panelsecurevip.secureweb.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://panelsecurevip.secureweb.top/
Submission: On November 07 via automatic, source certstream-suspicious (November 7th 2023, 5:47:06 am UTC) — Scanned from NL

Summary HTTP 168 Redirects Links 285 Behaviour Indicators

Summary

This website contacted 40 IPs in 3 countries across 25 domains to perform 168 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is panelsecurevip.secureweb.top.
TLS certificate: Issued by E1 on October 10th 2023. Valid for: 3 months.

This is the only time panelsecurevip.secureweb.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
2	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
5	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
1	65.9.89.147 65.9.89.147	16509 (AMAZON-02) (AMAZON-02)
7	52.54.49.121 52.54.49.121	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:249... 2600:9000:2491:0:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	65.9.90.93 65.9.90.93	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:310... 2a02:26f0:3100:795::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.74.50.207 3.74.50.207	16509 (AMAZON-02) (AMAZON-02)
5	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	18.66.112.124 18.66.112.124	16509 (AMAZON-02) (AMAZON-02)
5	108.138.9.235 108.138.9.235	16509 (AMAZON-02) (AMAZON-02)
2	18.66.97.95 18.66.97.95	16509 (AMAZON-02) (AMAZON-02)
1 3	65.9.95.63 65.9.95.63	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:184::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2646:ea00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:d12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	44.214.186.146 44.214.186.146	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:6e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:7e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	44.236.161.73 44.236.161.73	16509 (AMAZON-02) (AMAZON-02)
168	40

36 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

panelsecurevip.secureweb.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.89.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-89-147.prg50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.54.49.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-49-121.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:0:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o82024.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.50.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-50-207.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-124.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-95.fra56.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.95.63 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-63.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b2a865ed5d2d14f0ebd6e5cbc8fb40e7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:184::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:ea00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.214.186.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-186-146.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:6e5 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:7e5 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

nytimes-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.236.161.73 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-161-73.us-west-2.compute.amazonaws.com

prod.tahoe-analytics.publishers.advertising.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	nyt.com g1.nyt.com — Cisco Umbrella Rank: 7214 static01.nyt.com — Cisco Umbrella Rank: 5347 a1.nyt.com — Cisco Umbrella Rank: 6906	863 KB
36	secureweb.top panelsecurevip.secureweb.top	958 KB
13	nytimes.com samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 5747 a.et.nytimes.com — Cisco Umbrella Rank: 5208 als-svc.nytimes.com Failed www.nytimes.com — Cisco Umbrella Rank: 3593 dd.nytimes.com — Cisco Umbrella Rank: 7435 purr.nytimes.com Failed a.nytimes.com Failed meter-svc.nytimes.com — Cisco Umbrella Rank: 17109	144 KB
10	googlesyndication.com b2a865ed5d2d14f0ebd6e5cbc8fb40e7.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	437 KB
9	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	71 KB
8	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 7412	178 KB
7	sentry.io o82024.ingest.sentry.io — Cisco Umbrella Rank: 9733	998 B
6	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 5915 iteratehq.com — Cisco Umbrella Rank: 5338	32 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 513	4 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 2806 collector.brandmetrics.com — Cisco Umbrella Rank: 3212	20 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	869 B
2	a2z.com prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 2576	374 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 105 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 695 nytimes-d.openx.net — Cisco Umbrella Rank: 12828	563 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1335 cs.media.net — Cisco Umbrella Rank: 1513	1 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 572 eb2.3lift.com — Cisco Umbrella Rank: 417	752 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1444 c.go-mpulse.net — Cisco Umbrella Rank: 654	50 KB
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 2295	57 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	182 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 5817 browser.sentry-cdn.com — Cisco Umbrella Rank: 4015	37 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 6725	201 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	60 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1585	24 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 246	626 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1471	48 KB
168	25

	Domain	Requested by
36	panelsecurevip.secureweb.top	panelsecurevip.secureweb.top rumcdn.geoedge.be browser.sentry-cdn.com
25	static01.nyt.com	panelsecurevip.secureweb.top browser.sentry-cdn.com
12	g1.nyt.com	panelsecurevip.secureweb.top g1.nyt.com
7	o82024.ingest.sentry.io	browser.sentry-cdn.com
6	securepubads.g.doubleclick.net	panelsecurevip.secureweb.top rumcdn.geoedge.be browser.sentry-cdn.com www.googletagservices.com
6	a.et.nytimes.com	panelsecurevip.secureweb.top browser.sentry-cdn.com
5	pagead2.googlesyndication.com	browser.sentry-cdn.com tpc.googlesyndication.com www.googletagservices.com
5	aax.amazon-adsystem.com	browser.sentry-cdn.com
5	fastlane.rubiconproject.com	browser.sentry-cdn.com
4	iteratehq.com	browser.sentry-cdn.com
4	tpc.googlesyndication.com	rumcdn.geoedge.be
3	sb.scorecardresearch.com	1 redirects panelsecurevip.secureweb.top
3	c.amazon-adsystem.com	panelsecurevip.secureweb.top browser.sentry-cdn.com
3	samizdat-graphql.nytimes.com	panelsecurevip.secureweb.top browser.sentry-cdn.com
2	prod.tahoe-analytics.publishers.advertising.a2z.com	browser.sentry-cdn.com
2	platform.iteratehq.com	panelsecurevip.secureweb.top platform.iteratehq.com
2	cdn.brandmetrics.com	www.googletagmanager.com rumcdn.geoedge.be
2	a1.nyt.com	panelsecurevip.secureweb.top www.googletagmanager.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	dd.nytimes.com	panelsecurevip.secureweb.top browser.sentry-cdn.com
2	rumcdn.geoedge.be	panelsecurevip.secureweb.top rumcdn.geoedge.be
2	www.googletagmanager.com	panelsecurevip.secureweb.top www.googletagmanager.com
1	eb2.3lift.com
1	nytimes-d.openx.net
1	cs.media.net
1	www.google.com	rumcdn.geoedge.be
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	pnytimes.chartbeat.net	panelsecurevip.secureweb.top
1	www.googletagservices.com	rumcdn.geoedge.be
1	static.chartbeat.com	panelsecurevip.secureweb.top
1	meter-svc.nytimes.com	browser.sentry-cdn.com
1	c.go-mpulse.net	browser.sentry-cdn.com
1	b2a865ed5d2d14f0ebd6e5cbc8fb40e7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	config.aps.amazon-adsystem.com	rumcdn.geoedge.be
1	rtb.openx.net	browser.sentry-cdn.com
1	prebid.media.net	browser.sentry-cdn.com
1	tlx.3lift.com	browser.sentry-cdn.com
1	ib.adnxs.com	browser.sentry-cdn.com
1	s.go-mpulse.net	panelsecurevip.secureweb.top
1	www.nytimes.com	panelsecurevip.secureweb.top
1	www.datadoghq-browser-agent.com	panelsecurevip.secureweb.top
1	browser.sentry-cdn.com	js.sentry-cdn.com
1	js.sentry-cdn.com	panelsecurevip.secureweb.top
0	a.nytimes.com Failed	browser.sentry-cdn.com
0	purr.nytimes.com Failed	browser.sentry-cdn.com
0	als-svc.nytimes.com Failed	panelsecurevip.secureweb.top
168	47

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com
cn.nytimes.com
cooking.nytimes.com
theathletic.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
secureweb.top E1	`2023-10-10` - `2024-01-08`	3 months	crt.sh
nytimes.com Thawte RSA CA 2018	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
a.et.nytimes.com R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-08` - `2024-04-06`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
meter-svc.nytimes.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2023-05-10` - `2024-06-10`	a year	crt.sh
iteratehq.com E1	`2023-09-24` - `2023-12-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://panelsecurevip.secureweb.top/
Frame ID: D1E6F9312E3CCE484E4D1C15A1989A03
Requests: 149 HTTP requests in this frame

Frame: https://b2a865ed5d2d14f0ebd6e5cbc8fb40e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 48FFDBCF052E689AAC360C94E1D55CEF
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLvO2f6XsYIDFf_aOwIdoK8N3A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=1302844343.1699336020;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F
Frame ID: 36F8DEE3D866DF09E0843C28AF5927BB
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-hZspEyG_qLODysSKafhkVeaoTOvj17hQ7unM_77H7MLfDIUXjWneP_jf4yoceneMYqOC8M4U_OTvbgPpQyrrCMjsP3-o0HDiQdo_zLKLFW17YSCDbWo_M6espB11CINcEtrAKc6tD0_qeLdM29xZd4Ozkr6aZSIu9Uw5Q4y5odF6oq05SAXYm2QWlFfGEvgUTyQzViDMdEUuONUYOTRkbyI_l0KzOXjouWckvsKBFRhaAfUp2-CcaS4XdgxmZGYpvF1AMwrCaPnn7zdrMY06h3bkgW_2uTVTyUXprgxCUxO4JXDH0n-m39BYy8JdZ9PzhTSlAJkHQmH20xKugYE5hA7jKGwNkdPN6C_35c-lL8Uearc34pGAojbgbB-Do8djlTyIP3-2PE16ZmBmQGmBl7DrlnrdkpqLqw&sai=AMfl-YTp0nA7eHwTCMLucfDlGc96Wirf8BYZ8VmrejhdwCnkopPsuFo191QrdvK8ecBzjFC0-fAjig37GtLTOQJ7JUnE8tzPagoiWCpigbN8q2oNgQYH8uQFExeb3sX8iVKCXMEcXl4od6GRLMjEP4JDsWY&sig=Cg0ArKJSzKNvFBJyOjFnEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E0BC413FCCBD997057027B75BF73A0C1
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 885A35E05C31FF24FFE62825AB07A1F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F711238A399DA4E643E7DF98771CCE5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The New York Times - Breaking News, US News, World News and VideosGroupGroupGroup

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

168
Requests

95 %
HTTPS

46 %
IPv6

25
Domains

47
Subdomains

40
IPs

3
Countries

3173 kB
Transfer

8285 kB
Size

16
Cookies

285 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/es/
Title: Español

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/todayspaper
Title: Today’s Paper

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/us
Title: U.S.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/nyregion
Title: New York

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/california-today
Title: California

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/education
Title: Education

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/obituaries
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/science
Title: Science

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/climate
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/upshot
Title: The Upshot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/magazine
Title: The Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/2024-election
Title: 2024 Elections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-supreme-court
Title: Supreme Court

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-congress
Title: Congress

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/joe-biden
Title: Biden Administration

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2023/11/06/us/trump-biden-times-siena-poll-updates
Title: Times/Siena Poll

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2023/11/06/nyregion/trump-fraud-trial
Title: Trump’s Civil Fraud Trial

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing
Title: The MorningMake sense of the day’s news and ideas.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/upshot
Title: The UpshotAnalysis that explains politics, policy and everyday life.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters
Title: See all newsletters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-daily
Title: The DailyThe biggest stories of our time, in 20 minutes a day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/election-run-up-podcast
Title: The Run-UpOn the campaign trail with Astead Herndon.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/podcasts
Title: See all podcasts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/africa
Title: Africa

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/americas
Title: Americas

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/asia
Title: Asia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/australia
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/canada
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/europe
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/middleeast
Title: Middle East

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/israel-hamas-gaza
Title: Israel-Hamas War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/ukraine-russia
Title: Russia-Ukraine War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing-europe
Title: Morning Briefing: EuropeGet what you need to know to start your day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-interpreter
Title: The InterpreterOriginal analysis on the week’s biggest global stories.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/australia-letter
Title: Australia LetterNews, features and opinion for readers in the region.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/canada-letter
Title: Canada LetterBackstories and analysis from our Canadian correspondents.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/economy
Title: Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/media
Title: Media

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/markets-overview
Title: Finance and Markets

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/dealbook
Title: DealBook

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology/personaltech
Title: Personal Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/energy-environment
Title: Energy Transition

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/your-money
Title: Your Money

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/economy-business-us
Title: U.S. Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/subject/organized-labor
Title: Organized Labor

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/artificial-intelligence
Title: The Age of A.I.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/dealbook
Title: DealBookThe most crucial business and policy news you need to know.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/hard-fork
Title: Hard ForkOur tech journalists help you make sense of the rapidly changing tech world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts
Title: Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/books
Title: Books

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/books/best-sellers
Title: Best Sellers

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/dance
Title: Dance

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/movies
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/television
Title: Television

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/theater
Title: Theater

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/pop-culture
Title: Pop Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/t-magazine
Title: T Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/design
Title: Visual Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/critics-picks
Title: Critic’s Picks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/books-to-read
Title: What to Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/what-to-watch
Title: What to Watch

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/playlist
Title: What to Listen To

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/10/27/arts/music/music-fivemins-collection.html
Title: 5 Minutes to Make You Love Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/read-like-the-wind
Title: Read Like the WindBook recommendations from our critics.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/watching
Title: WatchingStreaming TV and movie recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/book-review-podcast
Title: Book ReviewThe podcast that takes you inside the literary world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/popcast-pop-music-podcast
Title: PopcastPop music news, new songs and albums, and artists of note.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well
Title: Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/food
Title: Food

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion/weddings
Title: Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/travel
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/style
Title: Style

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion
Title: Fashion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/realestate
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love
Title: Modern Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-hunt
Title: The Hunt

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/social-qs
Title: Social Q’s

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-ethicist
Title: The Ethicist

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/eat
Title: Eat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/move
Title: Move

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/mind
Title: Mind

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/family
Title: Family

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/live
Title: Live

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ask-well
Title: Ask Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/open-thread-fashion
Title: Open ThreadThe latest news on what we wear, by our chief fashion critic.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/love-letter
Title: Love LetterReal stories of relationship highs, lows and woes.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love-podcast
Title: Modern LoveThe complicated love lives of real people.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion
Title: Opinion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/contributors
Title: Guest Essays

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/editorials
Title: Editorials

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/op-docs
Title: Op-Docs

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/opinion-video
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/letters
Title: Letters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/international-world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/business-economics
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/environment
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/culture
Title: Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/charles-m-blow
Title: Charles M. Blow

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/jamelle-bouie
Title: Jamelle Bouie

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/david-brooks
Title: David Brooks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/gail-collins
Title: Gail Collins

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ross-douthat
Title: Ross Douthat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/maureen-dowd
Title: Maureen Dowd

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/david-french
Title: David French

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/thomas-l-friedman
Title: Thomas L. Friedman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/michelle-goldberg
Title: Michelle Goldberg

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ezra-klein
Title: Ezra Klein

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/nicholas-kristof
Title: Nicholas Kristof

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/paul-krugman
Title: Paul Krugman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/carlos-lozada
Title: Carlos Lozada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/farhad-manjoo
Title: Farhad Manjoo

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/tressie-mcmillan-cottom
Title: Tressie McMillan Cottom

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/pamela-paul
Title: Pamela Paul

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/lydia-polgreen
Title: Lydia Polgreen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/bret-stephens
Title: Bret Stephens

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/zeynep-tufekci
Title: Zeynep Tufekci

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/matter-of-opinion
Title: Matter of OpinionThoughts, aloud. With Michelle Cottle, Ross Douthat, Carlos Lozada and Lydia Polgreen.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ezra-klein-podcast
Title: The Ezra Klein ShowDiscussions of ideas that matter, plus book recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/audio/app
Title: Download the Audio app on iOS.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-headlines
Title: The Headlines

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/podcasts/serial-productions.html
Title: Serial Productions

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/reporter-reads
Title: Reporter Reads

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/the-sunday-read
Title: The Sunday Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/10/19/podcasts/serial-kids-rutherford-county.html
Title: The Kids of Rutherford CountyA series about how one county illegally jailed children.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/audio
Title: AudioOur editors share their favorite listens from the New York Times Audio app.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription/all-access
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords
Title: Games

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/spelling-bee
Title: Spelling Bee

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/mini
Title: The Mini Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/wordle/index.html
Title: Wordle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/daily/
Title: The Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/vertex
Title: Vertex

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/connections
Title: Connections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/sudoku
Title: Sudoku

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/letter-boxed
Title: Letter Boxed

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/tiles
Title: Tiles

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/spelling-bee-forum
Title: Spelling Bee Forum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/daily-crossword-column
Title: Wordplay Column

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/wordle-review
Title: Wordle Review

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/article/submit-crossword-puzzles-the-new-york-times.html
Title: Submit a Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/puzzle-making
Title: Meet Our Crossword Constructors

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2022/09/19/crosswords/mini-to-maestro-part-1.html
Title: Mini to Maestro

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/upshot/wordle-bot.html
Title: Wordlebot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/gameplay
Title: GameplayPuzzles, brain teasers, solving tips and more.

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-recipes
Title: Easy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/dinner-recipes
Title: Dinner

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/43843372-quick-recipes
Title: Quick

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/healthy-recipes
Title: Healthy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/breakfast
Title: Breakfast

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegetarian
Title: Vegetarian

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegan-recipes
Title: Vegan

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-chicken-recipes
Title: Chicken

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-pasta-recipes
Title: Pasta

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/desserts
Title: Dessert

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/thanksgiving
Title: Thanksgiving Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-weeknight
Title: Easy Weeknight

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/32998034-our-newest-recipes
Title: Newest Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/2370458-one-pot-dinner-recipes
Title: One-Pot Meals

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/950138-amazing-slow-cooker-recipes
Title: Slow Cooker Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/comfort-food
Title: Comfort Food

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/entertaining
Title: Party Recipes

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/cooking
Title: The Cooking NewsletterCulinary inspiration from Sam Sifton and Melissa Clark.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-veggie
Title: The VeggieDelicious vegetarian recipes and tips from Tanya Sichynsky.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/five-weeknight-dishes
Title: Five Weeknight DishesDinner ideas for busy people from Emily Weinstein.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/
Title: Wirecutter

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter
Title: WirecutterReviews and recommendations for thousands of products.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/kitchen-dining/
Title: Kitchen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/electronics/
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/sleep/
Title: Sleep

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/appliances/
Title: Appliances

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/home-garden/
Title: Home and Garden

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/make-a-plan/moving/
Title: Moving

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/gifts/
Title: Gifts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/deals/
Title: Deals

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/baby-kid/
Title: Baby and Kid

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/health-fitness/
Title: Health and Fitness

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-air-purifier/
Title: Air Purifier

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-electric-toothbrush/
Title: Electric Toothbrush

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-pressure-washer/
Title: Pressure Washer

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-cordless-stick-vacuum/
Title: Cordless Stick Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-office-chair/
Title: Office Chair

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-robot-vacuum/
Title: Robot Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-recommendation
Title: The RecommendationThe best independent reviews, expert advice and intensively researched deals.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/clean-everything
Title: Clean EverythingStep-by-step advice on how to keep everything in your home squeaky clean.

