 16:17:34 UTC
x-served-by: cache-lga21927-LGA, cache-ams21027-AMS
server: cloudflare
x-timer: S1703521081.507555,VS0,VE2
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/json; charset=utf-8
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/api/market
cache-control: s-maxage=60,(null)
x-nyt-route: market
x-nyt-app-webview: 0
x-gdpr: 1
x-nyt-edge-cache: HIT-HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CoxLeZ4UqFlqQUYnuPQar%2Bvco%2FmB5vTTIHCAwafgxcLmGzB4Y0mXV51Nmt04DDnf9TDeHZu4EAq0vYVBFR6EEAyGa8sdpW0UOHNKeGcCPV8cE9eG6WCt%2BwuDBvZbm%2F2%2FwQXtu6%2BUeCGjB3mkrnSeNPv0u5HQPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 83b265c0f8a50b60-AMS
x-cache-hits: 25, 1

GET
H2 200 vhs.min.js Show response
static01.nyt.com/video-static/vhs3/ 505 KB
115 KB 26ms
26ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/video-static/vhs3/vhs.min.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/vi-assets/static-assets/home-2084d70720a04a25476d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9fa4e2a0db1d7d0b1ccc1c147bd61301f7365a2e1f8bc83acc7838e477c96b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 26 Dec 2023 17:23:32 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 514468
x-guploader-uploadid: ABPtcPp1LksVfUYBbnWH6jbwAQTMq_WaPp5fxWY7blF21fuJt_z1nXQDZ2YEuBq83OqQsgrRiOpb56sBEQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: video/vhs3
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 117210
x-served-by: cache-iad-kiad7000153-IAD, cache-ams21072-AMS
last-modified: Tue, 19 Dec 2023 17:23:27 GMT
server: UploadServer
x-timer: S1703521080.473792,VS0,VE0
etag: "ced0636c72473d64053df0c45c63d604"
vary: Accept-Encoding
x-goog-generation: 1703006606895751
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Xs/QCw==, md5=ztBjbHJHPWQFPfDEXGPWBA==
cache-control: public,max-age=60,s-maxage=604800
x-goog-stored-content-length: 516892
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21, 4913

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET purr-cache
purr.nytimes.com/v1/ 0
0

GET data-layer
a.nytimes.com/svc/nyt/ 0
0

GET
H2 200 25ukraine-christmas-fader1-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader1/ 21 KB
21 KB 28ms
27ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader1/25ukraine-christmas-fader1-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8a178f595d596c3289145308c67ca81d6e99c40805640b9f140b2b5a520b2192

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 13:34:10 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010226
age: 9831
x-guploader-uploadid: ABPtcPqkjIMx0IZ5DLKunIlGFib4K0etsbtlsZU9_hWV9c-W89cOnzp6AMD_qPSnqNNtvHhNYd3w_0H0Vg
x-cache: HIT, HIT
fastly-io-info: ifsz=58248 idim=600x400 ifmt=jpeg ofsz=21264 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 21264
x-served-by: cache-iad-kiad7000155-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.918456,VS0,VE0
etag: "j/IX4xIpc0q3yzO2zA+4a8e4+IZhku0IltTVWy3X4FA"
vary: Accept
x-goog-generation: 1703510306486736
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=+uv1mg==, md5=PojJYU0VXnQZIKqNM1PgkQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 58248
x-amz-checksum-crc32c: +uv1mg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16, 9

GET
H2 200 25ukraine-christmas-02-kpzq-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader2/ 51 KB
51 KB 29ms
27ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader2/25ukraine-christmas-02-kpzq-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5a3e86e7d992c54a63b9f21237be5c9efc912207e2795cb7b4a05ee8179010d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 13:34:10 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010246
age: 9831
x-guploader-uploadid: ABPtcPqQENyji9C6xBCeoeq_qC92mNUi5qNsRU82jYB0A6Drty_BkaH8JzWnhcSrjPsc4HBU7Q
x-cache: HIT, HIT
fastly-io-info: ifsz=106832 idim=600x400 ifmt=jpeg ofsz=51998 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 51998
x-served-by: cache-iad-kiad7000068-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.919411,VS0,VE0
etag: "n98R1RAp8iT/pSGDqhrUfSpouJCzJ6PXxSrY6QrZwI0"
vary: Accept
x-goog-generation: 1703510305777577
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=PGyRsA==, md5=/l9bRSoHILAXkZNsMQFO9w==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 106832
x-amz-checksum-crc32c: PGyRsA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18, 9

GET
H2 200 25ukraine-christmas-03-kpzq-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader3/ 61 KB
61 KB 30ms
28ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader3/25ukraine-christmas-03-kpzq-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9ff678a9aaa17eb75c6f6baf0a00ad52d11c370a36fdf68e57a522aa06378955

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 13:34:10 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010227
age: 9831
x-guploader-uploadid: ABPtcPrPSapxzDvGb21RItRpntq_8_dtJFXOgD7XFI6BGZEMHxWkaHX6OcbU4FOL9eC8WjsraRY
x-cache: HIT, HIT
fastly-io-info: ifsz=121084 idim=600x400 ifmt=jpeg ofsz=62336 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 62336
x-served-by: cache-iad-kiad7000102-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.919499,VS0,VE0
etag: "2meCVyDCIxQZECeKF7L4zqU27Fu38aSOkbJr90Va2ME"
vary: Accept
x-goog-generation: 1703510305759434
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=id9Rhw==, md5=peYFjmtj9tl9Fb8VNa35nQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 121084
x-amz-checksum-crc32c: id9Rhw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 9

GET
H2 200 25ukraine-christmas-tmhq-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader4/ 26 KB
27 KB 30ms
29ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader4/25ukraine-christmas-tmhq-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fb7c3cc4de76e46cda9ba91817c7315e27bb2cd7dc366e456491da8d28edbc27

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 13:34:10 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010250
age: 9831
x-guploader-uploadid: ABPtcPqYKAovkI-Sp-YPj1Tp3_nj56Mlrkv_B3vlF5ByIN22i3ZZyB8iI5ILZ_i-oW2ww5vgdkA
x-cache: HIT, HIT
fastly-io-info: ifsz=62870 idim=600x400 ifmt=jpeg ofsz=26812 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 26812
x-served-by: cache-iad-kiad7000107-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.919345,VS0,VE0
etag: "D3YUz0EikcEDjx2DrC3jByXz0evOFfGPkwtSA+Jpnec"
vary: Accept
x-goog-generation: 1703510305954066
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=ZapNqg==, md5=NflzK1QPrVP0T0xLdHijsA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 62870
x-amz-checksum-crc32c: ZapNqg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19, 9

GET
H2 200 25ukraine-christmas-fader6-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader6/ 45 KB
46 KB 29ms
27ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader6/25ukraine-christmas-fader6-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b8909f0267ba3bbf1038e7a9165c8b8e33faa6845909cb812c84786b7cf0aa9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 13:34:10 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010229
age: 9831
x-guploader-uploadid: ABPtcPqGPpLwlSPAKCvgQyz48FxwCIRJfJ_FhjiQlz65bJKEDWOgIUiRBcs9L6VlGhb8UGHEIwuUKdEKOQ
x-cache: HIT, HIT
fastly-io-info: ifsz=89246 idim=600x400 ifmt=jpeg ofsz=46472 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 46472
x-served-by: cache-iad-kjyo7100087-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.919338,VS0,VE0
etag: "loOFXsuseBKWl/n8e+1wtRfgZEQzJNwKLT+Oz3UldHQ"
vary: Accept
x-goog-generation: 1703510301664932
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=csHYnw==, md5=5RSw8ZwrEF7W+x+zIyKEdw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 89246
x-amz-checksum-crc32c: csHYnw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 10

GET
H2 200 25ukraine-christmas-fader7-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader7/ 23 KB
24 KB 30ms
29ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader7/25ukraine-christmas-fader7-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1458ce394565bfe2c90f5da5a9c9884478fac99f333dd29ef94b6c864bfdf8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 13:34:10 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010250
age: 9831
x-guploader-uploadid: ABPtcPqxlko1YInH2ohZi6K-VWBwcR5Okf7XS-SDny9dsgApGtSc4AyETJPvkVLwJFG6qgN0vJc
x-cache: HIT, HIT
fastly-io-info: ifsz=61608 idim=600x400 ifmt=jpeg ofsz=23644 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 23644
x-served-by: cache-iad-kjyo7100126-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.919341,VS0,VE0
etag: "XGaRcu0wOq/mITA0aBFG4Fbtcy4cwZasy9nFP0Rn2Eg"
vary: Accept
x-goog-generation: 1703510305775406
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=vZYMrw==, md5=2jsKgMpUTA4Lc0eoREdNHQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 61608
x-amz-checksum-crc32c: vZYMrw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15, 9

GET
H2 200 25ukraine-christmas-fader8-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader8/ 43 KB
43 KB 30ms
28ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/multimedia/25ukraine-christmas-fader8/25ukraine-christmas-fader8-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8893d638a3c454bba91c5b7f7adb3422b143dbf01d8f957e2efdd80e71514b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 13:34:10 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010231
age: 9831
x-guploader-uploadid: ABPtcPoYTWVDsSeXcZGxuJ773oqsKxPy5a0s4BVViOD8aIdY-Hey2cQEaGF2KOSJsR6bRXA8AMQ
x-cache: HIT, HIT
fastly-io-info: ifsz=92694 idim=600x400 ifmt=jpeg ofsz=43696 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 43696
x-served-by: cache-iad-kjyo7100178-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.947650,VS0,VE0
etag: "PWKRACIA6BkYYsrYVhl1MbunUb888tS/LgV87JRinQ0"
vary: Accept
x-goog-generation: 1703510301693788
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=awQGYA==, md5=keDnL/YGl1XxyQuRH3aJ2g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 92694
x-amz-checksum-crc32c: awQGYA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17, 9

GET
H2 200 24nat-harvard-corp-01-jvwb-threeByTwoSmallAt2X-v2.jpg
static01.nyt.com/images/2023/12/24/multimedia/24nat-harvard-corp-01-jvwb/ 85 KB
86 KB 31ms
31ms Image
image/jpeg 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/24/multimedia/24nat-harvard-corp-01-jvwb/24nat-harvard-corp-01-jvwb-threeByTwoSmallAt2X-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8a7862964dc80643076d2cff5683dc2a85a728c772fdafcc3cff964bf1943ee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 24 Dec 2023 22:26:08 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 64313
x-guploader-uploadid: ABPtcPpeR849g5iK20Z9FCRrSMy1kObrJhpwsIJMIYDAKqVmVShc4p9OuKVCSfrM3st3Q-5IlrL7ZxFOPQ
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 87174
x-served-by: cache-iad-kiad7000161-IAD, cache-ams21072-AMS
last-modified: Sun, 24 Dec 2023 22:25:48 GMT
server: UploadServer
x-timer: S1703521081.950754,VS0,VE0
etag: "2bcd9c69c08d7394e248060271dce074"
vary: Accept
x-goog-generation: 1703456748274890
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=xbkadA==, md5=K82cacCNc5TiSAYCcdzgdA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 87174
x-amz-checksum-crc32c: xbkadA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 10

GET
H2 200 26pol-haley-iowa-topart-zcmk-threeByTwoSmallAt2X-v2.jpg
static01.nyt.com/images/2023/12/26/multimedia/26pol-haley-iowa-topart-zcmk/ 59 KB
60 KB 28ms
28ms Image
image/jpeg 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/26/multimedia/26pol-haley-iowa-topart-zcmk/26pol-haley-iowa-topart-zcmk-threeByTwoSmallAt2X-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b325f3d230267d51d0a7938b4d962347891ad3468eab857fb4a36d9a8e6f2059

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 14:37:45 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6015
x-guploader-uploadid: ABPtcPpOhL-PBMedGEsaJJGy3qbU-xIC0yskpzVGPb2-tuNbcdarj1_1HKJmy4gCdfqPfg8od8_uVMTutQ
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 60689
x-served-by: cache-iad-kjyo7100103-IAD, cache-ams21072-AMS
last-modified: Mon, 25 Dec 2023 14:37:32 GMT
server: UploadServer
x-timer: S1703521081.952806,VS0,VE0
etag: "dd3b32032bd1cf9f0637893aac2b74d3"
vary: Accept
x-goog-generation: 1703515052433437
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=qAG6ww==, md5=3TsyAyvRz58GN4k6rCt00w==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 60689
x-amz-checksum-crc32c: qAG6ww==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 5

GET
H2 200 00franchises-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/06/30/business/00franchises/ 8 KB
9 KB 30ms
29ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/06/30/business/00franchises/00franchises-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e507abe0a5a98f0725b005bf1ff51cd4372a94e456d4946c2da3109eaa482f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 10:48:02 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010251
age: 19797
x-guploader-uploadid: ABPtcPoJ-Rb8VYVid4bvOY8fJJarr0u2Vb8LmYYiXv4-qLqVCFTpBoAbXc97Mv9wMpggdaL1GXA
x-cache: HIT, HIT
fastly-io-info: ifsz=29078 idim=600x400 ifmt=jpeg ofsz=8414 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 8414
x-served-by: cache-iad-kjyo7100039-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.954626,VS0,VE0
etag: "pBVn9oco0TJPyys6uwG+88ZBy4G/GOzvmV90QhDhhkc"
vary: Accept
x-goog-generation: 1703498528054658
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=yFZX/w==, md5=nJObuVvJXdhJdRcquUUXBw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 29078
x-amz-checksum-crc32c: yFZX/w==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 76, 25

GET
H2 200 00bitrush-01-flgc-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/21/multimedia/00bitrush-01-flgc/ 32 KB
32 KB 29ms
28ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/21/multimedia/00bitrush-01-flgc/00bitrush-01-flgc-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4c718cd3080b9bda5abf91cae5749b2567613a2220b41ce538ac8f69cea471b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 10:05:07 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010246
age: 22373
x-guploader-uploadid: ABPtcPoOBnwi51Z3L0I_o83d9QJNTCGJ8c0Z-7OMlbw4ir2qpgHeYXePnNlv1ltX-8I76dZGCKA
x-cache: HIT, HIT
fastly-io-info: ifsz=69604 idim=600x400 ifmt=jpeg ofsz=32466 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 32466
x-served-by: cache-iad-kjyo7100099-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.954642,VS0,VE0
etag: "GcMHkpMYRUlOTvM9sa9LFqzyGuiWnITFSvjGWocj1ps"
vary: Accept
x-goog-generation: 1703498508537333
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=NVlHzg==, md5=piPrENcFVWIh2XqHlwT5fQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 69604
x-amz-checksum-crc32c: NVlHzg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14, 22

GET
H2 200 streisand-style-top-wmqc-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/01/12/multimedia/streisand-style-top-wmqc/ 36 KB
37 KB 29ms
29ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/01/12/multimedia/streisand-style-top-wmqc/streisand-style-top-wmqc-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5aa5bc9db770e8441470d018ff9027fb84194eb995a607c13f396bd9259855ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 10:08:06 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010210
age: 22193
x-guploader-uploadid: ABPtcPqmnaQeL5AacG7ESVEt4pUn2HeM2YTtELeS1d00r5xxHE4wyElfXxPTYVEgsUX3S9c02AMyzUkCNg
x-cache: HIT, HIT
fastly-io-info: ifsz=85586 idim=600x400 ifmt=jpeg ofsz=36932 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 36932
x-served-by: cache-iad-kiad7000179-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.954587,VS0,VE0
etag: "BwEE20iW9BDOBq93SEGT9hYfdq3KKD5h6DuZezTpyKY"
vary: Accept
x-goog-generation: 1703498442655481
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=9veTAA==, md5=2Ip/adjdwuBtOHEYUFPz5Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 85586
x-amz-checksum-crc32c: 9veTAA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 40, 5

GET
H2 200 daniela-lamas-thumbLarge.png
static01.nyt.com/images/2021/04/23/opinion/daniela-lamas/ 24 KB
25 KB 26ms
26ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2021/04/23/opinion/daniela-lamas/daniela-lamas-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

91167958ac672c9ef71d773c0e095728461792ff26c2f90c16a58ca440439cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 05 Oct 2023 16:41:01 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300716
age: 245537
x-guploader-uploadid: ADPycdtjVGmY8ofNFX3SDs8kOtERRQaotwYrLD_sRs4dlX7cpWEAmVReUBj3AHpAulEbD1txPjyPXr_bhg_LAca1gSSJSQ
x-cache: HIT, HIT
fastly-io-info: ifsz=41851 idim=150x150 ifmt=png ofsz=24996 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 24996
x-served-by: cache-iad-kiad7000032-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.978500,VS0,VE0
etag: "P1VqQbZpy0j4ErbAGHTqAoQ/XfrloBlkvES75UTK0wI"
vary: Accept
x-goog-generation: 1619214788488950
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=cn2lYQ==, md5=aaqV4azS6Gu1AIkLnQQjHQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 41851
x-amz-checksum-crc32c: cn2lYQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20, 31

GET
H2 200 25gawande-square320-v2.jpg
static01.nyt.com/images/2023/12/25/opinion/25gawande/ 16 KB
17 KB 25ms
25ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/opinion/25gawande/25gawande-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ed69635e57405277862a14a05b8432d3742309d1ccaafd2ecb12a1b2065b22aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 14:13:19 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010210
age: 7482
x-guploader-uploadid: ABPtcPpO4TgIbE054O3GEf80gkpsVcXZwv3UP9L5qIQDt9eVEvoeT29FUetTRKlEwdZhL8YoxXRYCWDYpw
x-cache: HIT, HIT
fastly-io-info: ifsz=32484 idim=320x320 ifmt=jpeg ofsz=16574 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 16574
x-served-by: cache-iad-kcgs7200027-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.981331,VS0,VE0
etag: "VO/4KaOnaC6czCeadLEsC90jTebBvumUK+YTCZQD1mI"
vary: Accept
x-goog-generation: 1703512806580313
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=RdoSWQ==, md5=QMfmFGm72SoEQKkcryqRkw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 32484
x-amz-checksum-crc32c: RdoSWQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 38, 16

GET
H2 200 Wehner-Peter-circular-thumbLarge-v3.png
static01.nyt.com/images/2015/03/16/opinion/Wehner-Peter-circular/ 19 KB
20 KB 29ms
28ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2015/03/16/opinion/Wehner-Peter-circular/Wehner-Peter-circular-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cb9b31ff535e2b76cf704d03beeeb2b2a60e6a6206b9759040430cc7774ba72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 13:30:38 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 325969
x-guploader-uploadid: ADPycdvAvLMMNBtHIlRRpCvedYpo35NdYTt_KCrJxhxA5OVTkvv2iUMBbknzdHEHuts3lwFW-V_6FiCBMM3vUgkbyibmv2tU3G23
x-cache: HIT, HIT
fastly-io-info: ifsz=31794 idim=150x150 ifmt=png ofsz=19696 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19696
x-served-by: cache-iad-kcgs7200092-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.986373,VS0,VE0
etag: "LQ5hop57rUyQxG2a6RuS8SBcYi5kFzWJBqZuGMAUUM8"
vary: Accept
x-goog-generation: 1526145388159876
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=2G43EQ==, md5=KNevhKr8t5fsBgxv57LHIQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 31794
x-amz-checksum-crc32c: 2G43EQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 63, 282

GET
H2 200 25mccaulley-image-square320.jpg
static01.nyt.com/images/2023/12/25/opinion/25mccaulley-image/ 20 KB
21 KB 29ms
27ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/opinion/25mccaulley-image/25mccaulley-image-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2e1e7d6140793c56e579652881156490f7f886827b15593b16b24f33cf0c813d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 14:13:19 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010251
age: 7482
x-guploader-uploadid: ABPtcPpNGbVjV6yBTfVZs_rVYP5TNCRTsKg0cnqiA9UDPoi8iq_TNk49BYMFwUjyR243Ik2-JTA
x-cache: HIT, HIT
fastly-io-info: ifsz=45329 idim=320x320 ifmt=jpeg ofsz=20528 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 20528
x-served-by: cache-iad-kjyo7100131-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.986356,VS0,VE0
etag: "EHihrag7lYMOFvu5Y7glXbog7s8dYNOF/bKf+LLpGWs"
vary: Accept
x-goog-generation: 1703512808979535
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=tSbH5w==, md5=OP2viO+xEzNvX4TELyr/fQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 45329
x-amz-checksum-crc32c: tSbH5w==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 64, 17