Search URL Search Domain Scan URL

URL: https://theathletic.com/
Title: The Athletic

Search URL Search Domain Scan URL

URL: https://theathletic.com/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://theathletic.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://theathletic.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/premier-league/
Title: Premier League

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-football/
Title: NCAAF

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-basketball/
Title: NCAAM

Search URL Search Domain Scan URL

URL: https://theathletic.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://theathletic.com/womens-college-basketball/
Title: NCAAW

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/mls/
Title: MLS

Search URL Search Domain Scan URL

URL: https://theathletic.com/formula-1/
Title: Formula 1

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/nwsl/
Title: NWSL

Search URL Search Domain Scan URL

URL: https://theathletic.com/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://theathletic.com/5029763/2023/11/06/nfl-midseason-week-9-mvp-coach-of-the-year/
Title: N.F.L. Week 9

Search URL Search Domain Scan URL

URL: https://theathletic.com/5034958/2023/11/06/daniel-jones-acl/
Title: Giants' Daniel Jones Injured

Search URL Search Domain Scan URL

URL: https://theathletic.com/5025639/2023/11/06/college-basketball-predictions-who-will-win-the-2024-ncaa-title/
Title: College Basketball Predictions

Search URL Search Domain Scan URL

URL: https://theathletic.com/5033625/2023/11/06/nhl-weekend-rankings-ducks-golden-knights/
Title: N.H.L. Power Rankings

Search URL Search Domain Scan URL

URL: https://theathletic.com/5033501/2023/11/06/arsenal-referees-briefing-column/
Title: Premier League Latest

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-pulse
Title: The PulseDelivering the top stories in sports, Sunday to Friday.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-windup
Title: The WindupThe biggest stories in baseball, by Levi Weaver with Ken Rosenthal.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-bounce
Title: The BounceEssential NBA news from Zach Harper and Shams Charania.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/full-time
Title: Full TimeThe biggest women's soccer stories, from Emily Olsen, Meg Linehan & Steph Yang

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/biden-israel-gaza-ukraine.html
Title: AnalysisBiden Confronts the Limits of U.S. Leverage in Two ConflictsPresident Biden’s influence over Israel and Ukraine seems far more constrained than expected, given his central role as the supplier of arms and intelligence.6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2023/11/06/world/israel-hamas-war-gaza-news
Title: Israel Says It Has Isolated Gaza City After ‘Large’ AttackIsrael said its troops had effectively split the Gaza Strip in half as the Biden administration worked to prevent a wider regional war.See more updates 9+

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/nyregion/trump-fraud-trial-testimony.html
Title: Trump Assails Judge and Concedes a Role in Valuing His Empire’s PropertyFormer President Trump, who also railed against New York’s attorney general in court, denied he committed fraud and called the trial “very unfair.”6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/nyregion/trump-fraud-trial-judge-power.html
Title: On the first day of Donald Trump’s testimony, the judge tried to do what few have accomplished: make him stop talking.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/trump-election-case-prosecutors.html
Title: Prosecutors asked a judge to reject motions by former President Trump that sought to toss out his federal election case.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/business/wework-bankruptcy.html
Title: WeWork Files for Bankruptcy Amid Glut of Empty OfficesThe move is a blow for landlords who have rented space to the co-working group, which is planning a reorganization that includes cutting leases.4 min read<img src="https://static01.nyt.com/images/2023/11/06/multimedia/06wework-bankruptsy-sub-chlk/06wework-bankruptsy-sub-chlk-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="People in winter coats outside a building with a gray facade and a WeWork sign hanging out front." class="css-122y91a"/>Hiroko Masuike/The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/07/books/review/barbra-streisand-memoir-my-name-is-barbra.html
Title: Book ReviewHer Name Is Barbra, but It Wasn’t AlwaysIn a chatty and candid new memoir, Barbra Streisand talks about her early determination to be famous and tallies the hurdles and helpers she met along the way.6 min read<img src="https://static01.nyt.com/images/2023/11/07/multimedia/07STREISAND-REVIEW-tgch/07STREISAND-REVIEW-tgch-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A black and white portrait of a young Barbra Streisand seen in profile from her left side, gazing upwards. Her left hand reaches over to touch the right side of her elongated neck. One eye and one dangling earring are visible to the camera." class="css-122y91a"/>Kobal/Shutterstock

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/11/05/magazine/james-webb-space-telescope.html
Title: A Beginner’s Guide to Looking at the UniverseA giant leap in the history of stargazing, the James Webb telescope revealed light where we saw darkness, forever changing our view of the cosmos.Illustration by Daniel Zvereff; Photographs by NASA

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/business/china-bri-aiddata.html
Title: China Is Lending Billions to Countries in Financial TroubleInstead of lending money for highways and bridges, China has shifted to providing emergency rescues for previous borrowers.4 min read<img src="https://static01.nyt.com/images/2023/11/06/multimedia/06china-debt-01-cmpl/06china-debt-01-cmpl-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Buildings under construction with a river in between." class="css-122y91a"/>Adam Dean for The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/nyregion/nyc-rich-private-clubs.html
Title: Behind the Gates of a Private World for Only the Wealthiest New YorkersAlthough everyday life has become increasingly unaffordable for almost everyone, a new class of private, members-only and concierge services is emerging.6 min read<img src="https://static01.nyt.com/images/2023/10/19/nyregion/00privatenyc-bond/00privatenyc-bond-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="People milling about at Zero Bond in late 2021 with orange and pink lighting providing illumination in a darkened room." class="css-122y91a"/>Eugene Gologursky/Getty Images for Haute Living

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/us/politics/presidential-candidates-2024.html
Title: Who Is Running?

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/republican-debate-miami.html
Title: Third G.O.P. Debate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/08/18/us/politics/republican-candidates-2024-issues.html
Title: Issues Tracker

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/biden-trump-black-voters-poll-democrats.html
Title: As Black Voters Drift to Donald Trump, Biden’s Allies Say They Have Work to DoA New York Times/Siena College poll painted a worrisome picture of President Biden’s standing with a crucial constituency, and a shift for Donald Trump.6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/desantis-iowa-kim-reynolds-trump.html
Title: Ron DeSantis landed a big endorsement: Kim Reynolds, Iowa’s popular governor.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/nashville-covenant-school-shooting-writings.html
Title: Excerpts From Nashville School Shooter’s Writings Are Published OnlineThe publication of the apparent excerpts by a conservative commentator enraged the parents of surviving students, who have been fighting to keep them private.4 min read<img src="https://static01.nyt.com/images/2023/11/06/multimedia/06nat-covenant-bwmj/06nat-covenant-bwmj-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Flowers and stuffed animals lie at the base of a brick wall that has a sign reading “Covenant Presbyterian Church, the Covenant School.”" class="css-122y91a"/>Desiree Rios/The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/columnists/united-states-right-social-change.html
Title: <img src="https://static01.nyt.com/images/2018/04/02/opinion/paul-krugman/paul-krugman-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Paul Krugman" class="css-122y91a"/>Paul KrugmanWhy Does the Right Hate America?4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/jewish-palestine-literature.html
Title: <img src="https://static01.nyt.com/images/2023/11/06/opinion/06udel/06udel-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration of a person reading a book under a very large book shielding the person from smoke and flames." class="css-122y91a"/>Miriam UdelWhat I Read to My Son When the World Is on Fire5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/joe-biden-polling.html
Title: John Della VolpeJoe Biden Is in Trouble7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/biden-trump-times-siena.html
Title: Gail Collins and Bret StephensTrump May Not Need a Coup This Time7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/trump-allan-bloom-republicans.html
Title: <img src="https://static01.nyt.com/images/2015/03/16/opinion/Wehner-Peter-circular/Wehner-Peter-circular-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Peter Wehner" class="css-122y91a"/>Peter WehnerRepublicans Have Chosen Nihilism5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/guns-domestic-abuse-supreme-court.html
Title: <img src="https://static01.nyt.com/images/2018/04/02/opinion/linda-greenhouse/linda-greenhouse-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Linda Greenhouse" class="css-122y91a"/>Linda GreenhouseWill the Supreme Court Toss Out a Gun Law Meant to Protect Women?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/matthew-perry-shame.html
Title: <img src="https://static01.nyt.com/images/2023/11/06/multimedia/06Havrilesky-1-zbhj/06Havrilesky-1-zbhj-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A photo of the actor Matthew Perry sits inside a bouquet of flowers in a makeshift memorial to him." class="css-122y91a"/>Heather HavrileskyMatthew Perry Told the Truth About Everything5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/democratic-party-inequality-biden.html
Title: <img src="https://static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/Peter_Coy_Final-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Peter Coy" class="css-122y91a"/>Peter CoyHow Democrats Lost Voters With a ‘Compensate Losers’ Strategy6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/trump-biden-president-election.html
Title: Letters From Our ReadersWith Poll Results Favoring Trump, Should Biden Step Aside?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/electric-battery-energy-china.html
Title: James Morton TurnerThe U.S. Can Counter China’s Control of Minerals for the Energy Transition5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/ohio-abortion-ballot-initiative.html
Title: David N. HackneyIn Ohio, an Attempt to End the Winning Streak for Abortion Rights5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/space-billionaires-sex.html
Title: Kelly WeinersmithWhy Go to Mars if You Can’t Have Sex There?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/israel-palestinians-hostage-silence.html
Title: Alana ZeitchikSix Members of My Family Are Hostages in Gaza. Does Anyone Care?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/beatles-lennon-mccartney-last-song.html
Title: Ian LeslieHere’s Why the Final Beatles Song Matters So Much6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/maga-mike-johnson-christianity.html
Title: David French‘MAGA Mike Johnson’ and Our Broken Christian Politics5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/04/opinion/sunday/palestinians-west-bank-israel.html
Title: Nicholas KristofLosing Hope in the West Bank6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/elijah-mcclain-death-police-verdict.html
Title: Second Police Officer Acquitted in Elijah McClain DeathNathan Woodyard was the first officer to stop Mr. McClain in what became a violent encounter. The young, unarmed Black man died days later.4 min read

Search URL Search Domain Scan URL

URL: https://theathletic.com/5037110/2023/11/06/craig-counsell-cubs-brewers-manager/
Title: Craig Counsell Will Leave Brewers to Manage Cubs in Stunning MoveThe Cubs hired Counsell away from a division rival and will make him the highest-paid manager in Major League Baseball.From The Athletic

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/charles-adelson-dan-markel-murder-conviction.html
Title: Florida Dentist Convicted in Murder-for-Hire Plot Against Law ProfessorA jury in Tallahassee found Charles Adelson guilty of murder and conspiracy in the 2014 death of his former brother-in-law, Dan Markel.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/business/electric-planes-beta-technologies.html
Title: Tony Cenicola/The New York TimesElectric Planes, Once a Fantasy, Start to Take to the SkiesHow a small cargo plane’s 16-day trip from Vermont to Florida might help usher in a new era of battery-powered air travel long considered implausible.6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/style/beatles-fans-now-and-then-reaction.html
Title: On TikTok, Gen Z Beatles Fans Share Thoughts on ‘Now and Then’“Can’t believe it’s 2023 and I get the joy of hearing a new Beatles song for the first time ever,” a 23-year-old says in a video post.3 min readJiji Press/Agence France-Presse — Getty Images

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/arts/television/daniel-sloss-russell-brand.html
Title: It’s All Fair Game for the Comic Daniel SlossThe Scottish standup made a career of finding humor in “things that we should not be laughing at.”5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/style/priscilla-necklace-locket.html
Title: The Heart of ‘Priscilla’ Is for SaleThe film studio A24 makes a case for cool movie merch.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/arts/the-invincible-starward-stanislaw-lem.html
Title: The Novel Source for This Space Mystery? A Novel.With The Invincible, a Polish video game studio embraces a science fiction book.4 min read

Search URL Search Domain Scan URL

URL: https://theathletic.com/4960036/2023/10/16/paige-bueckers-uconn-huskies-basketball/
Title: How Is Paige Bueckers? The Answer Will Dictate the College Basketball Season.After a grueling rehab, UConn’s star is back for an all-or-nothing campaign.

Search URL Search Domain Scan URL

URL: https://theathletic.com/5038015/2023/11/06/cubs-craig-counsell-david-ross-jed-hoyer/
Title: Behind a $40 Million Deal, the Cubs Shocked the Baseball WorldOn Monday, Chicago poached the best manager in M.L.B. from a divisional rival.

Search URL Search Domain Scan URL

URL: https://theathletic.com/5028596/2023/11/06/notre-dame-womens-basketball-coach-niele-ivey/
Title: After Her Brother’s Tragic Death, Notre Dame’s Basketball Coach Finds Peace

Search URL Search Domain Scan URL

URL: https://theathletic.com/5022106/2023/11/06/geddy-lee-rush-baseball-collection/
Title: How a Canadian Rock Star Became an Unlikely Archivist of America’s Pastime

Search URL Search Domain Scan URL

URL: https://theathletic.com/5036290/2023/11/06/nba-in-season-tournament-courts-nuggets-celtics-hollinger/
Title: Two Weeks Into the N.B.A. Season, Two Teams Stand Above the Rest

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/podcasts/the-daily/biden-trump-2024.html
Title: The DailySwing State Voters Are Souring on Biden30 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/podcasts/hard-fork-executive-order-ai-copyright.html
Title: Hard ForkInside Biden’s A.I. Executive Order66 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/opinion/ezra-klein-podcast-amaney-jamal.html
Title: Opinion: The Ezra Klein ShowShe Polled Gazans on Oct. 6. Here’s What She Found.46 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/books/review/shakespeares-first-folio-turns-400.html
Title: The Book ReviewShakespeare’s First Folio Turns 40028 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/connections-companion
Title: Connections CompanionIn case you need some puzzle help.<img src="https://static01.nyt.com/images/2023/10/19/crosswords/19connections-column-133/19connections-column-133-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration of a person giving a figure a thumbs up." class="css-122y91a"/>

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2023 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/cookie-policy#how-do-i-manage-trackers
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/ca/
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/international/
Title: International

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription?campaignId=37WXW
Title: Subscriptions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 124

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=1302844343.1699336020;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLvO2f6XsYIDFf_aOwIdoK8N3A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=1302844343.1699336020;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F

Request Chain 148

https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

168 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
panelsecurevip.secureweb.top/ 682 KB
108 KB 125ms
54ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

752ca31375491e290c49bc0f9023c9658fa4662b362be601522128a0b1b7c128

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 10
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=30,no-cache
cf-cache-status: DYNAMIC
cf-ray: 822347607eda37f1-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 05:46:58 GMT
last-modified: Tue, 07 Nov 2023 05:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Fc%2B5M%2FXeulKUDLtgT7%2FnG4Az08mnXOpUNQ4kpz%2FdbPec7LvF%2FgfiAGrvubsPpFiLr8%2BvyongPbzM1iOYH46uYuzjPmmL62g97A93Cnx9bpoI%2BjRqC5%2FHVwRnBt1vs9uCP2h4OGjK9SiXZP692nucu%2FMf0tR8wGAWGC6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: ee439e45c12d40bdbe29c3cd61207f01
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-content-type-options: nosniff
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Tue, 07 Nov 2023 05:46:41 GMT
x-nyt-edge-cache: MISS-HIT
x-nyt-route: homepage
x-origin-time: 2023-11-07 05:46:48 UTC
x-pagetype: vi-homepage
x-served-by: cache-lga21922-LGA, cache-fra-eddf8230036-FRA
x-timer: S1699336018.020816,VS0,VE2
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 59ms
13ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 09 Oct 2024 02:19:31 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2431647
x-guploader-uploadid: ADPycduHAzAQ39JOiuskZgmk6GRXn1-4ek95bXKmUBZ7LQy1nX7ZphOM0rx4ulFQ2ul4tyWkydPUMuUAfXYA_x-g7tp4Oz9-h9cX
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9868
x-served-by: cache-ams21022-AMS
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336018.093781,VS0,VE0
etag: "b79308aee772cf8921761a4fdb884fe5"
vary: Accept-Encoding
x-goog-generation: 1673991774978541
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23181

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
panelsecurevip.secureweb.top/vi-assets/static-assets/ 6 KB
3 KB 57ms
57ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycduhiXPSjAmvTOeEvsL5W9Sbr8W7OBvGcSfktDgJf5GEO79r26XP4FcESqPvi5OclQTJokas6EvU5VsdkVwoNs_oVQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-17 01:48:46 UTC
x-served-by: cache-fra-eddf8230106-FRA
x-timer: S1699336018.084666,VS0,VE1
etag: W/"e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1692068681438560
content-type: text/css; charset=utf-8
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 17425
expires: Fri, 16 Aug 2024 01:48:46 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 17 Aug 2023 00:55:14 GMT
server: cloudflare
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWQ9TM9%2F93QY3ZhOluysIG5DSxmQmbhvcOiUkwteuxMjxYTH5XOiv%2Fte4rzOzBo8DTOQrcxEPTvqBCzqkibe%2Fnjfzdjx0JI5HK2WtlJWd66BoPnq%2BYmhlep4V4m6nSswu%2BYNE5UbdLIZe1SlGQJ1TcsHMNDATl%2F3fcm0"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 5656
cf-ray: 82234760df2d37f1-FRA