GET
H2 200 23opinions-rivera-image-square320.jpg
static01.nyt.com/images/2023/12/23/opinion/23opinions-rivera-image/ 11 KB
12 KB 29ms
28ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/23/opinion/23opinions-rivera-image/23opinions-rivera-image-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

49c43f6808ff7f504a03a81119d3f9779fb41cad4d9fac162834a56759aa5a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 24 Dec 2023 14:04:15 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010246
age: 94425
x-guploader-uploadid: ABPtcPokJQEC42gSrQwkvVWLCuEOSa5-62114CuHiZzdHjycA_wpxbtWLj3G51Iw-eSAN-wCazxu6e_sTw
x-cache: HIT, HIT
fastly-io-info: ifsz=28935 idim=320x320 ifmt=jpeg ofsz=11130 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 11130
x-served-by: cache-iad-kjyo7100045-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.986316,VS0,VE0
etag: "yib+WcacVuRSKrHkLXXBcFYcDXwukjMEjRpnVjRBSuY"
vary: Accept
x-goog-generation: 1703426408864149
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=bqu95A==, md5=IR0s59VTfOaSxj0WS9OUjw==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 28935
x-amz-checksum-crc32c: bqu95A==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 44, 16

GET
H2 200 the-morning-icon-square320.png
static01.nyt.com/images/2022/03/15/multimedia/the-morning-icon/ 18 KB
19 KB 27ms
27ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/03/15/multimedia/the-morning-icon/the-morning-icon-square320.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8071309f9ce3b8f01a3e0770d688dd5d207eb803f975779044a33d3089e3674b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 19 Nov 2023 11:00:43 GMT
date: Mon, 25 Dec 2023 16:18:00 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 449954
x-guploader-uploadid: ABPtcPrjsjguO-jAUtj2x7Ig7kCor2l-I7QRGy4uLXi_Jdq-PG16PKV46WSGRsiktx8guViCIw
x-cache: HIT, HIT
fastly-io-info: ifsz=28435 idim=320x320 ifmt=png ofsz=18856 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 18856
x-served-by: cache-iad-kiad7000149-IAD, cache-ams21072-AMS
server: UploadServer
x-timer: S1703521081.986253,VS0,VE0
etag: "9yuxgAHFFbuT7zGlL5DdWu35apHPlGFBc3o9/piaslE"
vary: Accept
x-goog-generation: 1686578251641168
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=ySN2bw==, md5=zI0rsfov1F0wMhGvqBk3Qg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 28435
x-amz-checksum-crc32c: ySN2bw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3519, 33

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 153ms
152ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://chromecdn.shabani.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Mon, 25 Dec 2023 16:18:01 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 40
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-edge-cache: MISS
x-nyt-meridiem: PM
x-nyt-region: NB
x-samizdat-query-exe-id: 9a8a469a34578f62
x-samizdat-query-field-errors: 0
x-served-by: cache-ams21066-AMS
x-timer: S1703521081.023396,VS0,VE127

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 145ms
145ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://chromecdn.shabani.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Mon, 25 Dec 2023 16:18:01 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 40
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: NB
x-samizdat-query-exe-id: 85fe4ada8a3e25c9
x-samizdat-query-field-errors: 0
x-served-by: cache-ams21066-AMS
x-timer: S1703521081.031608,VS0,VE119

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

POST
H2 200 track
a.et.nytimes.com/ 0
0 133ms
132ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 434 B
962 B 113ms
29ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fchromecdn.shabani.store%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=chromecdn.shabani.store&tg_i.page=https%3A%2F%2Fchromecdn.shabani.store%2F&tg_i.invCode=nyt_home_top&tg_i.pbadslot=dfp-ad-top&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=258b741805d18c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.26186255407109327
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e0205d534dd9cefbd200af200abef481f13a15a5ce439bd8dbb17cfdcd1e2eef

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 434
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
783 B 114ms
30ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fchromecdn.shabani.store%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=chromecdn.shabani.store&tg_i.page=https%3A%2F%2Fchromecdn.shabani.store%2F&tg_i.invCode=nyt_home_mid1&tg_i.pbadslot=dfp-ad-mid1&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=33f1605bcab6e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.09390514287972018
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c544f60b275f41d8d4642194bbf8911d9167dfe187d1b500e2dbd52b558941e7

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 436
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
782 B 113ms
29ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fchromecdn.shabani.store%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=chromecdn.shabani.store&tg_i.page=https%3A%2F%2Fchromecdn.shabani.store%2F&tg_i.invCode=nyt_home_mid2&tg_i.pbadslot=dfp-ad-mid2&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=40f96f4d06f066&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.03893522310820674
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5b54622fb36f76a8f55ff2fed91af612a77830c4d3bc0cb8e52173588bc43d3f

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 436
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
783 B 115ms
31ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fchromecdn.shabani.store%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=chromecdn.shabani.store&tg_i.page=https%3A%2F%2Fchromecdn.shabani.store%2F&tg_i.invCode=nyt_home_mid3&tg_i.pbadslot=dfp-ad-mid3&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=51bba48567542f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.9107056822859607
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d50fd0eaae85e9558e3cb78aa5433a712b8bf2f2408b1563a1f334ee522a8f68

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 436
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 440 B
786 B 114ms
31ms Fetch
application/json 2602:803:c003:200::43
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088374&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fchromecdn.shabani.store%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=chromecdn.shabani.store&tg_i.page=https%3A%2F%2Fchromecdn.shabani.store%2F&tg_i.invCode=nyt_home_bottom&tg_i.pbadslot=dfp-ad-bottom&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=62a8c387d411dd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.5876360492485013
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::43 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 757d394bd006684e87530a298c66b1f9b17dd655fea4f4febcd77532340a723c

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 440
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
607 B 140ms
42ms Fetch
application/json 35.157.84.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.25.0&referrer=https%3A%2F%2Fchromecdn.shabani.store%2F&tmax=10000

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.157.84.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-84-191.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
accept-ch: sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model
x-auction-status: 3, 3, 3, 3, 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 166ms
53ms Fetch 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://chromecdn.shabani.store
date: Mon, 25 Dec 2023 16:18:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
254 B 122ms
31ms Fetch
text/plain 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 1b4271d82cf40cf0cba4f13004ec0ad734a62e3db40565a18c8ebe419a5cdeeb

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://chromecdn.shabani.store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
621 B 114ms
32ms Fetch
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
an-x-request-uuid: 3c3e7247-1b45-4c78-a751-48c1c33a2683
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.150.110; 31.204.150.110; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
554 B 119ms
54ms Fetch
application/json 104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=995821
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a34864a86755eaca1535738067bce4e262f5a993ff9bd417a433f49900015b4

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAbZB5nTb4tzxuPu%2Fszx%2BMH1Ih%2F79hGvBqCGUZ9x1hNR4YXnQZQ7vacqLP6o3%2B0dJsDI1neH%2FsUErNA2XkHFGPDpDrnIHrD0rgv9r7U0srjan6WxnL7r9aidTm8xpEpQH1Z8syHH"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 83b265c56bfd0e2f-AMS
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 334 B
660 B 235ms
154ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6314d6a3f45efe526e4140094aab48e2db2c15e500be1e351e6030f88cf15a4e

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:00 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Dec 2023 16:18:01 GMT

OPTIONS
H2 405 meter.js
meter-svc.nytimes.com/ Frame 0
0 382ms
126ms Preflight 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fchromecdn.shabani.store%2F&referer=https%3A%2F%2Fchromecdn.shabani.store%2F&pageviewID=Teg64tmEeqRBpU6TxVnqBBVR&MessageSelectionAPI=real

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-211-112-71.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-nyt-internal-meter-override
Access-Control-Request-Method: GET
Origin: https://chromecdn.shabani.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-length: 0
date: Mon, 25 Dec 2023 16:18:01 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 google
x-envoy-decorator-operation: meter-svc.nytimes.com:443/*
x-envoy-upstream-service-time: 17

GET meter.js
meter-svc.nytimes.com/ 0
0

GET
H2

200

activityi;dc_pre=CJ-RtMf-qoMDFeRlkQUdiA4G_Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=1960846153.1703521081;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3bt... Show response
5290727.fls.doubleclick.net/ Frame C2C0
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=1960846153.1703521081;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJ-RtMf-qoMDFeRlkQUdiA4G_Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=1960846153.1703521081;u17=https%3A%2F%2Fchromecdn.s...

560 B
525 B

72ms
71ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CJ-RtMf-qoMDFeRlkQUdiA4G_Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=1960846153.1703521081;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fchromecdn.shabani.store%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

07a42b309385e277a7673df82a6f36fdea9ea7cca68a537a4898347ae4734fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chromecdn.shabani.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 313
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 16:18:01 GMT
expires: Mon, 25 Dec 2023 16:18:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 16:18:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJ-RtMf-qoMDFeRlkQUdiA4G_Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=1960846153.1703521081;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fchromecdn.shabani.store%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 129ms
38ms Script
application/x-javascript 2600:9000:2646:d600:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:d600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 19:05:05 GMT
content-encoding: gzip
via: 1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:04:59 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 76376
etag: W/"65838f3b-11b0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: JnnGjKnFkcXKn9i8NCqK-qs_tSIqHHfYuY1TEc1CtfJXl7Y_rLn0Ng==
expires: Mon, 25 Dec 2023 19:05:05 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
580 B 60ms
25ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 22:40:05 GMT
date: Mon, 25 Dec 2023 16:18:01 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 63476
x-guploader-uploadid: ABPtcPqsCAdwd2XifnxnyaoqIFNCDU-eDqWLFlvKQsKL0o33o5tPJS_aBl1WZ_aGaOtdP3yqVg
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-ams21072-AMS
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1703521081.308938,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1640215841852360
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 1613

GET
H2 200 comscore-streaming.js Show response
a1.nyt.com/analytics/ 103 KB
19 KB 60ms
26ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/comscore-streaming.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 21:35:55 GMT
date: Mon, 25 Dec 2023 16:18:01 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 67325
x-guploader-uploadid: ABPtcPrHaHLtrOv3YCYW1RaETBHqnzGo9rKB6_ziXW83mwSCZoah_QKeA1ZG7xkFLO9s1UxtxnfoZ-3rlA
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18717
x-served-by: cache-ams21072-AMS
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1703521081.309141,VS0,VE0
etag: "04e0b9556a78ce5cedf86a34e5483036"
vary: Accept-Encoding
x-goog-generation: 1640215841902856
x-goog-hash: crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 105675
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 984

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 5 KB
3 KB 106ms
34ms Script
text/javascript 2606:4700:20::681a:c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6a464e55b66da4ea128368c807cf47f6b05c8e939c8ca27a01e30e41f57a914

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 25 Dec 2023 16:08:34 GMT
server: cloudflare
age: 567
cf-polished: origSize=4821
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzZpFuiSFrd%2FbdrJCdEHYT%2Bq695gDAgnFUSa0NZdDrXAz26OfhrnmoPmJb%2FZc0Pm%2BPnLKSMj5oZLhMmzM1%2B43nPoc5Daw2aMw%2BILn5DPcE5ZOVNpqk%2FVvhM9NTeKNSBmimG3SUhX%2Bwy81wnURGMjB0F6"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83b265c66b026670-AMS
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 61ms
61ms XHR
text/javascript 52.222.192.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fchromecdn.shabani.store%2F&pid=LPcxYuElulO0O&cb=1&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid1_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.192.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-192-64.cdg50.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 04a0003b41de711e6a8b7432e24f89a4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG50-P2
x-amz-rid: C8ZQBY95VQMNY0QYWBW2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://chromecdn.shabani.store
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 8QYDTdo5GfjVtCPW6FpLdFxlhGt80FVUvUHKtsdfUbxyRSH6Yc8fKw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
468 B 61ms
60ms XHR
text/javascript 52.222.192.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fchromecdn.shabani.store%2F&pid=LPcxYuElulO0O&cb=2&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid2_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.192.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-192-64.cdg50.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 04a0003b41de711e6a8b7432e24f89a4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG50-P2
x-amz-rid: GZ4EN3CGFSCC9YTHMEYP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://chromecdn.shabani.store
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: GFkxMQ_i7GTfOp2ULeTmQx7oh-yJzYK4YARnsvEPnCe5LNyV5djGjA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
468 B 60ms
60ms XHR
text/javascript 52.222.192.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fchromecdn.shabani.store%2F&pid=LPcxYuElulO0O&cb=3&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid3_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.192.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-192-64.cdg50.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 04a0003b41de711e6a8b7432e24f89a4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG50-P2
x-amz-rid: 2T60S4YX8RQQ1Z3KBNG4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://chromecdn.shabani.store
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ZQjEXFsD_H-eUbTWoQQgLBW-xUQWquPROYnLKRzu3qqQRiO2IRvkGA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 61ms
61ms XHR
text/javascript 52.222.192.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fchromecdn.shabani.store%2F&pid=LPcxYuElulO0O&cb=4&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-bottom%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-bottom_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.192.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-192-64.cdg50.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 04a0003b41de711e6a8b7432e24f89a4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG50-P2
x-amz-rid: SD4KVYNXJ66GN6323BJA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://chromecdn.shabani.store
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: xcjAq6EHUf3fM1G62vpRM8nn2kuLFzsxdcmzRELAHnvP-vUFJ_tfcQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
15 KB 188ms
187ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1096839520101907&correlator=1550852696720671&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703521081515&lmt=1703520902&adxs=0&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fchromecdn.shabani.store%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=870406284.1703521082&ga_sid=1703521082&ga_hid=1755932747&ga_fc=false&dlt=1703521079473&idt=1874&prev_scp=div%3Ddfp-ad-top%26pos%3Dtop%26amznbid%3D2%26amznp%3D2%26request_time%3D2042&cust_params=als_test_clientside%3Dreqfailed_reqfailed_reqfailed_209500%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3D%26sov%3D1%26page_view_id%3DTeg64tmEeqRBpU6TxVnqBBVR%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser&adks=2496155832&frm=20

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a64a8f71f3d50be6c1c56f3d615ff41f33b7ce30a4ab93b0afe463f8e2f415b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14830
x-xss-protection: 0
google-lineitem-id: 6273174912
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440999674
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://chromecdn.shabani.store
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1812 6 KB
3 KB 158ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chromecdn.shabani.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 16:18:01 GMT
expires: Tue, 24 Dec 2024 16:18:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 241ms
240ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 dc_pre=CJ-RtMf-qoMDFeRlkQUdiA4G_Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=*;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma_...
adservice.google.com/ddm/fls/z/ Frame C2C0 42 B
401 B 244ms
98ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ-RtMf-qoMDFeRlkQUdiA4G_Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=*;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fchromecdn.shabani.store%2F

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJ-RtMf-qoMDFeRlkQUdiA4G_Q;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=5799205215071;auiddc=1960846153.1703521081;u17=https%3A%2F%2Fchromecdn.shabani.store%2F;u5=;u18=;gtm=45He3bt0v72703797;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fchromecdn.shabani.store%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 72490c53-5c14-4a5b-9800-d417f6be71bf
https://chromecdn.shabani.store/ 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://chromecdn.shabani.store/72490c53-5c14-4a5b-9800-d417f6be71bf
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 62 KB
17 KB 65ms
65ms Script
text/javascript 2606:4700:20::681a:c12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=chromecdn.shabani.store
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91010ba4000c2c6cd2d57003716996bf3b9a845044f5abf868d2a5a722baeb9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 25 Dec 2023 16:18:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlnHm2mELU2BULbQPYRc3fPCheaj0BH2VDJ%2FGEcnrc%2FkFG%2FvQ3GTWPiLB3oK5NV4gZNvciEbfuJPOo609I4Km3OblF19RsJY2iCe014ZJ0zmlZcDoZhWBqCtBtAmDKBEtKr80MoO1O1k8%2FefO1odeaQK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83b265c85d766670-AMS
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 350ms
110ms Image
image/gif 34.226.90.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=NBc6XBAHRm1DTxxr2&d=chromecdn.shabani.store&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11644&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fchromecdn.shabani.store%2F&b=2415&t=Dt1HAWCBw4jUdBb_jqH0xdBUSXz0&V=143&i=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&tz=-60&sn=1&sv=11EQTCWXJjJwy7kVC5zkoLDbiSrt&sr=external&sd=1&im=06672fd3&_
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.90.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-90-84.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 / Show response
dd.nytimes.com/js/ 243 B
627 B 106ms
36ms XHR
application/json 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-30.fra53.r.cloudfront.net

Software

DataDome /

Resource Hash

7db424b56c98fb83a59640cadc9e54363e6094e3db2af2c649368d7c0487e8fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:01 GMT
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 243
x-amz-cf-id: U1CVCBHbiv5f_0dRy-HGG4DABcv5lg9A2igTEom_L_76h7zfxsmQtg==
expires: 0

GET
H2 200 container.html Show response
e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 83EB 6 KB
3 KB 36ms
35ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chromecdn.shabani.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 16:18:01 GMT
expires: Tue, 24 Dec 2024 16:18:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
143 B 286ms
27ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=chromecdn.shabani.store&rnd=522279
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=chromecdn.shabani.store
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date: Mon, 25 Dec 2023 16:18:01 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ Frame 83EB 7 KB
814 B 132ms
45ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 16:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 15:06:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 16:18:01 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 83EB 24 KB
7 KB 112ms
33ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
URL: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 544791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 18 Dec 2024 08:58:10 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 83EB 7 KB
1 KB 127ms
42ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&lang=nl

Requested by

Host: e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
URL: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 16:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 16:18:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 16:18:01 GMT

GET
H2 200 2178290142467267654
tpc.googlesyndication.com/simgad/ Frame 83EB 24 KB
24 KB 115ms
36ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2178290142467267654?

Requested by

Host: e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
URL: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af4850b6a455d58d5809a26a3c9128bd769ae3d282cb75dc037c09e52dcf487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 07:16:14 GMT
date: Tue, 19 Dec 2023 07:16:14 GMT
x-content-type-options: nosniff
age: 550907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24219
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:11:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83EB 203 KB
65 KB 121ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
URL: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 16:18:01 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 142ms
141ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83EB 0
0 71ms
70ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssuD-t4nEJUzaQN-GF75G-nmcgz4jk6OlbC6F1zHReizzHYg_th4EGXwon4LxkHCjT-zsuy9W-Xj-XDTxUexixhTdDgzK5EL2-oeSb9Zpou_SKGpz7GXMObwXYDwa6KvKwy1xIXZSODuBMJL1MRh0KX2Q9G_hMqo-ZI8j7ZEj26yyk63Z1vx0TR3q0-zQW_hV5riECbSl_C1X8MTRsi07CoB3-4IJdpisJ1Kz6fUmZaDsDDeHJjSy0t3PITgWsMyZ1NgjQITqzTLRNBMN0EaZSjZrVsdReo84SxYpWQynBR1y4_-Ss8GHWMYruRLZvW0cpB0F2tkSyl4kAyKc5-gkhpqQWhtY6XWxYHimsI0sdbNvcfrx4xA7NKeyOuSmaKGeiVzPF1SJGAXPq853IUTmgjXFP94ilhsw3GagngwK8&sai=AMfl-YTXgdlEMpY1Dq8KmkNrntQyqCuNS1ySBiLZHyL4-YBjKqSSAHmHAp6NvDcxxn8mqiWX7faqNaIrtFUph3cAgLkco24L-op6mySq4tFWyDkbrSxpawYI1smXgJY49N_6eO7ZoqaWH2dVsFIBRZ1VqeB2&sig=Cg0ArKJSzM9D23dElu9eEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
URL: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 16:18:02 GMT

GET
H2 200 ad-tracking.js Show response
static01.nytimes.com/ads/adplatforms/cdn/ET/ Frame 83EB 9 KB
3 KB 40ms
26ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nytimes.com/ads/adplatforms/cdn/ET/ad-tracking.js

Requested by

Host: e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
URL: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

46db5b462e063bcd60edfb6a6efa82969e1d1fbb8812259bc70b337afe026755

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 21 Sep 2023 17:55:04 GMT
date: Mon, 25 Dec 2023 16:18:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 4559
x-guploader-uploadid: ADPycdvZ3c2EqYOQJIlN3qo9opxAIfueJl3OD46SDZ_E70Rt-Nel1XojDSARCSx7m_wZHLlcVxMA1KaA9A
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 2372
x-served-by: cache-iad-kiad7000059-IAD, cache-ams21072-AMS
last-modified: Mon, 10 Jul 2023 17:00:44 GMT
server: UploadServer
x-timer: S1703521082.007177,VS0,VE0
etag: "b787e3d6003409a1e48a30e0600cdb37"
vary: Accept-Encoding
x-goog-generation: 1689008444082064
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=t5C97A==, md5=t4fj1gA0CaHkijDgYAzbNw==
cache-control: max-age=7200
x-goog-stored-content-length: 9231
x-amz-checksum-crc32c: t5C97A==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 57537, 38

GET
H2 200 9376744555904406431
tpc.googlesyndication.com/simgad/ Frame 83EB 435 KB
436 KB 34ms
33ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9376744555904406431?