GET
H2 200 7bc8bccf5c254286a99b11c68f6bf4ce.min.js Show response
js.sentry-cdn.com/ 2 KB
2 KB 44ms
14ms Script
text/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/7bc8bccf5c254286a99b11c68f6bf4ce.min.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a8a1b5deb1793b58ca907d8d3264d29b825d487ee141cee3c5cfb98afd0ba20a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; font-src * data:; frame-ancestors 'self' .sentry.io; connect-src ; style-src * 'unsafe-inline'; default-src ; object-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=4c788658b60acffb77ad9f7c86043311ad13d4eb
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://panelsecurevip.secureweb.top/
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

content-security-policy: base-uri 'none'; font-src * data:; frame-ancestors 'self' *.sentry.io; connect-src *; style-src * 'unsafe-inline'; default-src *; object-src 'self'; script-src 'self' 'unsafe-inline' 'report-sample' 'unsafe-eval' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com ssl.google-analytics.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=4c788658b60acffb77ad9f7c86043311ad13d4eb
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
age: 256
x-envoy-upstream-service-time: 31
content-length: 1238
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-common-production-69cc85b5d-5q6qn, cache-chi-kigq8000067-CHI, cache-ams21062-AMS
x-frame-options: deny
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
content-language: en
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 adslot-42e9c3fd69719c71ab62.js Show response
panelsecurevip.secureweb.top/vi-assets/static-assets/ 22 KB
9 KB 205ms
194ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/adslot-42e9c3fd69719c71ab62.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a500afc866062030e5a0314da72313ab8fbda561df3571d832a56576d6e1da46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPrfvF6Ry4a6SCfFAixekTnRmYNhQowPkIRS167CH3NdHOtjtolP_VyNRRhiF-autUtmhAGGhVGgEw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-01 16:20:52 UTC
x-served-by: cache-fra-eddf8230042-FRA
x-timer: S1699336018.293770,VS0,VE1
etag: W/"6c6afb88c8e54043eb007ef33f577715"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1698855361925022
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-42e9c3fd69719c71ab62.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6903
expires: Thu, 31 Oct 2024 16:20:49 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 16:16:02 GMT
server: cloudflare
x-goog-hash: crc32c=5B8QrA==, md5=bGr7iMjlQEPrAH7zP1d3FQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLXgepKNBNULUDgc%2B13oW2ac39S0jV1g2ywlzVC9JKVtKYkylnQAEYxieCnf7X9MzaoOh4QeY0E3w9iB%2BPFeQ9gtV2rkdjUeLIFLQQUNor3YPVSmqRr93A4vRS3i%2BxlzF7Zbra2C7WI39ofpRrifGS%2F3%2FK8JF%2BZQ0%2Fly"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 22998
cf-ray: 822347615e4c2c75-FRA

GET
H2 200 icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 986 B
2 KB 60ms
59ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63cd01bf8a87ddc8a07e6491ea1ab7bb28613587cfddd7c9664dda47f71dcda3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycduQL6Z-2UsrqNIZkvxj6CVaDgcXbqFs04lckVAh6fb63AUdi62AngTA7YH13bkhPg04q2MbMu6WEKxNb6e9Obpvm8nuhf60
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-14 14:47:47 UTC
x-served-by: cache-fra-eddf8230121-FRA
x-timer: S1699336018.105773,VS0,VE1
etag: "bfcd0980517659122c43c38b3e4e9a02"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1692024395665431
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2629
expires: Tue, 13 Aug 2024 14:47:36 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 986
last-modified: Mon, 14 Aug 2023 14:46:35 GMT
server: cloudflare
x-goog-hash: crc32c=chcsKA==, md5=v80JgFF2WRIsQ8OLPk6aAg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cS80djKxr4EQCjqH2AtuAQ3zIowYIzADTO7bWThwLFobjQGgRYH%2BHPfHxgubXU1um98pu6EvkyJ1eL%2FlYiyPPwK4KqchnPf2Ok5hYnXi4Pop6JVjySVv19v8pcUpGsrGLUum9%2B2w0sNY1f1VzZt%2FpuTVG%2F0uo7r31ZwX"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 986
accept-ranges: bytes
cf-ray: 82234760ff4a37f1-FRA

GET
H2 200 icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 696 B
2 KB 77ms
77ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e58c4c90b85eda4055a5b30fe55ef60cbcf6ea093311f2ff38861c7b4fe448a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdtyX7StlRlmPL6D1dmCtKtyQF5w58jXkz-gLI30Xnu6XME929mee7flszd3cULXBYYW2NCywxCAqKz66mLCPTp91Q
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-03 05:35:43 UTC
x-served-by: cache-fra-eddf8230056-FRA
x-timer: S1699336018.119593,VS0,VE1
etag: "2437584c92e9c7204837b9eb1745bc86"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695922492234617
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7010
expires: Wed, 02 Oct 2024 05:35:43 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 696
last-modified: Thu, 28 Sep 2023 17:34:52 GMT
server: cloudflare
x-goog-hash: crc32c=hF6+VA==, md5=JDdYTJLpxyBIN7nrF0W8hg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQBggEfXl4hW7spIT7fAmXIJnZGnAWNteSLoFcbtfVA9Qqok4TJFOt9q661X4K5DPIaIniA%2BqN9qpRw2Xr9UfSj6%2BqHKJz9xEOLUFu%2BfBvvrL5K0bCZ9pbLTgklzjOpxytxmuIf0eVjkOZenY%2B0QNM8B2tbcaMpEufuU"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 696
accept-ranges: bytes
cf-ray: 82234760ff4c37f1-FRA

GET
H2 200 the-daily-album-art-square320-v5.jpg
static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/ 4 KB
4 KB 29ms
16ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/the-daily-album-art-square320-v5.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

66debd0db62a3f53e72503a053f862b586a886e6a399fd8243b5e0180d304dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 29 Sep 2023 10:45:09 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300715
age: 326786
x-guploader-uploadid: ADPycdvtmUFuH2IqGtRydqdk8XMfHW3aPOf2BbKd23GoBIcmbIB_o4L228iF-n8prhSUTQVLZqZ3zeYd5HK9eTRe4fWr2A
x-cache: HIT, HIT
fastly-io-info: ifsz=15986 idim=320x320 ifmt=jpeg ofsz=3614 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3614
x-served-by: cache-iad-kcgs7200066-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.137439,VS0,VE0
etag: "HnnVz93O4bK0D9Smvlwnf0lv96YmNmLNlX7IWtdXh7Q"
vary: Accept
x-goog-generation: 1688068264438165
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=JiXB7Q==, md5=PfDXw6toN2ZQvpOKxIlHug==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 15986
x-amz-checksum-crc32c: JiXB7Q==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 106, 991

GET
H2 200 the-run-up-album-art-thumbLarge.jpg
static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/ 5 KB
6 KB 29ms
16ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/the-run-up-album-art-thumbLarge.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 04 Oct 2023 07:17:37 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300720
age: 501089
x-guploader-uploadid: ADPycdtHTcE6oJpJUyUJnS6FTqtIPAzmrvyHf2ozzBd7EyI2NabnUMlD_D4MBVpxerg89VPOoGGvALuUGSQuPelDzTjXtQ
x-cache: HIT, HIT
fastly-io-info: ifsz=13823 idim=150x150 ifmt=jpeg ofsz=5314 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 5314
x-served-by: cache-iad-kiad7000132-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.137465,VS0,VE0
etag: "hoyyH5q1+NTFT41vUc5DQY1n5mPXI75JtPWFn4Jaf4Q"
vary: Accept
x-goog-generation: 1688683994203172
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=10HhSg==, md5=VVlpmckmFDe4+jzoN3ttXQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 13823
x-amz-checksum-crc32c: 10HhSg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 51, 1555

GET
H3 200 icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 676 B
2 KB 200ms
189ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01bb7101c3b034d4e913bdc36280e1a3034d84ab1f8ab674e0d43e75f20e229

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdt6mG4Lb8xLbFm3rS-1XLm36DNu7cVZdKkOdt4aasb-g_eJSjYevT9_BrOPb-ov_0tMjTCpTUC6KU1HjhDbbl23KkJee7iD
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 23:11:33 UTC
x-served-by: cache-fra-eddf8230082-FRA
x-timer: S1699336018.293771,VS0,VE1
etag: "07aebeb8fa8f52b4cc27a52f35fbb07e"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1696973945021389
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1000
expires: Wed, 09 Oct 2024 23:11:33 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 676
last-modified: Tue, 10 Oct 2023 21:39:05 GMT
server: cloudflare
x-goog-hash: crc32c=VLRZ1Q==, md5=B66+uPqPUrTMJ6UvNfuwfg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZjMtLnDUQaIKGiMMTtVYB%2BkFmKK1rl3C9CbtALjBPJjaJS8QYGJO4uLDs617sfLKe8vqKqu1K9uWaie%2FQMnjl0cFIPdhSpnzLzxFstpbQXym3LG%2Fsw%2B%2F1LfgRcnIu4tCT5%2FqrRuptUdKyOZnjbBbzZuVmYxzceV%2Bvii"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 676
accept-ranges: bytes
cf-ray: 822347615e492c75-FRA

GET
H3 200 icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 1 KB
3 KB 108ms
98ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de417027b3c04d64f0f0e42493e0cb5a6936609eb56f6f0440580a191d6d6b2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycds_Dwo-PMYRishw3PRQvQfIGy-_YvbicKVPO5RqrSAyYZTfF7o5nnJKUAN3Gd7QFwwxL1JJPTAHW_0uF7WbEGf_xvNneqNz
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 06:47:29 UTC
x-served-by: cache-fra-eddf8230023-FRA
x-timer: S1699336018.198223,VS0,VE1
etag: "c00e7e36e294d9f8e173eb4405f1af3a"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1696611983278718
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 23
expires: Wed, 09 Oct 2024 06:23:57 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1336
last-modified: Fri, 06 Oct 2023 17:06:23 GMT
server: cloudflare
x-goog-hash: crc32c=5qx58A==, md5=wA5+NuKU2fjhc+tEBfGvOg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0HLuLlkB2SUdKKoeBW1aoaGr7DmhifxrF7o5PQ7bXHLrc0hnbWLGwXlH6EkVlY%2BDgNpXAmgORpSqlDtr6yNe5U%2FXKfaDAH3y1epNRU5gIEG%2B90N1xSL8UPmsMwxI4v4fTzg9sZhmox58kmEDB0ENpTxP0POdctr1MXP"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1336
accept-ranges: bytes
cf-ray: 822347615e4d2c75-FRA

GET
H3 200 icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 862 B
2 KB 166ms
156ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcb0ab4f6d3a4da0916061428974c4e222922d127a1da82f2e79173fa2fea1ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdvoPnFDb_zPOf-ybpjR-Gkzr7eJ08ast9YWh44DNLC-WMS_FAwjQMn0p3R4-sr4Aia2kuSiHsciggG1O1OkwZIvoJetm_WX
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-14 14:47:47 UTC
x-served-by: cache-fra-eddf8230058-FRA
x-timer: S1699336018.259686,VS0,VE1
etag: "ac88f362d87d31af374e54b4f1bdc6e3"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1692024395443487
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 125
expires: Tue, 13 Aug 2024 14:47:47 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 862
last-modified: Mon, 14 Aug 2023 14:46:35 GMT
server: cloudflare
x-goog-hash: crc32c=4mYSIg==, md5=rIjzYth9Ma83TlS08b3G4w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTGKhEsiribyc%2FC2hZsRB1vlI1K03UOhYifvMhCNUiXCI7lHlrqBz%2F%2BnD53nzqhCbsFSOI458qjipKtIfEbrOe2HFRuLuyh521pEt3hR64CUGBistzhQJS99b%2BF7fZEegXFGCjeY%2FzqagOia7Ri3Kuur2Y7%2BAwvTTzn%2B"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 862
accept-ranges: bytes
cf-ray: 822347615e4e2c75-FRA

GET
H3 200 icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 860 B
2 KB 160ms
150ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

007070e6f905e2aefbfcc7568cdf61c38a422d933c9c8166a6ba2f6223dd9ec5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdvXA1FwZ1xLaHPHvBZHHF-WTJcvfYfAMoSFdHIcHDxHA90A3ma5O7ejJkDuB6lA1iQ6DBaDPjV0GzoIt5yjXE8TKg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 03:15:42 UTC
x-served-by: cache-fra-eddf8230072-FRA
x-timer: S1699336018.250171,VS0,VE1
etag: "98ffc313a69bea78c5a4ffb0cd8bf09e"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695320370103876
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 983
expires: Wed, 25 Sep 2024 03:15:41 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 860
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: cloudflare
x-goog-hash: crc32c=IvjhWA==, md5=mP/DE6ab6njFpP+wzYvwng==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUZxXm3EJqRY1N0cCiJugHP24Xxbu8wT5MLIhrN2BHz6VGEwLyqZDbC3V%2BH1wcI3q5XcX0gDrzwkapo1s7TNEUnr9eCJr623VUFAytGhGLSYJKuSk3cjjeisUb7aMohHBmTz52llTMUc9F9P5LOmIrOUWk1hvgBAWpD%2B"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 860
accept-ranges: bytes
cf-ray: 822347615e502c75-FRA

GET
H3 200 icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 652 B
2 KB 108ms
99ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7f4ae3d77496807413afb4a0d56451b31667200c0293d3e89df130190e1f10b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycduDGMRVpGCKz12d1-1bSBsOitOTK0r_Ej9bSps-jSVUCEDXoW--zOOqiRQiS6mDFb6GUkKesoGR4zFSLcP_zPNbwwfy-dwz
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 04:33:55 UTC
x-served-by: cache-fra-eddf8230046-FRA
x-timer: S1699336018.204361,VS0,VE1
etag: "98014cde1d5d5ee7342a2bef5387c8a8"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1696611983243709
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7053
expires: Wed, 09 Oct 2024 04:33:54 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 652
last-modified: Fri, 06 Oct 2023 17:06:23 GMT
server: cloudflare
x-goog-hash: crc32c=/vnRlQ==, md5=mAFM3h1dXuc0KivvU4fIqA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vsITvbh9qvmEduiCjLeahXadBR4uefa2AXIw9FkrgKaiIhj7PeP%2Fk2XraMCB%2FfP493BCVE2n6hKjmnlQboMXS7euyNENq2ell0ou3ugbcyPoBfYiq0y5GOCopK29%2FW9qYsJ5nMymEuhy4Kkonlz%2FWM%2F36hV%2F7h1jJcl"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 652
accept-ranges: bytes
cf-ray: 822347615e512c75-FRA

GET
H2 200 hard-fork-album-art-square320-v2.png
static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/ 116 KB
117 KB 27ms
16ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/hard-fork-album-art-square320-v2.png?quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5ed9e9f81abee651d7645c6ae932a099ff7595eb893df2bd66306c818adf5a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 07:32:06 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300714
age: 339291
x-guploader-uploadid: ADPycdvAro6FIHXrWKU-xFoLnePFfiridFNWn-OoyXOaU4DFNV4ZhH0Q9DjI0pzE4gWTsDfBfohAxPpUxQAKg9br83tMQARl8HOD
x-cache: HIT, HIT
fastly-io-info: ifsz=171964 idim=320x320 ifmt=png ofsz=118748 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 118748
x-served-by: cache-iad-kjyo7100038-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.137415,VS0,VE0
etag: "MIre+hRw2cMgJa2uP+CeD5Zo0tG02ZYiidiRIV/6TxQ"
vary: Accept
x-goog-generation: 1666018564084320
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=rwW/FQ==, md5=QcPAglE24zD6+D1DXSLedQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 171964
x-amz-checksum-crc32c: rwW/FQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 111, 1052

GET
H3 200 icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 788 B
2 KB 108ms
99ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41d61937d6f1b2b8887f735949cb30f7be1f3027a5d495621672f0d8fd3f9d14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdso6MjLoxV7P4mDehnu4kBnMgUT16fDu7q_8oDmBLqNHoD0Hen2gIfgtwq4MyjckDiABcshKkjhu1_40MeUHPo4gdAu77-J
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-11 08:45:39 UTC
x-served-by: cache-fra-eddf8230135-FRA
x-timer: S1699336018.204178,VS0,VE1
etag: "0167446aebebfe34aa60d544d95c5818"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1696611983266512
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5108
expires: Thu, 10 Oct 2024 08:45:39 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 788
last-modified: Tue, 10 Oct 2023 21:39:05 GMT
server: cloudflare
x-goog-hash: crc32c=z6+8Rg==, md5=AWdEauvr/jSqYNVE2VxYGA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bp7OLa6SR%2BF6eljJnB66iCBdf7Wzd6ERyUiqo1MyGduyhkkURmGzbNSu%2Fs8ks3p3T%2BYF2qlpw%2B7sUUXzVS2cyxBMoJuNd%2FBaHYx1B9XkQii5l0zUmOhzVXxF1koEdMAMjtNqhxh6ZGUcho21InsaYUqOjR6eXeW91z2W"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 788
accept-ranges: bytes
cf-ray: 822347615e532c75-FRA

GET
H3 200 icon-watching-0fa860946d704b26aae6f0a562f26011.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 534 B
2 KB 207ms
198ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-watching-0fa860946d704b26aae6f0a562f26011.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc288edaf30d3566c6a43f7db44c69243ef51481f3ae50a4b35868d6ac11706a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycds3MqopKMr99VQjxiuQw0Ih2PpOJ8dooOH9AJ1sUCYsTrOeVKaVGlbaoWAwNnMh67wIvSN8PXXr_Gloe74jMNl6n78bEc6l
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-11 05:04:22 UTC
x-served-by: cache-fra-eddf8230058-FRA
x-timer: S1699336018.302965,VS0,VE1
etag: "9237616fe80765aedc1571c6438498bc"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1696973945071741
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-watching-0fa860946d704b26aae6f0a562f26011.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6982
expires: Thu, 10 Oct 2024 05:04:22 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 534
last-modified: Tue, 10 Oct 2023 21:39:05 GMT
server: cloudflare
x-goog-hash: crc32c=UOL/EA==, md5=kjdhb+gHZa7cFXHGQ4SYvA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F8W4DR9%2BTJe7ODWX9Md%2BfVdfpHlbgwEEM7k0K2YzdwtUSoxB8ALAgS6sNme4uIpr1n1V3t%2BjCtRBwH457W7eo0KPcA5eVaHHbuLil9DJeQrznjMTZ6rhC5Dw989deNdWB1GdMr28xI3%2BpCT%2FO%2F85YZmH1TCEFCSUPlB"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 534
accept-ranges: bytes
cf-ray: 822347615e552c75-FRA

GET
H2 200 book-review-album-art-v2-thumbLarge-v3.jpg
static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/ 3 KB
3 KB 25ms
15ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/book-review-album-art-v2-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 13:23:18 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 576091
x-guploader-uploadid: ADPycdvWAmkx95gCPu14IQ4q4BE3dphI347Cam23BbGkeCIoa-nNMMO9_VMy5Xo8Q1qd4tiwBGGtFt-VA9JTnOfOljAGxQ
x-cache: HIT, HIT
fastly-io-info: ifsz=10250 idim=150x150 ifmt=jpeg ofsz=2772 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 2772
x-served-by: cache-iad-kjyo7100097-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.136740,VS0,VE0
etag: "f6YZ2ZJovRqmFs0MIuaEVzpH2+CtkFFBiLmf31seml4"
vary: Accept
x-goog-generation: 1662891747534151
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=EsOybg==, md5=cjEwJ43bqRCDXcDgnJcMnA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10250
x-amz-checksum-crc32c: EsOybg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 48, 1812

GET
H2 200 music-popcast-thumbLarge-v3.jpg
static01.nyt.com/images/2011/05/20/multimedia/music-popcast/ 4 KB
4 KB 24ms
14ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2011/05/20/multimedia/music-popcast/music-popcast-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 10 Oct 2023 16:00:57 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300701
age: 595376
x-guploader-uploadid: ADPycdt8GLzOK2GA-IX_ZuZPrjYsWk_7iJzaF1bRZysGkxzR67iJrwH3T01KlbrUrDKZ87h5mxJ_z1U3NdBU81wR4hJ1lQ
x-cache: HIT, HIT
fastly-io-info: ifsz=24419 idim=150x150 ifmt=jpeg ofsz=3828 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3828
x-served-by: cache-iad-kiad7000117-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.136362,VS0,VE0
etag: "qr3LW0rNOUvnYKyDbm09gWnw94oFzi+G4wvyjqveNos"
vary: Accept
x-goog-generation: 1538741982829422
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=VUkWbw==, md5=jSTktUwT+uCRgjlqA0y9BQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 24419
x-amz-checksum-crc32c: VUkWbw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1082, 1354

GET
H3 200 icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 1 KB
3 KB 144ms
137ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ba9c62e2d791768ee9cf91a2257b631d3d3d3e4d0039b2d60affb962b562219

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycduuefHtVsh6hFYFy6cx_r1HPTvPV0m5tu0y1pegocAdA_N8UftkU5LTmSTfs_eB088stHzDyAvID-nN9uRJx4a_6JtKoL3U
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 03:41:01 UTC
x-served-by: cache-fra-eddf8230122-FRA
x-timer: S1699336018.238617,VS0,VE1
etag: "425dea063366376915979217fff73e16"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695320370182710
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7421
expires: Wed, 25 Sep 2024 03:41:01 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1286
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: cloudflare
x-goog-hash: crc32c=kvn+Sw==, md5=Ql3qBjNmN2kVl5IX//c+Fg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5or2LAxCLXsTQLs5L7CPaVEV7unlCeZUDKVvhdoQAmVkH8mBvpE5OTTd2rSHkw0MgQUkUnqR3zx48%2BGV5lft28jZDW2Vt5kU4cGIsyhv%2Bkj2gHJYDxP6suoSo9updhKA1Ytv6CBFYDgfnbWqFZzpqKj8IMHG%2FJqo1b%2F"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1286
accept-ranges: bytes
cf-ray: 822347615e562c75-FRA

GET
H3 200 icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 1 KB
3 KB 124ms
118ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644159a517427813378bf283fb86f497ef2fd81c8656225b3e209972f0e4ccbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdu_lXRtonvaBEl0mdaPRTUmbCDehBxtwd8bncxodv_sqv0AoklLMjbVYwxq_xZAUwZou07A6xyXactNrylaNfWJsemEfk9g
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 03:41:01 UTC
x-served-by: cache-fra-eddf8230077-FRA
x-timer: S1699336018.229060,VS0,VE1
etag: "681a68b635f1dde16fd3ded972ee2c5e"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695320370164240
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3060
expires: Wed, 25 Sep 2024 03:41:01 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1160
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: cloudflare
x-goog-hash: crc32c=Ay99EQ==, md5=aBpotjXx3eFv097Zcu4sXg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1rFBb7nGoJZpGVMRCA8iD1Zymyr55Ct4V4zIPsUuRtMx18ZfCegv1WvsoaoupQKFfKlPqPq7vi3BivjNTxyPAlP7g40TwTR7%2FS8PSW9IfgDv0qCWS5oTt3v13NjgRKea%2FC0IaU1oydUaO35GWivPuukk0YEz7uo%2FC7O"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1160
accept-ranges: bytes
cf-ray: 822347615e572c75-FRA

GET
H2 200 modernlove-logo-thumbLarge-v3.jpg
static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/ 4 KB
4 KB 22ms
14ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/modernlove-logo-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 27 Sep 2023 08:44:33 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300709
age: 413994
x-guploader-uploadid: ADPycdsx7nyltROzFP1GN7HHaG2oSsI2FR9QqsLBmydSQHedugQCUqhZqVfC25b3XveH6xF0tQ3yeJeRXd6dJVeH24NNywae28a8
x-cache: HIT, HIT
fastly-io-info: ifsz=11068 idim=150x150 ifmt=jpeg ofsz=4084 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4084
x-served-by: cache-iad-kcgs7200165-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.136767,VS0,VE0
etag: "m/kFRv2O1tFCo0C85yLpe5fDFs//5pFoSBOWMgnJf9E"
vary: Accept
x-goog-generation: 1665608966820623
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=BQuLtQ==, md5=p/lR9gCKmtliQRSN6dd/dg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 11068
x-amz-checksum-crc32c: BQuLtQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37, 1266

GET
H2 200 matter-of-opinion-album-art-thumbLarge-v2.jpg
static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/ 4 KB
5 KB 26ms
23ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/matter-of-opinion-album-art-thumbLarge-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 09 Oct 2023 15:38:09 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300710
age: 112958
x-guploader-uploadid: ADPycdtk5koD_zn7P9skTzfWJLQ5B-vvDlnIxsTZY9EMwgZvNVhXx9M3DhB4dhLisIaJsIM9mn8gHLtSZ538XBE83X3B_LBza6Ue
x-cache: HIT, HIT
fastly-io-info: ifsz=12674 idim=150x150 ifmt=jpeg ofsz=4132 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4132
x-served-by: cache-iad-kiad7000079-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.154747,VS0,VE0
etag: "yoekWzapvzDgK5g1tJpvXR4Q3abo6OZMw027E8Ag3Fo"
vary: Accept
x-goog-generation: 1685027532007855
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=cBstdQ==, md5=af0IeRKwURQQpabIs66V1Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 12674
x-amz-checksum-crc32c: cBstdQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 371

GET
H2 200 ezra-klein-album-art-square320-v2.jpg
static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ 9 KB
9 KB 27ms
26ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ezra-klein-album-art-square320-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eb66d19d76b2a591f290eb9cbefa2faf0a2c8f90b124cb937270ab4b8adee08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 16 Oct 2023 14:27:05 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300714
age: 497723
x-guploader-uploadid: ADPycdspqG6-fLvP9i97lYm9c5SKNUuw465dhKvldoricRjIMSS_SOVbbpDHAnHmDXbHzmC62BJZpQzndscHzHgJtdJGf2adT8Z_
x-cache: HIT, HIT
fastly-io-info: ifsz=26546 idim=320x320 ifmt=jpeg ofsz=9114 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 9114
x-served-by: cache-iad-kiad7000062-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.154737,VS0,VE0
etag: "I8CFstK+e/z6clnl3bXOFjL81AzI4rEnG10lPXiE8TY"
vary: Accept
x-goog-generation: 1635784873905458
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=bgL3XA==, md5=gRKhpC1X4GNr6vjxBbhc7g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 26546
x-amz-checksum-crc32c: bgL3XA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 398, 1545

GET
H2 200 headlines-albumartwork-audioapp-2-thumbLarge.png
static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/ 13 KB
13 KB 28ms
27ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/headlines-albumartwork-audioapp-2-thumbLarge.png?quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 14:00:23 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 315995
x-guploader-uploadid: ADPycdvcZw_RvVMFlkZc-xVGK9Qm1jixjRMOF1OZQTuJz-ns8UHD7U3fmD1ap8dkm3WKHbSW9KRYqouno2vTFey4_12ZycrQY02c
x-cache: HIT, HIT
fastly-io-info: ifsz=20844 idim=150x150 ifmt=png ofsz=12952 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 12952
x-served-by: cache-iad-kcgs7200036-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.155039,VS0,VE0
etag: "LbFwq71cDcti1tLA50q2p9CsL0R7Xg7ULZY6QK7bdcY"
vary: Accept
x-goog-generation: 1680812038156789
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5MfQCw==, md5=qqLRi3ewu5a5crO4pskKzg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 20844
x-amz-checksum-crc32c: 5MfQCw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 101, 912

GET
H3 200 icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 198ms
193ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9619e7a1dc4ec09dc3d6c5df8aa6eada684c79482d283459eac511852d5bb3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPoJR8_Ceo8358QBxoVffGi6RvuDGlJYe3k58rTXxuXTKB_FwliDBZA9TF_5GypyQjK1pOMqHFoYW3HfRgB_2eHTHw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-26 13:06:31 UTC
x-served-by: cache-fra-eddf8230043-FRA
x-timer: S1699336018.293687,VS0,VE1
etag: "28bc2710ecd2b1d5d9556b8ae390a943"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1698324737243390
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5913
expires: Fri, 25 Oct 2024 13:06:31 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1954
last-modified: Thu, 26 Oct 2023 12:52:17 GMT
server: cloudflare
x-goog-hash: crc32c=XaQJPw==, md5=KLwnEOzSsdXZVWuK45CpQw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06GShLL%2BAjIuSa%2FJ0xmab%2FWHS7JkGRa8naiCY2g98dy51tYIBMMx%2F9FBfM6buDiE4n4vQ%2Fia%2F9fGAyVXUfFEjPQ2FBC8I2aTSac%2FLZ1gr17oo36VreXWWk2lfPuaYw8wLK7OT7OgPkJO%2FXks2VLQOrAWGfNLA8FghjDE"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1954
accept-ranges: bytes
cf-ray: 822347615e582c75-FRA

GET
H3 200 icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 448 B
2 KB 123ms
118ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c65354f69fbaf3704fa399fb2755f8f1e12a4febd45037a125f17de050fca7c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPq76oy3MDqLvMzqSBoYv_YqZSd4j60B7igqvJlaMW1nb5Jhjkh07_KY3RUk-NmfPYdcTk66ZpTm8coMVxvzRrm27w
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 16:19:28 UTC
x-served-by: cache-fra-eddf8230043-FRA
x-timer: S1699336018.209571,VS0,VE1
etag: "519c1a44c1767defa217a278d164b36c"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1698077567247330
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7383
expires: Tue, 22 Oct 2024 16:19:20 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 448
last-modified: Mon, 23 Oct 2023 16:12:47 GMT
server: cloudflare
x-goog-hash: crc32c=CbwOcA==, md5=UZwaRMF2fe+iF6J40WSzbA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtlDV2Bw%2FLsI3KFSiACpKdrLd0LSZvmBFdmYlPLzgMBiSAwjUIoFduRzxtwH8VMwz6ldmd8ff0dN5S8sb7P7cvo8TcuilKZ7U4TNODZXLXzUhHd8A4PnNhQCcuLjONUj2G9Mne%2BQ6EZC7%2BprIjbzFAwnK5E0YdfuJqDI"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 448
accept-ranges: bytes
cf-ray: 822347615e5a2c75-FRA

GET
H3 200 icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 424 B
2 KB 193ms
189ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d7824c56fadbab811bb6be7b48d8eec8fd4269877246eeed5b9b33d1a953292

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrBBs9rZs1jtcwtEYJIQTt59phg4G20Xa7F5dhWprIf1V9FY9DbWLyPO9q-cWbtiGelbducRakhxG9ACqkRiX7Xaw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 16:19:28 UTC
x-served-by: cache-fra-eddf8230126-FRA
x-timer: S1699336018.293774,VS0,VE1
etag: "ca44229b7404d9077baf5bd2f0fcebb0"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1698077567160430
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1000
expires: Tue, 22 Oct 2024 16:19:20 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 424
last-modified: Mon, 23 Oct 2023 16:12:47 GMT
server: cloudflare
x-goog-hash: crc32c=m+UYtg==, md5=ykQim3QE2Qd7r1vS8PzrsA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doZAUI4UEUneMoZA6i25J1u3a6gqRtr62ACB2LVSgayuvmZ%2BVT2pmNLpE%2FTafGdkbGfcBOifbgbEvE80fTNJfJPsOQVPbq7VH21fo92VZKeEhIg8DqS8GIW9im6LZ1b5Ko%2FUDNdRZ4qt%2B1uRgxF4gAvgf0ouFK2NjAQ%2B"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 424
accept-ranges: bytes
cf-ray: 822347615e5b2c75-FRA

GET
H3 200 icon-gameplay-0e0a0696c194512474af7462274eaa97.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 516 B
2 KB 173ms
169ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-gameplay-0e0a0696c194512474af7462274eaa97.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a1e05cca983d2c838b5637de79857db90bd69705e38126260f9dca7fc29186

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdvK6tE7bY93zJbYzBIaGZbNuVMmMw6mohhBPY6dxgB5wrhNj0Zze3eCPgkHKKuPh9MeiYqWRooqUSf8etUq97bc6Q
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-25 22:54:22 UTC
x-served-by: cache-fra-eddf8230052-FRA
x-timer: S1699336018.273488,VS0,VE1
etag: "8fb0705de15ee3fb853d82b64fc3fbfa"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695320370148652
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-gameplay-0e0a0696c194512474af7462274eaa97.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 798
expires: Tue, 24 Sep 2024 22:54:22 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 516
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: cloudflare
x-goog-hash: crc32c=6krs5Q==, md5=j7BwXeFe4/uFPYK2T8P7+g==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5EoZuujWhM80jYe769Lm4xzrnMcuVBPjBeYROa0g4Cxja3seiBfUna849BN1iF6J6UL46z4wilCQ2a0oDuLiWQoBrL%2BuS2gBs0hRAOAl5oX3iLSjDiy5oYM1Q%2FA0%2ByGHDAzPFBbxAkD%2FVe8cKx%2BqaIclWSlisb1ut3Q"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 516
accept-ranges: bytes
cf-ray: 822347615e5c2c75-FRA

GET
H3 200 icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 748 B
2 KB 142ms
137ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2e4eb2e6499e7805732b936694778a0547e32010bca773807743cfcd8e4b049

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdvsz11sa0IdpDTp5WBrGL7YqqZu48D6WMG7VNDpe6bM1w_YcVWTbfV1Cg1tmmiOaJhPNSnwMBuVmsCXG0jDjovEdw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 03:15:42 UTC
x-served-by: cache-fra-eddf8230034-FRA
x-timer: S1699336018.238540,VS0,VE1
etag: "9894fb012dcd739cdcecf1bc31d507a4"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695320370124229
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2560
expires: Wed, 25 Sep 2024 03:15:41 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 748
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: cloudflare
x-goog-hash: crc32c=PJBKmg==, md5=mJT7AS3Nc5zc7PG8MdUHpA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ia6MM%2FEgZTBir8yTaYG8Ven8bMESU9WIWJxzjhjRI%2B5H9%2Boj0%2FaU9vEiMsEUW5L4GAKCSKm0u0OuCdwbs7Y075ccc2mCSFfZBsvudohMJ9Wr2pUjfRRsmFGSOGLs1vUNy8gkIZhwbc3WPoGRSzXnhhm6vFJaqera3L2D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 748
accept-ranges: bytes
cf-ray: 822347615e5e2c75-FRA

GET
H3 200 icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 2 KB
4 KB 201ms
196ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4af9b52b5cf0f6a694ec51e283ccabc662be7881a3ecefecccf5441a687a894a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdtlejB7noJVh42oOzOrOYF7YqP_k9kroIdXIbUMFBqT4tEJfW-W5MjgFANuKigV-unYnop-q9CVS-xWIv4u8unUww
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-03 05:35:43 UTC
x-served-by: cache-fra-eddf8230098-FRA
x-timer: S1699336018.294059,VS0,VE1
etag: "75dce34b2cab91f7347cbe697eaec668"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695922492235768
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 988
expires: Wed, 02 Oct 2024 05:14:16 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2122
last-modified: Thu, 28 Sep 2023 17:34:52 GMT
server: cloudflare
x-goog-hash: crc32c=ORbazQ==, md5=ddzjSyyrkfc0fL5pfq7GaA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gH6TOYYN7ZYd8IWGIlWsnpLpsxlrpl5i6AXAXfQJ6Zw2LfhcMDt6tM3pAVxYJv2jc2BjSHxQkSltSXcAmlvUcOZK3OwcSECtEcFtNwqYTcm8g%2Bh87He7QRmWcT3cubLpyTYidqXe4w2YmcDONa40d2TXiyo47KJbGfDN"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2122
accept-ranges: bytes
cf-ray: 822347615e5f2c75-FRA