Requested by

Host: e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
URL: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f35eb84078ea2b334a083a090ec8069a537525bd6bd1e7d6e484f876e5f39c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 04:12:15 GMT
date: Tue, 19 Dec 2023 04:12:15 GMT
x-content-type-options: nosniff
age: 561947
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445778
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:11:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 83EB 14 KB
15 KB 114ms
42ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:12:00 GMT
x-content-type-options: nosniff
age: 601562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:12:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 83EB 15 KB
15 KB 139ms
68ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:05 GMT
x-content-type-options: nosniff
age: 545037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:54:05 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 83EB 14 KB
15 KB 105ms
34ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:09:26 GMT
x-content-type-options: nosniff
age: 572916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:09:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 83EB 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuj_1k57QG2xmipNlzKPRPSTkYPX4YdijjaKdwWkO02hHFeqhN3joq-j-aQoTP4mghzhBCtRrIGWScS16eeqJjd9kptXfIIO8eo-66wBRgx9chCBquMU6d_S9EIg20g0DbCjKa-_4ZeGjHcsFONlsqBmPXPsjGD6zTPbSGllzKd8kpvU6xblloFjCY2whz6WuYtdUnmJPuWUlvyTiF-L-HHmOHPm1bZROuRCGC_pSdsUUTCR4dQ7EnTpY5tE4X8CqeBQ5wIPOVxQcA6_Q5hnjfTSvpNayo3b3TzVHcTG0dtKOQQysNsTYB6z38QaWmhpE-UHi8l3pchewQ9OJOin9W9xawnykWDdikYm51_unuix2CM_ITrpLtIRq1ZvVeklJDwT4X_&sai=AMfl-YTCS678hsjlLFGqOxOkqWd9Ns2S7l0b0DDkWgiOHESEsJkH0iy9d6fhBfwY25TVQTvqmyZpElfQ3F27LYBvKwVc_poyWrYAivBHijHXIX1XsS4fAE5TXKORzM33FiU23eUR25T_MIHo7jObzYcWNIqB&sig=Cg0ArKJSzHMJEEQnPgxMEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 16:18:02 GMT

GET
DATA 200
OK truncated
/ Frame 83EB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b87a14ef971d510b9fbe297e780fd99b1d3e1e9078d72f961a36cbf8fc1920d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 eventtracker-snippet.js Show response
nyt-dti-prd-staticjs.storage.googleapis.com/analytics/et2/ Frame 83EB 3 KB
4 KB 139ms
34ms Script
text/javascript 2a00:1450:4001:80f::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nyt-dti-prd-staticjs.storage.googleapis.com/analytics/et2/eventtracker-snippet.js
Requested by: Host: static01.nytimes.com
URL: https://static01.nytimes.com/ads/adplatforms/cdn/ET/ad-tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 75f781a1bc9a89ae2f3814dfb5e3dab712c6edd2b35a10e43a646daa338b2f5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 15:37:45 GMT
age: 2417
x-guploader-uploadid: ABPtcPrRR0j8OQQhTt3TZT-UDNBxrXuVvYGjixGoWmzWwSoCjZkSUqS9eG8sSD3zKzjoTEo-VgI
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3190
last-modified: Mon, 15 Aug 2022 20:07:43 GMT
server: UploadServer
etag: "dcda8651f2fd6410a0bac2a0625874aa"
x-goog-generation: 1660594063515807
x-goog-hash: crc32c=GCowug==, md5=3NqGUfL9ZBCgusKgYlh0qg==
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400
x-goog-stored-content-length: 3190
accept-ranges: bytes
expires: Tue, 26 Dec 2023 15:37:45 GMT

GET
H2 200 .status Show response
a.et.nytimes.com// 0
0 131ms
130ms Fetch
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept: */*
Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 251ms
109ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee7be27c768d27a0db5bf1c127252426a88ed5181e4ef2436f203f7b0bc67881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12223
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 101ms
34ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876a89367aabdf7757a91ce9a8c763d042f9e6e285971097ed5419d92d7562b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:02 GMT
x-amz-version-id: UfdJ4W1ULjcVAQBVZ1jdy05D9WYCvZx5
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: RDF7YM6GZD449W40
age: 417
x-amz-server-side-encryption: AES256
x-amz-id-2: HC41HgGtf8sc5JvZHtDlTic9yWNvgnphMsDyqI5lzIX0uT0jQhwdwp+pF7FM92tr5qrPTdQgc6oOPY7BcHVDwrcYGmAvZOz4
last-modified: Tue, 19 Dec 2023 18:30:11 GMT
server: cloudflare
etag: W/"ebfe8f8e710095868bbf3c5f0ac99e12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72bY1A%2B%2FcERazrvrZNYzWfococnGffQugMDnxlwIkiDVX1HebacVxkpzz7OYD1PK8Lmh59DVC5m8UClw3gbnHNjQ6OMmoErwDGnZk1Cxr%2FPbMqmMERZCGJ7sq7%2FDXM4XPPU1vSY%2F%2B9YMKNWfgzaR8memNk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 83b265cc58ccb8f1-AMS

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain

https://sb.scorecardresearch.com/c2/3005403/cs.js
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

0
383 B

34ms
33ms

Script
application/javascript

18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol: H2
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 04:38:59 GMT
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 41944
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: MnYb_P88rKI0F-3TZLtNJJvU238xGQlB3VVcmZgNEDRz5Sr816IsIQ==

Redirect headers

date: Mon, 25 Dec 2023 16:18:02 GMT
via: 1.1 6ce3814cb60a4c907ac701e60e4c1e5a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /internal-c2/3005403/cs.js
content-length: 0
x-amz-cf-id: wHY6BrEQqXtH631MKnEjVk-iHWwFrgVuEmm9oAEBJNj-DSqnV-IpuA==

GET
H2 200 vhs-plugin-cover-vi-10739c7c8493155a1326.min.js Show response
static01.nyt.com/video-static/vhs3/ 51 KB
13 KB 26ms
25ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/video-static/vhs3/vhs-plugin-cover-vi-10739c7c8493155a1326.min.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c624e51ee3cefdd33ab81fcbd8b1f40cec5cb73036df6ff0099b2d0b3311e28e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 26 Dec 2023 17:23:32 GMT
date: Mon, 25 Dec 2023 16:18:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 514470
x-guploader-uploadid: ABPtcPqGKZL8TaFEB-FpSoiNlXnNmpwMyLrPqukMvUij4O9ihKqjzPMnrPqjb90DwcVbrcBj5sDVXAz_uQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: video/vhs3
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 12593
x-served-by: cache-iad-kcgs7200108-IAD, cache-ams21072-AMS
last-modified: Tue, 19 Dec 2023 17:23:26 GMT
server: UploadServer
x-timer: S1703521082.233705,VS0,VE0
etag: "cef59a65388987ef786b133c86058470"
vary: Accept-Encoding
x-goog-generation: 1703006606806693
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=xq7FQQ==, md5=zvWaZTiJh+94axM8hgWEcA==
cache-control: public,max-age=60,s-maxage=604800
x-goog-stored-content-length: 52298
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4309, 550

GET
DATA 200
OK truncated
/ 5 KB
5 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61987b71501afac79b03e8baa611020d395a37e824fd2360e7831443a305e71d

Request headers

Referer
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 404 114412_1_25vid-Al-Maghazi-aftermath_wg_1080p.vtt
vp.nyt.com/video/2023/12/25/ 0
138 B 130ms
124ms TextTrack
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vp.nyt.com/video/2023/12/25/114412_1_25vid-Al-Maghazi-aftermath_wg_1080p.vtt

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://chromecdn.shabani.store/
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-chi-klot8100110-CHI, cache-ams21023-AMS
date: Mon, 25 Dec 2023 16:18:02 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: nginx
age: 0
x-timer: S1703521082.285083,VS0,VE98
x-cache: HIT, MISS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
accept-ranges: bytes
content-length: 0
x-cache-hits: 10, 0

GET
H2 404 114355_1_20social-nutcracker-kids_wg_1080p.vtt
vp.nyt.com/video/2023/12/20/ 0
207 B 36ms
30ms TextTrack
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://vp.nyt.com/video/2023/12/20/114355_1_20social-nutcracker-kids_wg_1080p.vtt

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://chromecdn.shabani.store/
Origin: https://chromecdn.shabani.store
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-chi-klot8100179-CHI, cache-ams21023-AMS
date: Mon, 25 Dec 2023 16:18:02 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: nginx
age: 1
x-timer: S1703521082.285320,VS0,VE4
x-cache: HIT, HIT
content-type: application/octet-stream
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
accept-ranges: bytes
content-length: 0
x-cache-hits: 55, 1

GET
H2 200 25israel-leadall-swap-zhjg-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/12/25/multimedia/25israel-leadall-swap-zhjg/ 85 KB
85 KB 27ms
27ms Image
image/jpeg 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/25/multimedia/25israel-leadall-swap-zhjg/25israel-leadall-swap-zhjg-threeByTwoSmallAt2X.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

52c8c8c371e5bc4c2512fa507912a2ba728f85314901ab6573166a083e81beb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Mon, 25 Dec 2023 13:47:23 GMT
date: Mon, 25 Dec 2023 16:18:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 9039
x-guploader-uploadid: ABPtcPpF--fMnoCq7nsZfS8f5FHAwat_OhPAm8uvVqxvPqi4ewxTPpG_D6bjp3vbKovhgLT-eUA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 86936
x-served-by: cache-iad-kcgs7200071-IAD, cache-ams21072-AMS
last-modified: Mon, 25 Dec 2023 13:43:55 GMT
server: UploadServer
x-timer: S1703521082.292825,VS0,VE0
etag: "c7676fa898cdb102bf534bf4adf8ec52"
x-goog-generation: 1703511835485473
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=Rc+Cvg==, md5=x2dvqJjNsQK/U0v0rfjsUg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 86936
x-amz-checksum-crc32c: Rc+Cvg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 62, 7