GET
H3 200 icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 1 KB
3 KB 102ms
98ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fd486c427aff4879822fc8e342979aa0110d283582bbee589cb941de95f39f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdsFk6Fz1XOly_cCriETjlye1zECS1lpXPj8X3kIk4-7UUzN7HvLMoxWSAXDMFD8RZ7mW9GztoaTnof5UrJyUJGzKw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-20 00:58:41 UTC
x-served-by: cache-fra-eddf8230055-FRA
x-timer: S1699336018.206629,VS0,VE1
etag: "2b654162f60dd23c00417299cce80666"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695162144943567
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7172
expires: Thu, 19 Sep 2024 00:58:41 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1486
last-modified: Tue, 19 Sep 2023 22:22:25 GMT
server: cloudflare
x-goog-hash: crc32c=125xEQ==, md5=K2VBYvYN0jwAQXKZzOgGZg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUG8B8aZvLQPKdf8pG9q7NJ3bo%2F0Wm9WVxtJNi4vEfkGAr5JjXHejsllNTwSbQtUmscwvGj1d9eTx1zBVZdlUxDcaWmK%2BoPo%2FxCSn07yPprUSbvLWatJ87mS8o%2BZ6UUxf46xX%2Fj%2FKyjHM3F0hfRG5R0HXere9fAaVKOl"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1486
accept-ranges: bytes
cf-ray: 822347615e602c75-FRA

GET
H3 200 icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 480 B
2 KB 154ms
150ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

832c2e84f40e3512fc4a9326e54e6c3a8e8b91d691dd601e5716ab8b4cd01f32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycducmF4HmdyYvD01LNYz1e6efLt4DL7lxz6rF5NTRI4gIuq_Y3CK85DOzjHxUU-WcmeU4AT8EVYITjj3FQ9h2Y4XEw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-03 07:56:37 UTC
x-served-by: cache-fra-eddf8230047-FRA
x-timer: S1699336018.238464,VS0,VE1
etag: "31e3b5a35faa43e94c8692daca44339a"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695922492236156
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1549
expires: Wed, 02 Oct 2024 07:56:37 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 480
last-modified: Thu, 28 Sep 2023 17:34:52 GMT
server: cloudflare
x-goog-hash: crc32c=qzwDhg==, md5=MeO1o1+qQ+lMhpLaykQzmg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbl1Gczu0pSy2j11xkzPQBTOqWde4%2FrAC0uzLwOTu3sXlUCP2DSlHWNjW925ZWqQ9hPyTQkQn31a5LbCx1qCyFqlxcGVNTkrRO8didrb51j3Hr06Nw%2BOPMzRp1UiMlyM7KIklWz6ElZlpK4O4YzQr74%2BxTnPBfZcjPaM"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 480
accept-ranges: bytes
cf-ray: 822347615e612c75-FRA

GET
H3 200 icon-clean-everything-2ec25627f12347716015757e012ec04b.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 1 KB
3 KB 198ms
194ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-clean-everything-2ec25627f12347716015757e012ec04b.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11cad19b226383c7e859031e5cd320644ad1a33d12abc2689a4d3bdbc8253ab7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdsAqHPKXdV_mgZJzgPAu4j6UnV35NSQhv1F4RSjkJq0-DJg6OSVfjBgsuslELUCCQuphJDolgXjtPFMBiuhmjGgYQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 23:32:28 UTC
x-served-by: cache-fra-eddf8230067-FRA
x-timer: S1699336018.293778,VS0,VE1
etag: "1d11a29b40906c218d08fd261c621573"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695320370149351
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-clean-everything-2ec25627f12347716015757e012ec04b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7212
expires: Wed, 25 Sep 2024 23:32:28 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1314
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: cloudflare
x-goog-hash: crc32c=dd5g7A==, md5=HRGim0CQbCGNCP0mHGIVcw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gsRMTZnDz4PpZ5LNoOpd%2Bwr9cOeNDvVxXz4%2FWqACiYQ9D0QVVCZO8RF3d74wqb00HnXodexu%2BJ8UjTkUwtawHeZNDa%2BB4D%2B917K5FhXnKHwADN6M8OmuTmttKwOQD%2FCFP7qwyGsgTl7TM5u2KbFP%2F5aY%2FB9eWktA9zK"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1314
accept-ranges: bytes
cf-ray: 822347615e632c75-FRA

GET
H3 200 icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 199ms
196ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d3928e5b934069fa3b78d716121fd1838737cb5b1aecd98b82e62982435ada6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdtdW4kWU-kY6kyTVymXq8lqDjGUJtyfVrG0CCINp-5JuxjgJq3u9uLAzpPsUHiz0sV0EfCLKRdKdofGp8L06D-NshlI342I
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-04 17:13:19 UTC
x-served-by: cache-fra-eddf8230098-FRA
x-timer: S1699336018.300730,VS0,VE1
etag: "8b7a3436254e062758ee1da7e31172ca"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1696434463124960
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 989
expires: Thu, 03 Oct 2024 17:13:19 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1686
last-modified: Wed, 04 Oct 2023 15:47:43 GMT
server: cloudflare
x-goog-hash: crc32c=IKGGXA==, md5=i3o0NiVOBidY7h2n4xFyyg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4xOlzpDXbgL%2Fdbcz4iMYdt41yscBW6ZfEtDkNs2t3KXRXZ2mE34NN7bfsRcdRo7ExBISsf0KvQ7CcatsTwQ7lEhFvVppSxWq5rFk7yzIJ4oC48NwjWvZkVxhTylnbfDoUNGtcZjryeSrIG%2Fo3U%2FsTil8IKfhFSrOETn"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1686
accept-ranges: bytes
cf-ray: 822347615e642c75-FRA

GET
H3 200 icon-athletic-windup-d4cce80f590773db71172618038e5787.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 133ms
129ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-athletic-windup-d4cce80f590773db71172618038e5787.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e9b1bcc8b7f6c40a146c67b1ae4d804d1a00f9374ebd5ce5b4f2de65ff69cc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdv31GUwP6zxkqgYgnoYYHdPTDYmLCFrGpChrlV40DQ2k2RQMc3bIshybgWbLJ_1cqy-HBmpYpfMYwAJTymtvEsqvQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-03 05:35:42 UTC
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1699336018.238654,VS0,VE1
etag: "cbf08c4ea3747245058f541d8fd30518"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1695922492049625
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-windup-d4cce80f590773db71172618038e5787.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 37
expires: Wed, 02 Oct 2024 05:35:42 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1810
last-modified: Thu, 28 Sep 2023 17:34:52 GMT
server: cloudflare
x-goog-hash: crc32c=DU5MYg==, md5=y/CMTqN0ckUFj1Qdj9MFGA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Lsm%2Bz6BNFHfDFrmYft1IQdgNksBpJ9RqbVm4VQCoIOo9EfRUfiHplm%2FzZBX20C3asxlQ0U4K25081J7trh8AsL02T8XbvsabkHez7uyi%2BqL4kXcdVEYSIfDxoRCOth%2Bo4tS3653ueb0rxsx8B0Zjp74et0p1cCzRzrF"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1810
accept-ranges: bytes
cf-ray: 822347615e662c75-FRA

GET
H3 200 icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 2 KB
4 KB 154ms
151ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b212ea12e667d35e7127d3c59788897d07d32a661336ccf122b02af12fab96d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycdsv26WI3rnaCR9SEuuab76COBGnEf4otBMo5ocDO6YMvuaIC0NNNgdUbWFz1G88DR3CcQ8jqzwQDE8CBS8m8fcrwg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 06:47:28 UTC
x-served-by: cache-fra-eddf8230138-FRA
x-timer: S1699336018.250617,VS0,VE1
etag: "6da573b90ea5519ac60ae64a15664824"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1696611983236738
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1985
expires: Wed, 09 Oct 2024 06:47:28 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2074
last-modified: Fri, 06 Oct 2023 17:06:23 GMT
server: cloudflare
x-goog-hash: crc32c=JIYI5Q==, md5=baVzuQ6lUZrGCuZKFWZIJA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqdNApupf609XZCT2CvdvSPDIf9Q6BlOryJG2VsOvgOo%2FUYH0uSQqKF2UjgG8XaI%2BaY6jLx154b7hvhL1X3VyaWAfH8LbVldPnMv%2BRezh7sFiVlUeUMENVJ7odZF6z7XPEtSkkiyp6QDr1%2FyvgklDr1x9Nse%2FZ9R9oXQ"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2074
accept-ranges: bytes
cf-ray: 822347615e682c75-FRA

GET
H3 200 icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp
panelsecurevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 155ms
151ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bafef9de45070f320e6d34730a285286b7b00ae2fbc1757ef49b1ff21d80c24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ADPycducbUMW3sAmEoDuJePVgK3ARkAp2W93nsbjDMLoX9XkaZ3jmZ6P-bsL83HKRl_70xKeFnHLANHVBJwAfXYzc0IinA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 06:47:28 UTC
x-served-by: cache-fra-eddf8230102-FRA
x-timer: S1699336018.247615,VS0,VE1
etag: "b7137a8997feaa89747ffa6457a58125"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1696611983251211
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7242
expires: Wed, 09 Oct 2024 06:47:28 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1800
last-modified: Fri, 06 Oct 2023 17:06:23 GMT
server: cloudflare
x-goog-hash: crc32c=iEBX8g==, md5=txN6iZf+qol0f/pkV6WBJQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6ng5H%2F41SIrWxSqzkrufTaG0iII1%2BbPWoqys5Laavlyusq6OFJJp4OA7G0LMo1uoNa%2Bln1tPbqiHRbD0Ka0%2Bgp6OYKUak9uVHa68IgGMdctXGBYZF6KTcFdYY0mezEzqDMUsu8xVoKxqd1apTzDt7NwGDhgce%2BESFhC"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1800
accept-ranges: bytes
cf-ray: 822347615e692c75-FRA

GET
H2 200 06dc-prexy-01-gwzf-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/06/multimedia/06dc-prexy-01-gwzf/ 15 KB
15 KB 27ms
27ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06dc-prexy-01-gwzf/06dc-prexy-01-gwzf-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4caf6c7af5ea1580e3aa315c7e5375aa7d6aec929faca9b0fe0687113cb83e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 00:45:02 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 18116
x-guploader-uploadid: ABPtcPpC4_CBALqU1ZbVj0lIUYvkTvEuXjrQjsifuWiWIPw2GfjUrmpTdgEg72cMpcc65FD4qIWMbN-GBA
x-cache: HIT, HIT
fastly-io-info: ifsz=43619 idim=600x400 ifmt=jpeg ofsz=15016 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 15016
x-served-by: cache-iad-kcgs7200114-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336018.155015,VS0,VE0
etag: "2Lt4Jyrd/S24HmE11zGDzAQmNeQbsZeOWCkzCzgn/R4"
vary: Accept
x-goog-generation: 1699317853944471
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5rIxzw==, md5=ze1XO9I1RK13QIajOV5mBw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 43619
x-amz-checksum-crc32c: 5rIxzw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 153, 9

GET
H3 200 vendor-604cacae1060c88c58e5.js Show response
panelsecurevip.secureweb.top/vi-assets/static-assets/ 167 KB
47 KB 158ms
155ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/vendor-604cacae1060c88c58e5.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1afec1ae97e85059d8bc36b774818c924a47040f9a956870e719e7ce231dc0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycdssnJRkTVQo-P8TTvKXDRhd4hjDG3IT_XIX4QyYREvgDtgttGrlHxegNNpfrFFpDSDRqDPCdj8WIuftwjeGbrRisQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-19 20:24:17 UTC
x-served-by: cache-fra-eddf8230120-FRA
x-timer: S1699336018.263706,VS0,VE1
etag: W/"a3e34db94111a24b5c375a7c945787ec"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1697746482558466
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-604cacae1060c88c58e5.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 15864
expires: Fri, 18 Oct 2024 20:24:17 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 19 Oct 2023 20:14:42 GMT
server: cloudflare
x-goog-hash: crc32c=k05IUQ==, md5=o+NNuUERoktcN1p8lFeH7A==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oB56GzWi1L5VkNSqoRV1DKeA5%2FLitNXdHtmGyapAU1P4d8tOjQl%2BzvXy%2F9TLRRqwMCP1atl0%2F%2B1sUPAIuMpqCcB1KrPP82%2FZj5t3NF8mPiAYsFnSKFVKDHez9sy7Gj%2BxgJJVvl5M7VGJeLbDuB2lnNf4Gm2Y4XuTJrJQ"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 171082
cf-ray: 822347615e6c2c75-FRA

GET
H3 200 home-ff32cdab3f151164e72c.js Show response
panelsecurevip.secureweb.top/vi-assets/static-assets/ 790 KB
176 KB 198ms
195ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/home-ff32cdab3f151164e72c.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b75f1263c2e4a65318c576d3de943c8792d344b061a366548a1bb93ff8942aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPoyRREN2X49l9oB4W2KWHRUa_ZTsLq1Gj-K9pSMmW1fBAmOLq8fo4qvfo_NBIiqBEZCM8IaqlTeeQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 19:40:06 UTC
x-served-by: cache-fra-eddf8230062-FRA
x-timer: S1699336018.293764,VS0,VE1
etag: W/"66f62f17be848797fd1b4f0afd6aec27"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699299490973644
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/home-ff32cdab3f151164e72c.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6
expires: Tue, 05 Nov 2024 19:40:06 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 19:38:11 GMT
server: cloudflare
x-goog-hash: crc32c=Y3UX+Q==, md5=ZvYvF76Eh5f9G08K/WrsJw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UnuU8dIO5TpPFueVwdZmThBahiIqP5Hu5%2B5P530sWPrghh5P37p8U12F2p9MsmkpdcSI2cBMCkEnDHbMdQ7WddYIO1HZHId3Ock8uTO1Jj1gYpnbblgS%2BqeCrlSz4SmlERS6m%2F4APHuSGbclrw%2Bz2ZdcTthX227wPdr"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 809360
cf-ray: 822347615e6f2c75-FRA

GET
H3 200 desktopLogoNav-c1a73e53fda9a9604a09.js Show response
panelsecurevip.secureweb.top/vi-assets/static-assets/ 1 KB
2 KB 133ms
130ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/desktopLogoNav-c1a73e53fda9a9604a09.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e2ebe67009b7cfad70167fc977f56844eae0683b216f8fb12fa6e9bdd7dac29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycds50l7IjN4Cmwf8fZ1JG3-GmSNNLQYqRk2PpVXRko--pKL3BD0i9FFBcduOrKSGaIY_ZNZsZ3LTFybO8HdafnfStNmUcDjC
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-12 18:35:34 UTC
x-served-by: cache-fra-eddf8230099-FRA
x-timer: S1699336018.238636,VS0,VE1
etag: W/"76b688f1ced157215e389b4a6a441a26"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1697135363708764
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/desktopLogoNav-c1a73e53fda9a9604a09.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2759
expires: Fri, 11 Oct 2024 18:35:34 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 18:29:23 GMT
server: cloudflare
x-goog-hash: crc32c=dgz+Bg==, md5=draI8c7RVyFeOJtKakQaJg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfRp4weHnnYcykAIyDjL5UH86rU8IclGKmOG4C8GHnTh5YZaEY7ihxD%2FdbrH%2BHDz7e%2B0uUTJByS5228vskku8efD9HGWAN3JjcDk1M0V7jtSMm55mLkjPzTSWxA3itn39CqU%2F%2BT9JLCC6yZFKA2%2F7jy67R1mwu4rHi8Z"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1488
cf-ray: 822347615e712c75-FRA

GET
H3 200 nestedNav-f8a37c36fb79026d0359.js Show response
panelsecurevip.secureweb.top/vi-assets/static-assets/ 106 KB
14 KB 200ms
197ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/nestedNav-f8a37c36fb79026d0359.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

868fa0aee4b3170445519391c249b544438425cdb392aba77b9dae9b5ea7e27f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPqWGDQhFNOu67PSJXOpS4zc-8rqNlgJcglB6PRfu8rthgCmqPrIia0baVr0YmGQX0Sziq7H05uaEg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 17:00:43 UTC
x-served-by: cache-fra-eddf8230026-FRA
x-timer: S1699336018.294277,VS0,VE1
etag: W/"223ae12e2dc10c616040d88c61c052db"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699290028186751
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/nestedNav-f8a37c36fb79026d0359.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 358
expires: Tue, 05 Nov 2024 17:00:43 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 17:00:28 GMT
server: cloudflare
x-goog-hash: crc32c=PTWvXg==, md5=IjrhLi3BDGFgQNiMYcBS2w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpFded9%2FeUotazW%2BrCI3KCSNAvtbptbrS2AFzBXQdGPYfruvTwTGecwT9pPBl6H4rQq%2BytHnU13y3CYijXs48KfHQYhzGayxwdGbq9Ew8N6HdW8ef7LEDgYlf7A9YLeJ0ZHpNshmI15%2FV1SzIhgesJIgIp1GlbiwTOMT"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 108106
cf-ray: 822347615e732c75-FRA

GET
H3 200 main-f6e9bf5bf8e07ff87fa7.js Show response
panelsecurevip.secureweb.top/vi-assets/static-assets/ 2 MB
456 KB 198ms
195ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/main-f6e9bf5bf8e07ff87fa7.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52dc9d8c27d10f6478e371f82bd0e12f56758f4c40337149c3bfd0df8318a5b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPqdzpadAFUVyiTqHXPXg1Fzjn4OyAUPmZNG2V2YQSv3hIkzyFvQaaXkeFbXtPLxvxCnnCpF_IT4rg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 18:50:39 UTC
x-served-by: cache-fra-eddf8230090-FRA
x-timer: S1699336018.293777,VS0,VE1
etag: W/"07218d73f76f6a22f47bcd8384265564"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699296528595840
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-f6e9bf5bf8e07ff87fa7.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5
expires: Tue, 05 Nov 2024 18:50:35 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 18:48:48 GMT
server: cloudflare
x-goog-hash: crc32c=mHWP6w==, md5=ByGNc/dvaiL0e82DhCZVZA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kq5NRf%2FRAyZzcQEKg6z8ip7tiKX0nyvNeX11aznN8DxVzpM4%2B%2BVh6S5TgTw9S%2FhohntoBctGMCCzIT%2BrlHNqZSiwDTTCKD6fmnjxJ%2B4Z7ZYqORLf6Uifl8z5y9DJegvBj%2FNH38sT9mjlArhoMN%2FcIbduXl9xJJIwm0EQ"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1734191
cf-ray: 822347615e752c75-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 447 KB
121 KB 332ms
48ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f490a3d712a85f6a22c14ab88ae66da554b9b0a858695b272bf19db3a748afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123236
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.tracing.es5.debug.min.js Show response
browser.sentry-cdn.com/7.77.0/ 112 KB
35 KB 16ms
13ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Requested by

Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/7bc8bccf5c254286a99b11c68f6bf4ce.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1b1b5eba0b40959ff84b21b6456846aa72149e00d06f96b412df8cd64ae683f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://panelsecurevip.secureweb.top/
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 31 Oct 2023 10:30:51 GMT
server: Fastly
age: 581129
etag: "35fbbc92491709deadc8a5a10d2db4b2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35905
expires: Wed, 30 Oct 2024 12:21:29 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 452ms
406ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://panelsecurevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Tue, 07 Nov 2023 05:46:58 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 31
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: NH
x-samizdat-query-exe-id: b53b3d7985dfde96
x-samizdat-query-field-errors: 0
x-served-by: cache-ams21063-AMS
x-timer: S1699336018.165794,VS0,VE393

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v4/ 150 KB
48 KB 326ms
41ms Script
application/javascript 65.9.89.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.89.147 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-89-147.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
content-encoding: br
via: 1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 09:24:57 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 1
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: bMEcI0BiWeDNqIGf-Wryj7C_zBYm48hJNbTqcl_9xjCsgVtz9iHZbQ==

POST
H2 200 track
a.et.nytimes.com/ 0
0 430ms
124ms Ping
text/plain 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET als
als-svc.nytimes.com/ 0
0

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 15 KB
6 KB 279ms
19ms Script
application/javascript 2600:9000:2491:0:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:0:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:03:31 GMT
x-amz-version-id: 97N1XuC065XmB4DEf6HyYikKPu2vnzE3
content-encoding: br
last-modified: Sat, 30 Sep 2023 14:56:12 GMT
server: AmazonS3
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 2608
x-amz-cf-id: mzmmXz6KZq3Q1W_IH84qCwguoNMcwFfsTb-DNG7vMQ49QG3qA_60eA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 265 KB
65 KB 308ms
41ms Script
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:26:43 GMT
content-encoding: gzip
via: 1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 21:46:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, PRG50-C1
age: 1216
x-amz-server-side-encryption: AES256
etag: W/"952090f32d44601808d121a61e707826"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: pKh-eYDckJyWULRGd6W8rXJoL1zii5h_Zae9UpewfjIWKtFT9sBGLg==

GET
H2 200 prebid8.1.0.js Show response
www.nytimes.com/ads/ 302 KB
96 KB 29ms
24ms Script
text/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/prebid8.1.0.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 440524
x-guploader-uploadid: ABPtcPqw93TFO2NlWVed49gbdvq_EgKiuCyrAGdU2yqb7iwHAVtAweGcTFbwm1_5qKpSH1jLKaY
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-02 03:24:53 UTC
x-served-by: cache-ams21022-AMS
x-timer: S1699336018.182718,VS0,VE1
etag: "69d0b1569bbd0b87116d60db3a12cd34"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1687806692468937
content-type: text/javascript
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.1.0.js
x-nyt-route: ads-static-assets
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT
x-amz-checksum-crc32c: VcerCA==
x-cache-hits: 260
expires: Thu, 02 Nov 2023 03:24:53 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
content-length: 97611
last-modified: Mon, 26 Jun 2023 19:11:32 GMT
server: UploadServer
x-goog-hash: crc32c=VcerCA==, md5=adCxVpu9C4cRbWDbOhLNNA==
x-gdpr: 1
x-goog-stored-content-length: 308841
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73bd4d0f8a3ec1a6b0ec41f111a2b46ba4c242d4dc7bdf0817c4af97a6dfa48e

Request headers

Referer
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 41ms
14ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 00:05:22 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3562895
x-guploader-uploadid: ADPycdsbkLowKCdCM7mVy1Ozsuhd-j63Vmy4nVb3vW7YPi3bBXHCcn_RyiYRAw-T941vQU6ePVxmxfZzAxspg3U-amfVGg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1699336018.168964,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1673991776265363
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 29913

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 67ms
39ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 25 Sep 2024 00:56:55 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3646203
x-guploader-uploadid: ADPycdurDSUTB_t5kPKcXj26tynZk3mvZDSiLT_noS6ChN1BiT-iAn77DZOkuPbKU8Li8rRg_90T7_NPoy_ujoXzviiXTsFcEUux
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1699336018.169834,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation: 1673991776231570
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 30557

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 67ms
40ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 17:49:32 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 17323042
x-guploader-uploadid: ADPycdvtrAmusTrSLfmQI-Ze2DFF0WkJk72OyihvIf3cf_xFoz1BIJ8dC4wRmO1fDdJMSU9JREmeciVob79uhJP-peLn73p5hKWp
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-ams21027-AMS
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1699336018.169819,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
x-goog-generation: 1650460180595156
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20196
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 23855

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 62ms
35ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 04:48:08 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2941129
x-guploader-uploadid: ADPycduCUdl1CfB8O67U0bMgPKigkDIn9SmpoI0EcCVi10S1nPg_Mc-ZIuaN_yAHQ3lRvctp6qkpGFzfjxn0js8V-UdgsJJYCTJD
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336018.169284,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
x-goog-generation: 1673991775200429
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 17250

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 67ms
40ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 08 Oct 2024 23:54:27 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2440351
x-guploader-uploadid: ADPycdugq0cT97jyFc1Q_vppvhxrBjsxtiq47Ka0frgOoCfqe-c9IW9ngiN3Gx5jl6QcNeJB_Tll9w2rUYhOOU9CDlh3trAFpCN7
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1699336018.169854,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation: 1673991776736810
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 26703

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 41ms
14ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 11 Sep 2024 03:24:17 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 4846961
x-guploader-uploadid: ADPycdvWNMDTwiByq9o_0bQAUc6iwA7hLyNjC1jOn8oEUsOZCwIfSjnX3bsLugnMbd-fAijhTuqCTPbJnnzhT7TBpVWDmw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336018.168947,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation: 1673991775007595
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 19438

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 62ms
35ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 22:58:53 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2875684
x-guploader-uploadid: ADPycdvUGnWfB2Bvkxu4N8mx5gRwgM-mdhg1nRcoACYlvDbYYXXQauz1NtoBdMdoYrxSjgWSMj7r9gtZW8rcU5GjrDmV
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336018.169264,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
x-goog-generation: 1673991775015704
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26448
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 13718

GET
H2 200 karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2
g1.nyt.com/fonts/family/karnak/ 23 KB
23 KB 33ms
33ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/karnak/karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 09 Oct 2024 01:27:49 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2434748
x-guploader-uploadid: ADPycdttruRpsPwng4IKtzVMYfu4WaIuvSbGrNIsf94S91ynetvk7xSFqunUF65acArAUUTmQiA5zcfEKvdBPiOjha2a0fNKpe6c
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23400
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:57 GMT
server: UploadServer
x-timer: S1699336018.185882,VS0,VE0
etag: "4a0c7e79ac2f009f12f9106482c961c4"
x-goog-generation: 1673991777120718
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=a9fAaA==, md5=Sgx+eawvAJ8S+RBkgslhxA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23400
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 15861

GET
H2 200 cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
24 KB 34ms
34ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 30 Oct 2024 04:57:06 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 607791
x-guploader-uploadid: ABPtcPra9wNfpSsctQwQokX8QW1RALmBmOEQ-Bb5Jnb9BCeF0X4mt1QocAe5h6sBUymwsC7yBxI_FxLxC4nsoVP_b4yCXFV4_Z3h
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24028
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336018.186063,VS0,VE0
etag: "cdfa0ec29cca8c2d2f54c79d898e15c1"
x-goog-generation: 1673991775386814
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=2JQyuQ==, md5=zfoOwpzKjC0vVMediY4VwQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24028
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 242

GET
H2 200 cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
24 KB 34ms
33ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 27 Aug 2024 19:23:06 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6085431
x-guploader-uploadid: ADPycduYSjsDdm_-d0VAw6T_nR42gd3NO9hVBN_0AU5dtiQ83ziqPBmw2XRHKt8SMjAorQyIEnylGKY4pBnMQWQNn2Bsw2Tzb2MX
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23704
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336018.187472,VS0,VE0
etag: "1a0b316424cdebd18086b8dbbc768eef"
x-goog-generation: 1673991775396405
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FTq84Q==, md5=GgsxZCTN69GAhrjbvHaO7w==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23704
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 6635

GET
H2 200 cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
g1.nyt.com/fonts/family/cheltenham-text-cond/ 28 KB
28 KB 33ms
33ms Font
application/octet-stream 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-text-cond/cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://panelsecurevip.secureweb.top
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 23 Oct 2024 01:49:12 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1223866
x-guploader-uploadid: ABPtcPo1SbMBrhkhhjaT3UkWqSR6rHhMJscmQeyKVNqhJ0y7QgygZGhsAk7MDuQz1nbjTUuvZ3aI9dmX6hQ75QSfN9IVFlHPc3C4
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28868
x-served-by: cache-ams21027-AMS
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336018.187437,VS0,VE0
etag: "7e78f9e7e6c2e02d82592c4466929fa3"
x-goog-generation: 1673991775506403
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=UQFt6w==, md5=fnj55+bC4C2CWSxEZpKfow==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1284

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 227ms
21ms Script
application/javascript 2a02:26f0:3100:795::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Sun, 15 Oct 2023 19:28:42 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 403 / Show response
o82024.ingest.sentry.io/api/178860/envelope/ 56 B
393 B 154ms
22ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 163ms
81ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/vi-assets/static-assets/adslot-42e9c3fd69719c71ab62.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6c2c44352cc62f88c3b2a49f0cb59231b4f9e65dae8f24d6ca0647e3df906d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31024
x-xss-protection: 0
server: cafe
etag: 841 / 19668 / m202310310101 / config-hash: 14006379532634456263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 05:46:58 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
626 B 63ms
13ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:58 GMT
an-x-request-uuid: 4c78752b-d6a4-4361-bb1d-3c480a8b4465
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 95.211.199.149; 95.211.199.149; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
612 B 92ms
21ms XHR
application/json 3.74.50.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.1.0&referrer=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&tmax=10000

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.74.50.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-74-50-207.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:58 GMT
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
x-auction-status: 3, 3, 3, 3, 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 444 B
804 B 64ms
17ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=panelsecurevip.secureweb.top&tg_i.page=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_top&tg_i.pbadslot=dfp-ad-top&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=14bbdd14b3409a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6194244100447166
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 646d2a9c9d07b7d22fea45512a9d6fd226411c0e8083433a8709e4a22cc7e454

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 444
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 446 B
805 B 63ms
17ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=panelsecurevip.secureweb.top&tg_i.page=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_mid1&tg_i.pbadslot=dfp-ad-mid1&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=1552c8d0ef6c845&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.808170214023167
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d9828a91702b4db79d0b02c33f81ebc8f604827e77682371b10f9f2dd2581103

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 446
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 446 B
806 B 64ms
18ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=panelsecurevip.secureweb.top&tg_i.page=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_mid2&tg_i.pbadslot=dfp-ad-mid2&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=16793bd5205ccbc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15188413420298552
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 23e7da19feddfb3d4b99b0e20b886d719eed6e0c0de5116c57edd0a17be32fd8

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 446
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 446 B
805 B 62ms
16ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=panelsecurevip.secureweb.top&tg_i.page=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_mid3&tg_i.pbadslot=dfp-ad-mid3&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=1794b4c77e8faea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3118261880417603
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 767ebea232693901e0dcf16289fb7217d75bd3edf75031df79d6c253b5ded8bc

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 446
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 450 B
995 B 61ms
15ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088374&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=panelsecurevip.secureweb.top&tg_i.page=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_bottom&tg_i.pbadslot=dfp-ad-bottom&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=1817f121f4fc8a9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6825314497262029
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: de6cfbbb2c9495f7f6cabdea7e0abd91e45e1a055d45ac5ae903060e98d2e640

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 450
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 334 B
736 B 208ms
165ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 241b98aa7a1fac734a3cb7ef86a2a3eb055f4cce1c5380bc63fd275f8d320624

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Nov 2023 05:46:58 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
268 B 75ms
22ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: af7a6a4f4fa60eba9bfef2d79977d00c79a0b8848f2163a246641299d4dcc9c8

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://panelsecurevip.secureweb.top
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 153 KB
51 KB 26ms
25ms Script
text/javascript 2600:9000:2491:0:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:0:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fd1e8da45cc479046e68a609cadd9bdb7b4e177687de4bdd890c7cb78b6e6f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:03:31 GMT
x-amz-version-id: Nklf6y34OT9zHX7ff24nvhkolvWvhDW6
content-encoding: br
last-modified: Tue, 07 Nov 2023 04:31:52 GMT
server: AmazonS3
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"0628f3516309253b0c0cc2225d924cf4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 2608
x-amz-cf-id: KD6NdIEgXfu1zwTnUh-_Dy6fCXIP7T2OC6vZbIl4oHUoF74I0A2hzA==

GET
H3 200 vendors~allAccessLandingPage~bestsellers~card~collections~cookingLandingPage~explainer~gamesGiftLand~294d5d80-35ba912c048d03f4db3a.js Show response
panelsecurevip.secureweb.top/vi-assets/static-assets/ 44 KB
11 KB 77ms
76ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingLandingPage~explainer~gamesGiftLand~294d5d80-35ba912c048d03f4db3a.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4501bb0294daf1a98751db74fe0917f9134d90ab743318c3e8a7d9722efbae41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPricut4U1z8vQu7WFBu8J5YBU41OiSSwBqzxvG6Jw5U8hcoygEihPgjyYcUyjL95UyeKAIvJay3Wg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 17:14:20 UTC
x-served-by: cache-fra-eddf8230034-FRA
x-timer: S1699336019.602527,VS0,VE1
etag: W/"bc5ac66573bd426320b5d3b3e2fdebba"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699290518944923
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingLandingPage~explainer~gamesGiftLand~294d5d80-35ba912c048d03f4db3a.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 640
expires: Tue, 05 Nov 2024 17:14:20 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 17:08:39 GMT
server: cloudflare
x-goog-hash: crc32c=I/zq0Q==, md5=vFrGZXO9QmMgtdOz4v3rug==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVMFpRwzBgmso67allkornt7i%2Be6UYQsotGqpJ6956w0sg4Sxsw28GkE8rIbrmKDFNnN87nEVA5tOz8%2FHmXcfYC88RrAVmrKwfcQ41MrRHS1vhRVpa0j1q0a281JChmoMLe4TQY%2FfvOrD2j0pJHqOPq3jIvimCYdOMkH"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 44674
cf-ray: 8223476408cc2c75-FRA

GET
H3 200 vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~9963152a-19e89dc7a603e4102bca.js Show response
panelsecurevip.secureweb.top/vi-assets/static-assets/ 199 KB
52 KB 68ms
68ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~9963152a-19e89dc7a603e4102bca.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94df5d2926f84023b53a7b88d959ec0a24857fccc905c82b5bee2869845eb4c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPoD5YzTLBYaXzKZE9EU40pxXPmS4TgokDE4oRP0fuo73_cvKAPU_2uJHPibJvOm8gA9U6wwNxX__g
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-01 16:21:03 UTC
x-served-by: cache-fra-eddf8230128-FRA
x-timer: S1699336019.597850,VS0,VE1
etag: W/"559367abf8d93938749b090dcf53a49b"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1698855661331513
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~9963152a-19e89dc7a603e4102bca.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6192
expires: Thu, 31 Oct 2024 16:21:03 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 16:21:01 GMT
server: cloudflare
x-goog-hash: crc32c=lv0vnA==, md5=VZNnq/jZOTh0mwkNz1Okmw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPSuRtwTtsgvylM6lhEnAvMwcEuy0YKh4E1T4EqQsebXcXxzfI6c7YbsUivlRrMwKtzGssAgOF2i8rI%2FJcalznRY8HsedvLHdggtEBsYPxtkeq0T74P%2Fcc29NcB4yO6eokaAmTqi20OcUxIeAbW5yLcoElm4KrlpUt%2F2"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 204119
cf-ray: 8223476408cd2c75-FRA

GET
H3 200 vendors~audio~bestsellers~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~slide~b202aa65-3e08838b78a41d5f409d.js Show response
panelsecurevip.secureweb.top/vi-assets/static-assets/ 46 KB
16 KB 76ms
76ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/vi-assets/static-assets/vendors~audio~bestsellers~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~slide~b202aa65-3e08838b78a41d5f409d.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb554020ec10b151dcccf7f5eae72f7807d392f2324582f4ae45168ccf9b007e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPrdeUJRVLDdAtEM0rK4OCylDl_js0HB30P3-car7YDSuYOg5o4_yC2YyUJ4B2BBFFDTcuw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 19:40:02 UTC
x-served-by: cache-fra-eddf8230020-FRA
x-timer: S1699336019.602653,VS0,VE1
etag: W/"6bcf719b5c3e4391f14146dd1e4911bc"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699299492364100
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~slide~b202aa65-3e08838b78a41d5f409d.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 458
expires: Tue, 05 Nov 2024 19:40:02 GMT
date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Nov 2023 19:38:12 GMT
server: cloudflare
x-goog-hash: crc32c=nl8vAg==, md5=a89xm1w+Q5HxQUbdHkkRvA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BPxmzhuPy9%2Bhln5tvdHz6Q9Krfbr3OyVCAVVbuhNwQaEdbdk7dLe58MlgdbHIGmvCCYoKIxrwDJcL7VKxXYlTbWlMFNvio0mUMa9QX7x%2FC3jgFMDg6Mp7KquH31j%2FldF3L6jKiA%2Bip0yLw%2F5q145ZBeFwZuyUbKFuky"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 46690
cf-ray: 8223476408ce2c75-FRA

GET
H2 200 3030 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
780 B 72ms
20ms Script
application/javascript 18.66.112.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3030
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-124.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 56e6f324b5c96993959adc6f720bfb789bdf4a9db9e2ef5ba1e78ff0ab712225

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:11:00 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
age: 2158
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: VK58Pvpmm3Uvqjo2tCS0RPa9kaWipP3g9meUgeAwrkAW7KG89XSj4g==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 141ms
141ms XHR
text/plain 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fpanelsecurevip.secureweb.top
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 a60a14dea4b4a9f77d34297a625f2e24.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: pHVo7IIdJEQNIoWD_xNda7p9KeUj2sfvJN8PBVuK2CuiFMyotHRyKg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
514 B 115ms
56ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&pid=1WWOnvflyouS4&cb=0&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: SBZCYK92J91S92GPBA9E
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://panelsecurevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: jqfVK_fqwkjCm-BMNbQpoXRdL_Up5xtDThhKM14mr4SaBiIaGRBpcw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 497ms
427ms XHR
application/javascript 65.9.90.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-90-93.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: ZuNrVYpSRzx5xsr8EAlMB_J1fsNd1w2J0-nLlXNe86UtCD5diU5LmA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 425 KB
133 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 22:02:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27878
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136288
x-xss-protection: 0
server: cafe
etag: 17302374607849014435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 05 Nov 2024 22:02:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 50 B
76 B 127ms
65ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=panelsecurevip.secureweb.top

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82359bf9a1eb50bb2a478f649f8302550b39c5d7ec00b623e718a58364a5cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52
x-xss-protection: 0
expires: Tue, 07 Nov 2023 05:46:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
61 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37135696f5afe7dd4a4f6d8632b1a69db1b03632ea2172a900df7f48085070eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62462
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Nov 2023 05:46:58 GMT

GET
H2 200 tags.js Show response
dd.nytimes.com/ 227 KB
47 KB 72ms
22ms Script
text/javascript 18.66.97.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-95.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

8efe1572be12f6646d54cfb294c79d31a010fa99cf4948e168582234b0464f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 05:27:10 GMT
x-amz-cf-pop: FRA56-P2
age: 1226
x-cache: Hit from cloudfront
content-length: 47609
last-modified: Tue, 31 Oct 2023 08:00:41 GMT
server: Apache
etag: "38dd0-608fe8d090ad9-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: 189FpQ6VkGBsAAg2bS1ePSOuxAFiJ28uEHK4RpcjavEhJswjSO9-4g==
expires: Tue, 07 Nov 2023 06:26:32 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
227 B 123ms
48ms Image
text/plain 65.9.95.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1699336018661&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&c9=
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-63.prg50.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: C_wLXTtcYVtq6SRDdKuYd-0f77S8yzt85EDbMwwZp40nBhvtF2etJw==
x-cache: Miss from cloudfront

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 121ms
121ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://panelsecurevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Tue, 07 Nov 2023 05:46:59 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: NH
x-samizdat-query-exe-id: af79484656c52da8
x-samizdat-query-field-errors: 0
x-served-by: cache-ams21063-AMS
x-timer: S1699336019.929394,VS0,VE105

GET
H3 200 market Show response
panelsecurevip.secureweb.top/api/ 516 B
1 KB 44ms
44ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://panelsecurevip.secureweb.top/api/market

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be9dcda7136b10664180d9376d56acf52cb27126082e1dd1fda47ca67316de55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
baggage: sentry-environment=prd,sentry-release=a64d1b3439b17e751ba3d2c4871a1b85b30d002b,sentry-public_key=7bc8bccf5c254286a99b11c68f6bf4ce,sentry-trace_id=d99ef4dc41b24e0b8267fff87a7906f5,sentry-sample_rate=1,sentry-sampled=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
sentry-trace: d99ef4dc41b24e0b8267fff87a7906f5-9631a8a60fda01ea-1

Response headers

date: Tue, 07 Nov 2023 05:46:58 GMT
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-F-X
age: 34
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-origin-time: 2023-11-07 05:46:24 UTC
x-served-by: cache-lga21927-LGA, cache-fra-eddf8230078-FRA
server: cloudflare
x-timer: S1699336019.949056,VS0,VE1
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/api/market
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FbflzYMp84NeWxey5%2FCYxqKqMzL9cDoquISvTrxFh%2Btc8NKBP5cwHdmZegImpAUJQR%2BkfCTkfGAWfNU0rRBdNyX2W0hb7SQNcRtB4HKNPTUX%2BDMXTWAw3gnn%2BCnxjLw3zSBuSgmXdXY6kQDH9DoI3FkzEl9GwzDdL1E"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=60,(null)
x-nyt-route: market
x-nyt-app-webview: 0
x-gdpr: 1
x-frame-options: DENY
x-nyt-edge-cache: HIT-HIT
cf-ray: 822347665aec2c75-FRA
x-cache-hits: 12, 2

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET purr-cache
purr.nytimes.com/v1/ 0
0

GET data-layer
a.nytimes.com/svc/nyt/ 0
0

GET
H2 200 nested-nav2.json Show response
static01.nyt.com/newsgraphics/sujo/ 1 KB
1 KB 136ms
136ms Fetch
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/newsgraphics/sujo/nested-nav2.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

17615132642880808e44f8f5b54edef8ee37a514e003b6faf98014ecca401194

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 05:47:04 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 0
x-guploader-uploadid: ABPtcPrFPzikVA3B5GedMMfbS6S7oBbodiwH4gSpUEgsIY26bXed8ZBplecemmGsiPdinRV4cg
x-cache: MISS, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 647
x-served-by: cache-iad-kcgs7200177-IAD, cache-ams21063-AMS
x-amz-meta-checksum
last-modified: Mon, 06 Nov 2023 15:23:16 GMT
server: UploadServer
x-timer: S1699336019.037935,VS0,VE117
etag: "ff0b0bfbb417a399fc27134f846d8c1b"
vary: Origin, Accept-Encoding
x-goog-generation: 1699284196140782
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=3F6zzA==, md5=/wsL+7QXo5n8JxNPhG2MGw==
cache-control: max-age=5
x-goog-stored-content-length: 1475
x-amz-checksum-crc32c: 3F6zzA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 nested-nav2.json Show response
static01.nyt.com/newsgraphics/sujo/ 1 KB
744 B 137ms
137ms Fetch
application/json 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/newsgraphics/sujo/nested-nav2.json

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

17615132642880808e44f8f5b54edef8ee37a514e003b6faf98014ecca401194

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 05:47:04 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 0
x-guploader-uploadid: ABPtcPrFPzikVA3B5GedMMfbS6S7oBbodiwH4gSpUEgsIY26bXed8ZBplecemmGsiPdinRV4cg
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 647
x-served-by: cache-iad-kcgs7200177-IAD, cache-ams21063-AMS
x-amz-meta-checksum
last-modified: Mon, 06 Nov 2023 15:23:16 GMT
server: UploadServer
x-timer: S1699336019.037911,VS0,VE117
etag: "ff0b0bfbb417a399fc27134f846d8c1b"
vary: Origin, Accept-Encoding
x-goog-generation: 1699284196140782
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=3F6zzA==, md5=/wsL+7QXo5n8JxNPhG2MGw==
cache-control: max-age=5
x-goog-stored-content-length: 1475
x-amz-checksum-crc32c: 3F6zzA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 06trump-trial-hp1-qbtc-threeByTwoSmallAt2X-v3.jpg
static01.nyt.com/images/2023/11/06/multimedia/06trump-trial-pinned-01/ 39 KB
40 KB 23ms
18ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06trump-trial-pinned-01/06trump-trial-hp1-qbtc-threeByTwoSmallAt2X-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f256b1151bcdcb1156ec95c6e40a56f17a91ef8b6668bcd9d113779d98cebf42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 22:54:25 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 24754
x-guploader-uploadid: ABPtcPrGbHDBqeXjo0F1n5ALdGIGAtlU8bPiq1WeotQlGMqfP5-3oJwj-BHdr_b8H8NtnJ5RovmJQ_gFJQ
x-cache: HIT, HIT
fastly-io-info: ifsz=84842 idim=600x400 ifmt=jpeg ofsz=39778 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 39778
x-served-by: cache-iad-kcgs7200080-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.383544,VS0,VE0
etag: "5XCiefd/KYMBjvIVJPn75lgHCvaxLvfEIEvJrw0diyM"
vary: Accept
x-goog-generation: 1699311213693089
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=AJiDRA==, md5=LeqgzaI0HKxTlrxCqovzJA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 84842
x-amz-checksum-crc32c: AJiDRA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 57, 12

GET
H2 200 06wework-bankruptsy-sub-chlk-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/06/multimedia/06wework-bankruptsy-sub-chlk/ 31 KB
32 KB 26ms
22ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06wework-bankruptsy-sub-chlk/06wework-bankruptsy-sub-chlk-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9ec978213051509467672fa65a939d16cadd988e81d53c81bf6fd5b81e90151f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 02:24:58 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300709
age: 12121
x-guploader-uploadid: ABPtcPpfEys8__j9QWV6Wz83DyB4B606Wch4fdjf-khEL4ae00lTTW9Qjv89BdI4OEjj-KZTyHBccH5Orw
x-cache: HIT, HIT
fastly-io-info: ifsz=69516 idim=600x400 ifmt=jpeg ofsz=31732 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 31732
x-served-by: cache-iad-kcgs7200143-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.384171,VS0,VE0
etag: "TI4efoW9XwAQX/QTH8m57GfZ3IcP/jNcPpC/RyiDVj0"
vary: Accept
x-goog-generation: 1699323786293598
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=xhs/lQ==, md5=GUDexhcKbu5f0TMlGaxDlQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 69516
x-amz-checksum-crc32c: xhs/lQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 293, 6

GET
H2 200 07STREISAND-REVIEW-tgch-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/07/multimedia/07STREISAND-REVIEW-tgch/ 10 KB
10 KB 25ms
22ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/07/multimedia/07STREISAND-REVIEW-tgch/07STREISAND-REVIEW-tgch-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3f91fa3c8c68bf9155006b179e21c46ef9abf71d6b5a4e11a74a40e5b176da65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 05:02:25 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 2674
x-guploader-uploadid: ABPtcPrGTvOuqCUBICwH07er1_XAwx11tHw3f2b5cro1faiZEmbu_fj6uAxo2iOrzJjgdavvMgmQVLl_yQ
x-cache: HIT, HIT
fastly-io-info: ifsz=23159 idim=600x400 ifmt=jpeg ofsz=9840 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 9840
x-served-by: cache-iad-kcgs7200095-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.384158,VS0,VE0
etag: "Yaj4cTlcqCiGOYdBsmZMExsxrAmTemu7ujBdNESSfro"
vary: Accept
x-goog-generation: 1699333287748155
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=3doRcQ==, md5=2BhormZQQit/pp7DSG3frw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 23159
x-amz-checksum-crc32c: 3doRcQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 88, 2

GET
H2 200 06china-debt-01-cmpl-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/06/multimedia/06china-debt-01-cmpl/ 48 KB
48 KB 23ms
20ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06china-debt-01-cmpl/06china-debt-01-cmpl-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

15bb3ffc59f462f8200d11db9a59ac35b5ed9b197e6d20596fc68fa16e73de69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 23:01:05 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 24354
x-guploader-uploadid: ABPtcPorl02Bci88W-6cVAcsm5Qd4INyhypxcn6Z8xC3rkHPrs-KLmmjkSbVJ-UyfrP12S2eMGQ
x-cache: HIT, HIT
fastly-io-info: ifsz=95374 idim=600x400 ifmt=jpeg ofsz=49134 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 49134
x-served-by: cache-iad-kcgs7200058-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.384153,VS0,VE0
etag: "h+Z5p4WR+ME0onW+a6+QWsq0l+HxHk3KCpG4wV8z0ZE"
vary: Accept
x-goog-generation: 1699311607255206
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=sKxTAA==, md5=+uvVBYx7nAKJWpx8CzYjaQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 95374
x-amz-checksum-crc32c: sKxTAA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 144, 10

GET
H2 200 00privatenyc-bond-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/10/19/nyregion/00privatenyc-bond/ 24 KB
24 KB 25ms
22ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/10/19/nyregion/00privatenyc-bond/00privatenyc-bond-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

39cb04ebdef1112f9cfd08ab486e0c2f94692d63e04eaa079512f8a14cf910e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 08:25:27 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300715
age: 76891
x-guploader-uploadid: ABPtcPq4lfP5-frvTjESJZNUCZDTe4dHMwd0eL-IJ6UhSRys8Gk6ZF94Ggqm02OoKVVgLmR-CfGtT3fxQQ
x-cache: HIT, HIT
fastly-io-info: ifsz=68504 idim=600x400 ifmt=jpeg ofsz=24124 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 24124
x-served-by: cache-iad-kcgs7200098-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.384162,VS0,VE0
etag: "fd0ZgntsBn7AtBxROeyewPXwOsGBCExg/F3/r6EVnyM"
vary: Accept
x-goog-generation: 1699257615842854
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=seb51Q==, md5=LDsAT470mpFvAkJzxdo2PQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 68504
x-amz-checksum-crc32c: seb51Q==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 29, 25

GET
H2 200 05dc-biden-flvm-threeByTwoSmallAt2X-v2.jpg
static01.nyt.com/images/2023/11/05/multimedia/05dc-biden-flvm/ 22 KB
22 KB 23ms
20ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/05/multimedia/05dc-biden-flvm/05dc-biden-flvm-threeByTwoSmallAt2X-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2db2cfa6273e20e55276f9e79223a43ac226bd4abcdc7db55a2764b9417ee3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 15:20:06 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300717
age: 52012
x-guploader-uploadid: ABPtcPqrgZLEyiyPgQe7arIhsRG1qHUjkfBahaQ2VTpJvhRhmJhA0orysuv7tSj2EndtmeEvu94
x-cache: HIT, HIT
fastly-io-info: ifsz=58586 idim=600x400 ifmt=jpeg ofsz=22384 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 22384
x-served-by: cache-iad-kjyo7100129-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.384103,VS0,VE0
etag: "cXrQ8bmOwn5SyGN0udQ3teRNwCD8Jw6PS0yP+GPYjdU"
vary: Accept
x-goog-generation: 1699283999649742
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=N1Bjww==, md5=Dqu94bJl4fBA+btwTKAE0g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 58586
x-amz-checksum-crc32c: N1Bjww==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39, 5

GET
H2 200 06nat-covenant-bwmj-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/06/multimedia/06nat-covenant-bwmj/ 52 KB
53 KB 22ms
14ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06nat-covenant-bwmj/06nat-covenant-bwmj-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

99c47f89457c9ad74212dcf0d7c3b0d893212fb17f0473dd592fdb1bf8611d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 01:17:10 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300712
age: 16189
x-guploader-uploadid: ABPtcPp_QHgt1E5mBXcAp60BcrXxSAhLdJm0UuV0hSxmWVylRqdz8K_3LvYCNuzA8nmiIJUqKrFKckncSQ
x-cache: HIT, HIT
fastly-io-info: ifsz=100302 idim=600x400 ifmt=jpeg ofsz=53642 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 53642
x-served-by: cache-iad-kjyo7100082-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.406020,VS0,VE0
etag: "c9rjdQjnZ91V2wUJi7qIxr3EPzctGf99wfZpapJjTVU"
vary: Accept
x-goog-generation: 1699319790160836
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=sP/pdg==, md5=ZSme6t52MtwsUvvZ2ZcRFQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 100302
x-amz-checksum-crc32c: sP/pdg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 126, 6

GET
H2 200 paul-krugman-thumbLarge.png
static01.nyt.com/images/2018/04/02/opinion/paul-krugman/ 21 KB
22 KB 19ms
14ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/04/02/opinion/paul-krugman/paul-krugman-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fb177985ebe75561e65bcb91d425186017f2017e70c5c7f8cf8915ef7e403181

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 02:09:42 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300713
age: 13031
x-guploader-uploadid: ADPycdv8XKkQxnOkD2NHq3d_1ASS-SztOTwWVQP_qad-z4bep1NhUg_ZEreVreJsvM9TJcYck7WpOFd9nJN7nZjBkP4HB6BRGwE0
x-cache: HIT, HIT
fastly-io-info: ifsz=35334 idim=150x150 ifmt=png ofsz=21898 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 21898
x-served-by: cache-iad-kcgs7200107-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.408782,VS0,VE0
etag: "25/bK4qfzv2YH7IHtdmueBNh4xhIINR0fD+lcq1TdCk"
vary: Accept
x-goog-generation: 1522683526678420
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=qhevTQ==, md5=m29KXnfO3NU0MLAVICO8qQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 35334
x-amz-checksum-crc32c: qhevTQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2226, 26

GET
H2 200 06udel-square320-v3.jpg
static01.nyt.com/images/2023/11/06/opinion/06udel/ 38 KB
38 KB 19ms
15ms Image
image/jpeg 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/opinion/06udel/06udel-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cceac7ac0d2450faea3f70111cdd13df45e3c976deb8cb3e989da68e145651eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 17:50:27 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 42992
x-guploader-uploadid: ABPtcPrxECVTZSM9m1nGZd4YNie4xpqbctZiKaLLbw3IGm32CKH6ONvuFGslIVpj6X4riTztybNblg1mkQ
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 38638
x-served-by: cache-iad-kiad7000118-IAD, cache-ams21022-AMS
last-modified: Mon, 06 Nov 2023 17:50:18 GMT
server: UploadServer
x-timer: S1699336019.409084,VS0,VE0
etag: "433f21041ac7fdfdb7dc64d143eb84e2"
vary: Accept
x-goog-generation: 1699293018680704
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=hqr/UA==, md5=Qz8hBBrH/f233GTRQ+uE4g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 38638
x-amz-checksum-crc32c: hqr/UA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 91

GET
H2 200 Wehner-Peter-circular-thumbLarge-v3.png
static01.nyt.com/images/2015/03/16/opinion/Wehner-Peter-circular/ 19 KB
20 KB 17ms
16ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2015/03/16/opinion/Wehner-Peter-circular/Wehner-Peter-circular-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cb9b31ff535e2b76cf704d03beeeb2b2a60e6a6206b9759040430cc7774ba72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 13:30:38 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 446269
x-guploader-uploadid: ADPycdvAvLMMNBtHIlRRpCvedYpo35NdYTt_KCrJxhxA5OVTkvv2iUMBbknzdHEHuts3lwFW-V_6FiCBMM3vUgkbyibmv2tU3G23
x-cache: HIT, HIT
fastly-io-info: ifsz=31794 idim=150x150 ifmt=png ofsz=19696 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19696
x-served-by: cache-iad-kcgs7200092-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.409615,VS0,VE0
etag: "LQ5hop57rUyQxG2a6RuS8SBcYi5kFzWJBqZuGMAUUM8"
vary: Accept
x-goog-generation: 1526145388159876
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=2G43EQ==, md5=KNevhKr8t5fsBgxv57LHIQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 31794
x-amz-checksum-crc32c: 2G43EQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5, 301