GET
DATA 200
OK truncated
/ 503 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52c1269f57bc3b5b121595f104302322f9b8f0a23b5f550da9c5d1ccc7704309

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Thumb_V2-verticalTwoByThree735.jpg
static01.nyt.com/images/2023/12/20/arts/dance/Thumb_V2/ 87 KB
88 KB 28ms
27ms Image
image/jpeg 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/12/20/arts/dance/Thumb_V2/Thumb_V2-verticalTwoByThree735.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d18d76bef48b661ead1a0a402cae6a83e47ae63c5b57f80f5497a7df53d72cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 21 Dec 2023 19:45:16 GMT
date: Mon, 25 Dec 2023 16:18:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 333167
x-guploader-uploadid: ABPtcPqY3HKkOpxBo9U4liFOGuaX8JXGdIYThFhVdgPmv_QA6H4JudlA0C6sLAJbdjl0mlAoKisw3f7vtQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 89525
x-served-by: cache-iad-kiad7000120-IAD, cache-ams21072-AMS
last-modified: Wed, 20 Dec 2023 21:18:55 GMT
server: UploadServer
x-timer: S1703521082.293691,VS0,VE0
etag: "0c2f7a503ca12d2c4ebe9787fc3b9f83"
x-goog-generation: 1703107135376706
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=GHD2cw==, md5=DC96UDyhLSxOvpeH/Dufgw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 89525
x-amz-checksum-crc32c: GHD2cw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16, 323

GET
H2 200 vhs-plugin-nyt-analytics-7a8a7d369d446725e2e3.min.js Show response
static01.nyt.com/video-static/vhs3/ 26 KB
6 KB 26ms
26ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/video-static/vhs3/vhs-plugin-nyt-analytics-7a8a7d369d446725e2e3.min.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

604c29230e8e11257c4b552a7adfb34ea5a8ca8c7c37f933ff65676a8feb7992

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 26 Dec 2023 17:23:32 GMT
date: Mon, 25 Dec 2023 16:18:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 514470
x-guploader-uploadid: ABPtcPr9yRLZwhfRwsU4t_WIiO0JWqsUdMTkZW8NatColjvYJIlERouj1Z2X8tfLmJnZ8OT4ALszIeFa8Q
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: video/vhs3
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 5820
x-served-by: cache-iad-kiad7000042-IAD, cache-ams21072-AMS
last-modified: Tue, 19 Dec 2023 17:23:26 GMT
server: UploadServer
x-timer: S1703521082.299440,VS0,VE0
etag: "e4cc0baef285762a15335439f2c432bd"
vary: Accept-Encoding
x-goog-generation: 1703006606823264
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=S8Nq2Q==, md5=5MwLrvKFdioVM1Q58sQyvQ==
cache-control: public,max-age=60,s-maxage=604800
x-goog-stored-content-length: 27115
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36, 4239

POST
H2 200 track
a.et.nytimes.com/ 0
0 133ms
133ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 136ms
135ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 141ms
140ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 match-prod-8c6a038707c1d5fe528b.js Show response
platform.iteratehq.com/ 87 KB
30 KB 37ms
37ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-8c6a038707c1d5fe528b.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7c16518f3788f94f761926116d66716aa35b537af78b530829b845411aa5b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:02 GMT
x-amz-version-id: Fr9rhL0VTsXAjaUEe5wzFbgEwXH5tM.I
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: JWX2TCPA6YAXRFDY
age: 510204
x-amz-server-side-encryption: AES256
x-amz-id-2: EVP0xrk859t4ElbQ15UZ3KaOywpzzr3X19eMV5HdaUFAq3WkoPeiUptifjlI/oyFRGmjMDxnmKU=
last-modified: Tue, 19 Dec 2023 18:30:10 GMT
server: cloudflare
etag: W/"97a5037af257cb6cc82de15b3074be41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxrSf7oC6FqWxVJgytAoyG%2FqAZuhPeTtDddMBZXKA0ROO4RLZ%2B8L1gJ53gSAqvFM%2Bp1r%2F0RA9huNjpwndBogZWTitkYvOQi87kU%2FX4M9puM%2BnmCIvtaIWDQ6e4dZ2Vl1IUzeWV%2FeZ85NsCxu3UvBSCn82AQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 83b265cca920b8f1-AMS

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 300 B
550 B 123ms
122ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc1d946e9095a520f6fc40c2c2f01cdc1ceb5d53e504695f03c594ef08377c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 16:18:02 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsCUXDoxkCALvVAVwDSmUA5LzHFw3E1VwgV%2F0qg5iIpma0YLApXVyUoRg1ejzuPm53oS7ttb%2BislO9XFL68DNAKw%2Fo%2F3cShRp6YSFEULg3c0%2BPuXkQIiSCljrVG1PWHquHbHH2Ddtl%2FPsuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 83b265ce6dd8b936-AMS

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 224ms
135ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://chromecdn.shabani.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 83b265cd9cf6b936-AMS
content-length: 0
date: Mon, 25 Dec 2023 16:18:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E10BlobU36V3zQ90u3PHZeCCdMC85dOQLTyEjHAxD8xifYN75xtsPMsKJtoDOkx4T%2F9zWNShxVQPrbCs8oToxQ7aotZk2rnNiKD5tbx3XvmYeVewqR643Ugi03nPYn7Y%2FAxxPFihqcyartI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 16:18:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 33CB 13 KB
5 KB 34ms
32ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chromecdn.shabani.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 56090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 00:43:12 GMT
expires: Tue, 24 Dec 2024 00:43:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 94C1 829 B
1 KB 208ms
71ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c77a92ea56cc6b06cab8df27b27eb0d1bb40b9cc44e4cfccb35db7b7424b618b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bN0LnltJdQv5EN_y4vxU7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://chromecdn.shabani.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bN0LnltJdQv5EN_y4vxU7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 16:18:02 GMT
expires: Mon, 25 Dec 2023 16:18:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 33CB 39 KB
15 KB 187ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 94C1 0
0 95ms
95ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1096839520101907&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
344 B 124ms
123ms Fetch
application/json 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTg5YWIzYTk2OThlNjAwMDExZWViMjIiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzAzNTIxMDgyfQ.a_tlXtiQWv32RlxEi0Bd59dwfE6Xn2W0MukLoeZ6PUI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Dec 2023 16:18:03 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMEljjZNblkk8rrSlRAauLm6%2Fti4hCWAsfEYOzuunEIQpWnleZYXxFaR2Xncuz4artEZNNNL5XSLCQ3ubcnU1cflfzF1au90CLUKAlqHoNMDUk9XroshW%2BZU%2FxNO9TYkaQAQ2tCncFeMeYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 83b265d0f877b936-AMS

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 123ms
123ms Preflight 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://chromecdn.shabani.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 83b265d02f95b936-AMS
content-length: 0
date: Mon, 25 Dec 2023 16:18:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ghxBl89Y0juQiu51XfLRTwYt3N236QKxVR2gjrIrrAs8vEUZbbU7UH4DniyEabqczDvcI3b4Wmc2aGA35NgZunPzkdjU1%2BAxPclFUev9B%2BHiumqf34ueVCP%2FNi6cGP%2BUZ%2BQa%2B%2BPExL25GcU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 33CB 0
10 B 32ms
31ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?g_2g1A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83EB 42 B
174 B 101ms
98ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshLRELFk_w-BPVKBiV-cMlrO8VBXz1YqKRQ_aI88gePmoRhoML3aW1bsm4EdjagHIR-ILN2zTGLew5QUaUAWjKt8kcQeV2fwxby6slc13xLteqpNJF_RR-PnJUAM_Y1I3soYQZETb07eLnd5GiQpCuAw&sig=Cg0ArKJSzEbNhjnNS9a3EAE&id=lidar2&mcvt=1000&p=16,0,286,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2496155832&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703521081757&rpt=271&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 100ms
99ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1096839520101907&bg=!qaqlquXNAAY3kmNgF5I7ADQBe5WfOIBs7V75xpVuv_uVeYxRSZ8NobAfXt24IRBiSz3-XZYqcTp7xnwg5HKs7bD6qa0dAgAAAE1SAAAADWgBB5kDA5bfOY75NW3gG6iYLvVss9AbOHhdSndpBxuplG0tP9KS9e-7CbK2CnyuAZb2UU1lFm33VxeYruxmvd5Yv_lSLUb9p_3AVtnU4392p61vgoragKa27UZND9oTh-iQ-gyellHxwmf-3u_D5DUczMZ--X7RzA_v7nmlW3dCM9uxX2w5OeRVGbHhXjN7rbYl0EamIcE1y4uPL3daPZVwV_y5bMs9VkFyRWesAQI41VrSVZDtMPdJw0hXSqaTCi82jlEHMThrGRAkZJmRzvPJMqByAxhU1aD43Cj2eioa-wk3lW5WAFL9EIW7VmUByprUS9sWdks7DGkw2O926QG3aRiViBOHDzcMGJYb6VND0gD8miYD_Sxy1yMaQmgdZAUIAPnUMERn0y9KaATqC3M30N5THl2YLwCpjXrN5s5s1QkCrqXlq_hs3Jwgm1hzBbRDWirTMRDcFEik8Be5WoFlb9NSBoiTtDdBptqpdTNhn-qkWMAEKaqLCRg45F1I8_T_rowPOaGUMVcIGtFAUVHMj9hOYDPk3zhKvLO8XqZiAcC_tyz7KBw0X3HQHKBDcrbwvERYpq54mDzrtA1lUOUHg0ZkIZLglzXjR2TxqUAEMDIrsrq70CCaN5CIZGaQcHs5H9IEMYcqTXDB5iY9BD-ylcqIKwqrsdZrVMEi_LRlgDW43xs4mcEyWWWct0d_Pu5ZgoBL1Kxu_nbkYWwDzPigp6a8juP_5wnp-CGx0h6RNX1HHL2-RCK5XKZjXN0RmU3xMafMCAaegDpT92AET_9IDhfPcUCwHrcRD3drP3_ExBO2L57oRBJ4amJVwCQ7QoXuaHJshvty9rBv2PATWj5SJlZsaC_zvLJY5C4786K2d4vKd34jqjuQ0iogLCPUaVopXa7RmIEK8nYbZYlpHmclOyjsuyJVHu5n9_i6Qt_sqDPmmWXe-sfAKjoBl4ocQYiHKgYP_bMKJpEBIWD5JdN1A_uwz-AjDApuWsQvo4Mx04vzi9pwPggti0jFvhuUx1-Bp926dylwzQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 200
OK cksync.php
cs.media.net/ 56 B
422 B 135ms
42ms Image
image/gif 2.19.100.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.100.239 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-100-239.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Dec 2023 16:18:04 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 56
x-mnet-hl2: E
Expires: Mon, 25 Dec 2023 16:18:04 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 125ms
31ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=163427
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:04 GMT
content-length: 0

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 121ms
32ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 16:18:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=0&_test=ZYmrPAAJmrFnZwBH
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZYmrPAAJmrFnZwBH&gdpr=0&_test=ZYmrPAAJmrFnZwBH

43 B
557 B

62ms
48ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZYmrPAAJmrFnZwBH&gdpr=0&_test=ZYmrPAAJmrFnZwBH
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=je1t7WBdyCpt8LG1%2BGYEgHclzwfZDNLoP8KCEEgek2Y21f6hP84Zgtk5s0MIxiv1AJRs7FLntl2gyPA9axj7PzY1kaj%2Fc7xtV0AWT52aqevShVFGVrBV2qzkNy%2FJhphm%2FZgflpYfp1XpAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b265dd990f0e2f-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

x-served-by: cache-ams21075-AMS
pragma: no-cache
date: Mon, 25 Dec 2023 16:18:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1703521085.020737,VS0,VE0
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZYmrPAAJmrFnZwBH&gdpr=0&_test=ZYmrPAAJmrFnZwBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 pd
nytimes-d.openx.net/w/1.0/ 43 B
295 B 114ms
32ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nytimes-d.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://chromecdn.shabani.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 16:18:04 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 131ms
131ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: chromecdn.shabani.store
URL: https://chromecdn.shabani.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://chromecdn.shabani.store/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: als-svc.nytimes.com
URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: purr.nytimes.com
URL: https://purr.nytimes.com/v1/purr-cache

Domain: a.nytimes.com
URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1703521080480&referrer=&sourceApp=nyt-vi

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: meter-svc.nytimes.com
URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fchromecdn.shabani.store%2F&referer=https%3A%2F%2Fchromecdn.shabani.store%2F&pageviewID=Teg64tmEeqRBpU6TxVnqBBVR&MessageSelectionAPI=real

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-21 01:57:37	Name: nyt-a Value: ARrcrMbb1jv5Ib2-30AYWv-l
.et.nytimes.com/	1970-01-20 17:12:02	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-21 01:57:37	Name: sessionIndex Value: 1\|1703521079984\|ARrcrMbb1jv5Ib2-30AYWv-l\|1703521079984
.et.nytimes.com/	1970-01-20 17:13:27	Name: et-ppvid Value: https://chromecdn.shabani.store/=Teg64tmEeqRBpU6TxVnqBBVR
.scorecardresearch.com/	1970-01-21 02:48:01	Name: UID Value: 15Ef00ea7cbe6d5f34b4e0e1703521080
.rubiconproject.com/	1970-01-21 01:57:37	Name: khaos Value: LQL4GUP4-Q-1HRI
.rubiconproject.com/	1970-01-21 01:57:37	Name: audit Value: 1\|yQuirGeEF6DVRT6IhUrpNefhqFI7AU9U903mtsHdljB0evEgqIiL4QjzoiGtE6caBSFQ4gTlHC2G1FS7fw/RlfJ7UDdmbfU9JhsHlJbldDc0SwvsFymxLCKPLRELhl3xGLmP30iNJH4=
.shabani.store/	1970-01-20 19:21:37	Name: _gcl_au Value: 1.1.1960846153.1703521081
.shabani.store/	1970-01-21 02:40:49	Name: _cb Value: NBc6XBAHRm1DTxxr2
.shabani.store/	1970-01-21 02:40:49	Name: _chartbeat2 Value: .1703521081645.1703521081645.1.11EQTCWXJjJwy7kVC5zkoLDbiSrt.1
.shabani.store/	1970-01-20 17:12:02	Name: _cb_svref Value: external
.shabani.store/	1970-01-21 02:33:37	Name: __gads Value: ID=882e38bfdfcb8d06:T=1703521081:RT=1703521081:S=ALNI_Maoge-jh7oAINvYWcSTU6tB-x72lw
.shabani.store/	1970-01-21 02:33:37	Name: __gpi Value: UID=00000d2b08f605cc:T=1703521081:RT=1703521081:S=ALNI_MaGal213a80A1juInp4vpyxt3GU4w
.chromecdn.shabani.store/	1970-01-21 01:57:37	Name: datadome Value: fgntCNL_hi6gJiN~YncppB~OXgWdxm9QqtFeX886nzwB3Qn5aUVbfiEyAuBA~kCN7Tv5wZkXNyw7DUBJlLPYCqL9_lWZ~SC2qKGaHXnFgLFVvNzh~iiuGRZKf5DRH6Ma
.doubleclick.net/	1970-01-21 02:33:37	Name: IDE Value: AHWqTUneor-5pG_B1BmIRftlKXN64RjUmAcusPWSKkyGsW_4WOefCsafbfZ_BpqMTKQ
.shabani.store/	1970-01-21 02:48:01	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTg5YWIzYTk2OThlNjAwMDExZWViMjIiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzAzNTIxMDgyfQ.a_tlXtiQWv32RlxEi0Bd59dwfE6Xn2W0MukLoeZ6PUI
.casalemedia.com/	1970-01-21 01:57:37	Name: CMID Value: ZYmrPJPfd8beC5cbP3vIiQAA
.casalemedia.com/	1970-01-20 19:21:37	Name: CMPS Value: 3267
.casalemedia.com/	1970-01-20 19:21:37	Name: CMPRO Value: 3267
.everesttech.net/	1970-01-21 01:57:37	Name: everest_g_v2 Value: g_surferid~ZYmrPAAJmrFnZwBH
chromecdn.shabani.store/	1970-01-20 17:12:01	Name: _dd_s Value: rum=0&expire=1703521979878

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://chromecdn.shabani.store/ Message: Access to XMLHttpRequest at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://chromecdn.shabani.store' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://chromecdn.shabani.store/ Message: Access to XMLHttpRequest at 'https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web' from origin 'https://chromecdn.shabani.store' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://chromecdn.shabani.store/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://chromecdn.shabani.store' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://chromecdn.shabani.store/ Message: Access to fetch at 'https://purr.nytimes.com/v1/purr-cache' from origin 'https://chromecdn.shabani.store' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://purr.nytimes.com/v1/purr-cache Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://chromecdn.shabani.store/ Message: Access to fetch at 'https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1703521080480&referrer=&sourceApp=nyt-vi' from origin 'https://chromecdn.shabani.store' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1703521080480&referrer=&sourceApp=nyt-vi Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://chromecdn.shabani.store/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://chromecdn.shabani.store' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://chromecdn.shabani.store/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://chromecdn.shabani.store' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://chromecdn.shabani.store/ Message: Access to fetch at 'https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fchromecdn.shabani.store%2F&referer=https%3A%2F%2Fchromecdn.shabani.store%2F&pageviewID=Teg64tmEeqRBpU6TxVnqBBVR&MessageSelectionAPI=real' from origin 'https://chromecdn.shabani.store' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fchromecdn.shabani.store%2F&referer=https%3A%2F%2Fchromecdn.shabani.store%2F&pageviewID=Teg64tmEeqRBpU6TxVnqBBVR&MessageSelectionAPI=real Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://vp.nyt.com/video/2023/12/20/114355_1_20social-nutcracker-kids_wg_1080p.vtt Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vp.nyt.com/video/2023/12/25/114412_1_25vid-Al-Maghazi-aftermath_wg_1080p.vtt Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
aax.amazon-adsystem.com
adservice.google.com
als-svc.nytimes.com
c.amazon-adsystem.com
cdn.brandmetrics.com
chromecdn.shabani.store
collector.brandmetrics.com
config.aps.amazon-adsystem.com
cs.media.net
dd.nytimes.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e287f6119ba1f331797e7fd720afcb4e.safeframe.googlesyndication.com
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g1.nyt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image8.pubmatic.com
iteratehq.com
meter-svc.nytimes.com
nyt-dti-prd-staticjs.storage.googleapis.com
nytimes-d.openx.net
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
prebid.media.net
purr.nytimes.com
rtb.openx.net
rumcdn.geoedge.be
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
static01.nytimes.com
sync-tm.everesttech.net
tlx.3lift.com
tpc.googlesyndication.com
vp.nyt.com
www.datadoghq-browser-agent.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
a.nytimes.com
als-svc.nytimes.com
meter-svc.nytimes.com
purr.nytimes.com
samizdat-graphql.nytimes.com
104.18.36.155
13.248.245.213
13.32.26.187
142.250.185.198
143.204.215.30
151.101.1.164
151.101.193.164
151.101.194.49
18.245.60.107
185.64.189.112
185.64.190.79
2.19.100.239
20.50.2.28
2600:9000:2251:5000:4:b37b:9440:93a1
2600:9000:2646:d600:18:1fcd:353:c61
2602:803:c003:200::43
2606:4700:20::681a:6e5
2606:4700:20::681a:c12
2606:4700:20::ac43:479c
2606:4700:3031::6815:218f
2606:4700:3031::ac43:a3b6
2a00:1450:4001:803::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::201b
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
34.120.63.153
34.226.90.84
35.157.84.191
35.227.252.103
35.244.159.8
37.252.173.215
44.211.112.71
52.222.192.64
52.222.208.154
99.86.4.39
007070e6f905e2aefbfcc7568cdf61c38a422d933c9c8166a6ba2f6223dd9ec5
03de96fc40089112d81bc750c7814719bd75491f87467ed756be52f97a9f33e0
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a42b309385e277a7673df82a6f36fdea9ea7cca68a537a4898347ae4734fa0
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805
0f4fdfbd9180e410a867847c2824bb174b8e6cc006debb86ad46b4306064fb14
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
11cad19b226383c7e859031e5cd320644ad1a33d12abc2689a4d3bdbc8253ab7
1357391ec9a3544a644201bced940a68b1ffe2c28045177d3458cbfa009f3b32
1458ce394565bfe2c90f5da5a9c9884478fac99f333dd29ef94b6c864bfdf8fd
16cc1d946e9095a520f6fc40c2c2f01cdc1ceb5d53e504695f03c594ef08377c
1b212ea12e667d35e7127d3c59788897d07d32a661336ccf122b02af12fab96d
1b4271d82cf40cf0cba4f13004ec0ad734a62e3db40565a18c8ebe419a5cdeeb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9
20a1e05cca983d2c838b5637de79857db90bd69705e38126260f9dca7fc29186
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
2e1e7d6140793c56e579652881156490f7f886827b15593b16b24f33cf0c813d
2f35eb84078ea2b334a083a090ec8069a537525bd6bd1e7d6e484f876e5f39c6
3459a86a1a5a0ebefc38ba347c8eee86838664553d2732a9f0d75d9b474bab72
352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d
41d61937d6f1b2b8887f735949cb30f7be1f3027a5d495621672f0d8fd3f9d14
467ade322462ea7732326bff06170916044da4a744bf7a39038ef66345ed3a1a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46db5b462e063bcd60edfb6a6efa82969e1d1fbb8812259bc70b337afe026755
49c43f6808ff7f504a03a81119d3f9779fb41cad4d9fac162834a56759aa5a2c
4af9b52b5cf0f6a694ec51e283ccabc662be7881a3ecefecccf5441a687a894a
4ba9c62e2d791768ee9cf91a2257b631d3d3d3e4d0039b2d60affb962b562219
4c718cd3080b9bda5abf91cae5749b2567613a2220b41ce538ac8f69cea471b6
4d3928e5b934069fa3b78d716121fd1838737cb5b1aecd98b82e62982435ada6
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
4fc676fe659c86c36270516a9344e4fdfee0bb569ef8a0ea551c74b2c5c1d97f
52c1269f57bc3b5b121595f104302322f9b8f0a23b5f550da9c5d1ccc7704309
52c8c8c371e5bc4c2512fa507912a2ba728f85314901ab6573166a083e81beb1
53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
576ebc0c0c1377533b7225bfda069d029cda9109b720fbf72470cea57725b757
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5a34864a86755eaca1535738067bce4e262f5a993ff9bd417a433f49900015b4
5a3e86e7d992c54a63b9f21237be5c9efc912207e2795cb7b4a05ee8179010d0
5aa5bc9db770e8441470d018ff9027fb84194eb995a607c13f396bd9259855ea
5b54622fb36f76a8f55ff2fed91af612a77830c4d3bc0cb8e52173588bc43d3f
5d7824c56fadbab811bb6be7b48d8eec8fd4269877246eeed5b9b33d1a953292
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e58c4c90b85eda4055a5b30fe55ef60cbcf6ea093311f2ff38861c7b4fe448a
5ed9e9f81abee651d7645c6ae932a099ff7595eb893df2bd66306c818adf5a39
604c29230e8e11257c4b552a7adfb34ea5a8ca8c7c37f933ff65676a8feb7992
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61987b71501afac79b03e8baa611020d395a37e824fd2360e7831443a305e71d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6314d6a3f45efe526e4140094aab48e2db2c15e500be1e351e6030f88cf15a4e
63cd01bf8a87ddc8a07e6491ea1ab7bb28613587cfddd7c9664dda47f71dcda3
644159a517427813378bf283fb86f497ef2fd81c8656225b3e209972f0e4ccbb
660f11bb046501308d2ef5501ebf4d82e14c3d8d2fb0e3a6c70fb2394e330faa
66debd0db62a3f53e72503a053f862b586a886e6a399fd8243b5e0180d304dec
682eb3c36d44cd32507d581390e8277af04edc3fed0276a2ba4879378481b56b
71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a
75137550e4bc1f061586fb99d8cb98b789c6caec1b4e168720d6dcd42b93d8f2
757d394bd006684e87530a298c66b1f9b17dd655fea4f4febcd77532340a723c
75f781a1bc9a89ae2f3814dfb5e3dab712c6edd2b35a10e43a646daa338b2f5f
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c65354f69fbaf3704fa399fb2755f8f1e12a4febd45037a125f17de050fca7c
7db424b56c98fb83a59640cadc9e54363e6094e3db2af2c649368d7c0487e8fa
7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47
7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1
7e9b1bcc8b7f6c40a146c67b1ae4d804d1a00f9374ebd5ce5b4f2de65ff69cc6
8071309f9ce3b8f01a3e0770d688dd5d207eb803f975779044a33d3089e3674b
832c2e84f40e3512fc4a9326e54e6c3a8e8b91d691dd601e5716ab8b4cd01f32
86b7e85d953eeaa975f082eddc76b211336c93df749dad4d292663c107c98e57
876a89367aabdf7757a91ce9a8c763d042f9e6e285971097ed5419d92d7562b0
8893d638a3c454bba91c5b7f7adb3422b143dbf01d8f957e2efdd80e71514b17
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a178f595d596c3289145308c67ca81d6e99c40805640b9f140b2b5a520b2192
8a7862964dc80643076d2cff5683dc2a85a728c772fdafcc3cff964bf1943ee1
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8b84ebfbd15694400df12827c578baf3e0d64b86b13222a7d27a536e236dcb6c
8bafef9de45070f320e6d34730a285286b7b00ae2fbc1757ef49b1ff21d80c24
91010ba4000c2c6cd2d57003716996bf3b9a845044f5abf868d2a5a722baeb9e
91167958ac672c9ef71d773c0e095728461792ff26c2f90c16a58ca440439cd1
9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294
99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e
9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47
9af4850b6a455d58d5809a26a3c9128bd769ae3d282cb75dc037c09e52dcf487
9fa4e2a0db1d7d0b1ccc1c147bd61301f7365a2e1f8bc83acc7838e477c96b77
9ff678a9aaa17eb75c6f6baf0a00ad52d11c370a36fdf68e57a522aa06378955
a10dbba5b7fdf2059586d40eaf90b80e2ac30ee8249844f13498f55b4aae1681
a64a8f71f3d50be6c1c56f3d615ff41f33b7ce30a4ab93b0afe463f8e2f415b0
a66b3644d06f53c2bd6a2ce8607ef5dda03a1474cdaba804fc67a290959a14bd
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a6a464e55b66da4ea128368c807cf47f6b05c8e939c8ca27a01e30e41f57a914
ac61aea68847d91ff9ec781d06a6f144819100b5518580251db024e186e8c466
ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b325f3d230267d51d0a7938b4d962347891ad3468eab857fb4a36d9a8e6f2059
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b87a14ef971d510b9fbe297e780fd99b1d3e1e9078d72f961a36cbf8fc1920d6
b8909f0267ba3bbf1038e7a9165c8b8e33faa6845909cb812c84786b7cf0aa9d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e
bfeade14cebcdfeb93846c26ccda0b23aebb75a7a0f3b2f320936a0d9ca496ff
c01bb7101c3b034d4e913bdc36280e1a3034d84ab1f8ab674e0d43e75f20e229
c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e
c225c9577c4aa7e150a13912ef0e68855c3224851f11f49f90732ee442eb613c
c4fd486c427aff4879822fc8e342979aa0110d283582bbee589cb941de95f39f
c54140eac6df64b97abf9bf21e88910bac89ddc973d871fcd33dca119b8b4c24
c544f60b275f41d8d4642194bbf8911d9167dfe187d1b500e2dbd52b558941e7
c624e51ee3cefdd33ab81fcbd8b1f40cec5cb73036df6ff0099b2d0b3311e28e
c77a92ea56cc6b06cab8df27b27eb0d1bb40b9cc44e4cfccb35db7b7424b618b
c7c16518f3788f94f761926116d66716aa35b537af78b530829b845411aa5b99
c8ee16888691db8ad184a8a0dca545cfcb56c69f3a84123559ba97fa7e0f1d32
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb9b31ff535e2b76cf704d03beeeb2b2a60e6a6206b9759040430cc7774ba72e
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18d76bef48b661ead1a0a402cae6a83e47ae63c5b57f80f5497a7df53d72cbb
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d50fd0eaae85e9558e3cb78aa5433a712b8bf2f2408b1563a1f334ee522a8f68
dc288edaf30d3566c6a43f7db44c69243ef51481f3ae50a4b35868d6ac11706a
de417027b3c04d64f0f0e42493e0cb5a6936609eb56f6f0440580a191d6d6b2c
de9e0de16743ce5453503ea556a0a9d39b834ff4b765aa1161621e840cdf4715
e0205d534dd9cefbd200af200abef481f13a15a5ce439bd8dbb17cfdcd1e2eef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e507abe0a5a98f0725b005bf1ff51cd4372a94e456d4946c2da3109eaa482f89
e7f4ae3d77496807413afb4a0d56451b31667200c0293d3e89df130190e1f10b
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
eb66d19d76b2a591f290eb9cbefa2faf0a2c8f90b124cb937270ab4b8adee08e
ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f
ed69635e57405277862a14a05b8432d3742309d1ccaafd2ecb12a1b2065b22aa
ee2477989dc118d77f63c90a8cff7b7822bdd72b9bb3f8d59a7e170e52624ffb
ee7be27c768d27a0db5bf1c127252426a88ed5181e4ef2436f203f7b0bc67881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e4eb2e6499e7805732b936694778a0547e32010bca773807743cfcd8e4b049
f8018ac0d5ade5c992dccb83915d04af94d42283dadbe071b57f058c27d126ee
f9619e7a1dc4ec09dc3d6c5df8aa6eada684c79482d283459eac511852d5bb3c
fb7c3cc4de76e46cda9ba91817c7315e27bb2cd7dc366e456491da8d28edbc27
fcb0ab4f6d3a4da0916061428974c4e222922d127a1da82f2e79173fa2fea1ac
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

chromecdn.shabani.store Open in urlscan Pro 2606:4700:3031::ac43:a3b6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

185 Requests

94 %HTTPS

45 %IPv6

26 Domains

52 Subdomains

41 IPs

5 Countries

4133 kBTransfer

9533 kBSize

21 Cookies

276 Outgoing links

Page URL History

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

chromecdn.shabani.store Open in urlscan Pro
2606:4700:3031::ac43:a3b6 Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

94 %
HTTPS

45 %
IPv6

26
Domains

52
Subdomains

41
IPs

5
Countries

4133 kB
Transfer

9533 kB
Size

21
Cookies

185 HTTP transactions
4 data transactions