GET
H2 200 linda-greenhouse-thumbLarge.png
static01.nyt.com/images/2018/04/02/opinion/linda-greenhouse/ 24 KB
25 KB 16ms
15ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/04/02/opinion/linda-greenhouse/linda-greenhouse-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4c7e66d672ad01d9a4b945bb09097d6776e2c05383c48f6c64aba44cc24fe96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 06:57:12 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300720
age: 306669
x-guploader-uploadid: ADPycds2reim6dMEj2f2HcFnaMZpwWc0_oWHBaAHWsmu44vfrUyiIA-pdAjKTWalq383IRrRG8iKufqZi5ufcf_i9-vDBkX2mUXP
x-cache: HIT, HIT
fastly-io-info: ifsz=37145 idim=150x150 ifmt=png ofsz=24872 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 24872
x-served-by: cache-iad-kjyo7100055-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.409591,VS0,VE0
etag: "6NTQSfiCy/NzG8Auma603MGcJGgtK4cRp27daplZfTM"
vary: Accept
x-goog-generation: 1522685321653393
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=YbQBgA==, md5=ZAZNv8Bo5h9AIN0Zs6vXxQ==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 37145
x-amz-checksum-crc32c: YbQBgA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9, 304

GET
H2 200 06Havrilesky-1-zbhj-square320-v3.jpg
static01.nyt.com/images/2023/11/06/multimedia/06Havrilesky-1-zbhj/ 30 KB
30 KB 16ms
16ms Image
image/jpeg 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06Havrilesky-1-zbhj/06Havrilesky-1-zbhj-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6cc3281cee537a9c05efa58b1f4b9df336d2ad10f511eb6af0b620e65b45ed6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 16:17:44 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 48554
x-guploader-uploadid: ABPtcPp9NyIzPa5S4kTii740sBweqAKbV_CIoYmotx8RkWUBqrUO33a7MwvICF2TKCFsbx89mdRORpP1hA
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 30451
x-served-by: cache-iad-kcgs7200082-IAD, cache-ams21022-AMS
last-modified: Mon, 06 Nov 2023 16:17:33 GMT
server: UploadServer
x-timer: S1699336019.409574,VS0,VE0
etag: "4e53c20c5fda0337ca5940e935a5f857"
vary: Accept
x-goog-generation: 1699287453575625
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=H3LUHA==, md5=TlPCDF/aAzfKWUDpNaX4Vw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 30451
x-amz-checksum-crc32c: H3LUHA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 107

GET
H2 200 Peter_Coy_Final-thumbLarge.png
static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/ 19 KB
19 KB 15ms
12ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/Peter_Coy_Final-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d398b90b592b327e99a6d915c3a8b2896d03a3c6b617bb5cbbf555fa57ee9725

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 16:32:49 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 399906
x-guploader-uploadid: ADPycduC9xqPJaEW5r8_fyUfHfuhkHXC6ar9BTOSAwkek--i5tfliBcSYkw97GobxxuXeDoUEMh3rWqtVOX6zPNlTy6VXQ
x-cache: HIT, HIT
fastly-io-info: ifsz=30899 idim=150x150 ifmt=png ofsz=19030 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19030
x-served-by: cache-iad-kiad7000050-IAD, cache-ams21022-AMS
server: UploadServer
x-timer: S1699336019.425881,VS0,VE0
etag: "pKxVSvUhBTYCP2nV/TCQfl9L8Trc0nAOFrwQjd7jZzw"
vary: Accept
x-goog-generation: 1678306549211650
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=HcBmbg==, md5=a/NESZYrulE18m32Zyd6QA==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 30899
x-amz-checksum-crc32c: HcBmbg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 65, 88

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 124ms
123ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://panelsecurevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-encoding: gzip
content-length: 20
date: Tue, 07 Nov 2023 05:46:59 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EU:AM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: NH
x-samizdat-query-exe-id: 9f5876366a08d7b2
x-samizdat-query-field-errors: 0
x-served-by: cache-ams21063-AMS
x-timer: S1699336020.571229,VS0,VE109

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

POST
H2 200 track
a.et.nytimes.com/ 0
0 231ms
230ms Ping
text/plain 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
472 B 55ms
55ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&pid=1WWOnvflyouS4&cb=1&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid1_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:59 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: GNGM3ACMBTBKZK6SCNDD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://panelsecurevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: eAVPq9HAXkT1f9TrNT0bX2pQse6w52U9f5PrYEldUfFRsLur6oD-AQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
473 B 57ms
57ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&pid=1WWOnvflyouS4&cb=2&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid2_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:59 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 1ED256TTRJDSCF3ZN39P
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://panelsecurevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 4bSVNngBMnEWVSTO2PrQDEIG4lDyN2VgfnDGCF7EsBcf7_Zp5n71PA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
472 B 55ms
55ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&pid=1WWOnvflyouS4&cb=3&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid3_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:59 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: V3C95P7WCS1XJRFX2M4B
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://panelsecurevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Gk9IdoAH3Qr0Y6wvXe2w1kgvL5wtjzUancRI-NQU82j-ZZIP8_6-xg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
472 B 57ms
56ms XHR
text/javascript 108.138.9.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&pid=1WWOnvflyouS4&cb=4&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-bottom%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-bottom_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.9.235 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-9-235.fra56.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:59 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: P38F02HMG3H03TX5FG4E
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://panelsecurevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tv6V7dSVOIplAV75_4Xu65Jk-33ifKY5YMwG617eiR-pZqqmf4EeaQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 246ms
246ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3910906740233798&correlator=666380469054528&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699336019714&lmt=1699336001&adxs=0&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=107171079.1699336020&ga_sid=1699336020&ga_hid=1319404140&ga_fc=false&dlt=1699336018039&idt=1598&prev_scp=div%3Ddfp-ad-top%26pos%3Dtop%26amznbid%3D2%26amznp%3D2%26request_time%3D1618&cust_params=als_test_clientside%3Dreqfailed_reqfailed_reqfailed_203407064658%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3D%26sov%3D1%26page_view_id%3DGxPsR5P62h7p-9VwzSP3CjUb%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser&adks=2496155832&frm=20

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbffd1871439537267e23d6f4f93ea3af3294531ac2fccb9cec69df7f262b37f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13292
x-xss-protection: 0
google-lineitem-id: 6273174912
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430169524
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://panelsecurevip.secureweb.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b2a865ed5d2d14f0ebd6e5cbc8fb40e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48FF 6 KB
3 KB 115ms
27ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b2a865ed5d2d14f0ebd6e5cbc8fb40e7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://panelsecurevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:46:59 GMT
expires: Wed, 06 Nov 2024 05:46:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden config.json Show response
c.go-mpulse.net/api/ 121 B
400 B 109ms
55ms XHR
application/json 2a02:26f0:480:184::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=panelsecurevip.secureweb.top&t=5664453&v=1.720.0&sl=0&si=51325642-1c79-4f95-aeb5-8d705c5237e2-s3qo2a&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:184::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 618d457e341d1295162929ae235ba58b0823ddf062ddd2bc1dab50faa44c68df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 07 Nov 2023 05:46:59 GMT
Cache-Control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 121
Content-Type: application/json

OPTIONS
H2 405 meter.js
meter-svc.nytimes.com/ Frame 0
0 397ms
122ms Preflight 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&referer=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&pageviewID=GxPsR5P62h7p-9VwzSP3CjUb&MessageSelectionAPI=real

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-49-121.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-nyt-internal-meter-override
Access-Control-Request-Method: GET
Origin: https://panelsecurevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-length: 0
date: Tue, 07 Nov 2023 05:47:00 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 google
x-envoy-decorator-operation: meter-svc.nytimes.com:443/*
x-envoy-upstream-service-time: 18

POST
H2 403 / Show response
o82024.ingest.sentry.io/api/178860/envelope/ 56 B
125 B 23ms
22ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 05:46:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56

POST
H2 403 / Show response
o82024.ingest.sentry.io/api/178860/envelope/ 56 B
125 B 33ms
32ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 05:46:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56

GET meter.js
meter-svc.nytimes.com/ 0
0

GET
H2

200

activityi;dc_pre=CLvO2f6XsYIDFf_aOwIdoK8N3A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=1302844343.1699336020;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=45... Show response
5290727.fls.doubleclick.net/ Frame 36F8
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=1302844343.1699336020;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLvO2f6XsYIDFf_aOwIdoK8N3A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=1302844343.1699336020;u17=https%3A%2F%2Fpanelsecure...

549 B
409 B

83ms
82ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CLvO2f6XsYIDFf_aOwIdoK8N3A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=1302844343.1699336020;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

84b074311a3f7d218f369c4dccac7d656351251639e708d90f0138b2f33c4357

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://panelsecurevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:47:00 GMT
expires: Tue, 07 Nov 2023 05:47:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:47:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLvO2f6XsYIDFf_aOwIdoK8N3A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=1302844343.1699336020;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 208ms
22ms Script
application/x-javascript 2600:9000:2646:ea00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ea00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 00:04:40 GMT
content-encoding: gzip
via: 1.1 934815569b3b6127560be81f148ef706.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:52:49 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 20540
etag: W/"64d2e361-1197e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 5UiVxgOndrdJbPeGMt5cXt0ZX17Fc-TyaZPrX47fZru-Or8B5i8Adg==
expires: Wed, 08 Nov 2023 00:04:40 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
565 B 23ms
18ms Script
text/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 22:28:21 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 26319
x-guploader-uploadid: ABPtcPqDPJbrgMYMfd6uvDMz_dMnPpvoNGeVT_c8cbHunUuRlgwZz8MPA_kJXFrkamlqwBzojg8lNX65iw
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-ams21022-AMS
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1699336020.988189,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1640215841852360
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 464

GET
H2 200 comscore-streaming.js Show response
a1.nyt.com/analytics/ 103 KB
19 KB 23ms
19ms Script
text/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/comscore-streaming.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 16:42:19 GMT
date: Tue, 07 Nov 2023 05:46:59 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 47080
x-guploader-uploadid: ABPtcPoaqinRt9NdONGrc1M3BC172dd3niFbeKDw3Y0ChNUjyOyO62o2otakkZr9mlXLtQcHBtA
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18717
x-served-by: cache-ams21022-AMS
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1699336020.988220,VS0,VE0
etag: "04e0b9556a78ce5cedf86a34e5483036"
vary: Accept-Encoding
x-goog-generation: 1640215841902856
x-goog-hash: crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 105675
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 671

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 4 KB
2 KB 206ms
31ms Script
text/javascript 2606:4700:20::681a:d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51810745d3e4e28eec27857037693434619b5a9487d389a2243a555d6830f66b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 05:07:17 GMT
server: cloudflare
age: 2383
cf-polished: origSize=4727
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka8q1iT%2FYGM16G0%2FGIagc0WhXYnj%2FKnCZZ0%2BIs9pURxoinC8CSOQTTUqhdbN7qhPyCxRWXAYc65f1rm7iXLMmJBWTabgnts0br%2B2yZaMNSt43CWteF275g9%2BUDY%2BcAg3FAbCXNvlnvnvenk7lDpdRUZK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8223476dfb8c6acc-FRA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

POST
H2 200 / Show response
dd.nytimes.com/js/ 248 B
633 B 153ms
22ms XHR
application/json 18.66.97.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-95.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

8a58cb7500d1a96c853b6b353cdfb889a733ba3e755d573922b919cacc81f9d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:47:00 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 248
x-amz-cf-id: hemPI5yty6Vk57pUJzn_uIkctDnta0qCPtvf2FEPs1BqCa8s8bmtVQ==
expires: 0

POST
H3 403 / Show response
o82024.ingest.sentry.io/api/178860/envelope/ 56 B
76 B 86ms
84ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56

POST /
o82024.ingest.sentry.io/api/178860/envelope/ 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E0BC 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-hZspEyG_qLODysSKafhkVeaoTOvj17hQ7unM_77H7MLfDIUXjWneP_jf4yoceneMYqOC8M4U_OTvbgPpQyrrCMjsP3-o0HDiQdo_zLKLFW17YSCDbWo_M6espB11CINcEtrAKc6tD0_qeLdM29xZd4Ozkr6aZSIu9Uw5Q4y5odF6oq05SAXYm2QWlFfGEvgUTyQzViDMdEUuONUYOTRkbyI_l0KzOXjouWckvsKBFRhaAfUp2-CcaS4XdgxmZGYpvF1AMwrCaPnn7zdrMY06h3bkgW_2uTVTyUXprgxCUxO4JXDH0n-m39BYy8JdZ9PzhTSlAJkHQmH20xKugYE5hA7jKGwNkdPN6C_35c-lL8Uearc34pGAojbgbB-Do8djlTyIP3-2PE16ZmBmQGmBl7DrlnrdkpqLqw&sai=AMfl-YTp0nA7eHwTCMLucfDlGc96Wirf8BYZ8VmrejhdwCnkopPsuFo191QrdvK8ecBzjFC0-fAjig37GtLTOQJ7JUnE8tzPagoiWCpigbN8q2oNgQYH8uQFExeb3sX8iVKCXMEcXl4od6GRLMjEP4JDsWY&sig=Cg0ArKJSzKNvFBJyOjFnEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Nov 2023 05:47:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0BC 190 KB
60 KB 76ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 05:47:00 GMT

GET
H2 200 2776693126932317958
tpc.googlesyndication.com/simgad/ Frame E0BC 395 KB
396 KB 69ms
21ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2776693126932317958?

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaddd14677151784462e32b52a7eb07bc581b8421b3e6bd0ab05f2e677fb9748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 05:40:50 GMT
x-content-type-options: nosniff
age: 432370
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404529
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 19:08:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 05:40:50 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 126ms
126ms Ping
text/plain 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 612ms
104ms Image
image/gif 44.214.186.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=DhdjcfB3AsTzxLHep&d=panelsecurevip.secureweb.top&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=10994&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&b=2377&t=D4b0H3Bxc0jVCbP_3QDeaa76wgP6Z&V=141&i=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&tz=-60&sn=1&sv=BNz6x-CR1m3ICcFn3pCjAV6eCXZG-7&sd=1&im=06672fd3&_
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.214.186.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-214-186-146.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 05:47:00 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E0BC 0
0 68ms
67ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBhvWg4bxq2o1DMsHaa2s8FHQL8tVz_LKibTr6F6CUW4dSHhSjXUNZ6wDuqfSEuIn91g4yK_SJt-sPQMh_rjn9C81xj2kuhYGLEANr8B1s9Q5MPXhZ9iW0btiElfoQQugnzvaROo_eVEoV0aiwCL36kUdomEig-C-MSWqWeEC7D_FVxecr_zA70ysBlqGHBsZA5kY6TMS9bpZTzM8rWjIeJtnKME69qMLOWFAUlV4rFttVeXZsxCC4KfMegqluboY67yOHCtMrKXVk6QDSptMqVDAatI2IWg2j7ePr5fvrl0SpF41fXsQO_fvcrgds61ZgwZ1z5Y7nAKz8FOPSU5F3oMP5-dQONWDMoJHD7AuzLO8XssvV4GLvcw5vBj0lNnE&sai=AMfl-YSR5_2mLEWMI0OZ2QB9ktjQOape-8RylQFR9zSqyUz4OTU349UoZNrgVuLR7bR9FqwFdcqScEXEIj02lVUzWCnikBU07gsAOvI59aaeU4Tw-4x7T18Hu75gc-zOaB_mNUakwODm1OlOBYnGL5W04Ug&sig=Cg0ArKJSzLuG-qT-RVe1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Nov 2023 05:47:00 GMT

GET
DATA 200
OK truncated
/ Frame E0BC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14cf5553e7cc941ddcc3058b93490b9d3255bf29879222156d1a90860827a65e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 403 / Show response
o82024.ingest.sentry.io/api/178860/envelope/ 56 B
76 B 28ms
22ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56

POST
H3 403 / Show response
o82024.ingest.sentry.io/api/178860/envelope/ 56 B
76 B 320ms
301ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 62 KB
17 KB 352ms
351ms Script
text/javascript 2606:4700:20::681a:d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=panelsecurevip.secureweb.top
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7a118dd01892b5a9302e22b61a8e96c6c006f2ca642a8e24ad256ada052f5c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 05:47:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud1u8ytLS%2F%2FGCBoreb6P7Dfle4GerwfUaGe%2BIgA4uISMqd3K8YClYhuf73agUUbPI3Xx4M5eHRsBeFb7vR5jj228qB52Hoz%2Bl2gUm0vjyz6%2FF6Km85eN8wjKUAXOFvycsAgk27gJ92Qg56Jll8ZmG1DK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8223477158f26acc-FRA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 dc_pre=CLvO2f6XsYIDFf_aOwIdoK8N3A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=*;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1...
adservice.google.com/ddm/fls/z/ Frame 36F8 42 B
401 B 384ms
58ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLvO2f6XsYIDFf_aOwIdoK8N3A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=*;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLvO2f6XsYIDFf_aOwIdoK8N3A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4321522750195;auiddc=1302844343.1699336020;u17=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:47:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 199ms
199ms Ping
text/plain 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
143 B 113ms
18ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=panelsecurevip.secureweb.top&rnd=3252967
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=panelsecurevip.secureweb.top
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date: Tue, 07 Nov 2023 05:47:00 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H2 200 .status Show response
a.et.nytimes.com// 0
0 330ms
329ms Fetch
text/plain 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept: */*
Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 322ms
274ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

333470f6249848b532e54feaaf41e1c82c6c816960a38013f72d33eb89683e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12214
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 74ms
27ms Script
application/javascript 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a7cc369b7799fe4a3442e72d5d5e06b438dc2d350535b3cb6edc194f2804c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:00 GMT
x-amz-version-id: uq.wnYxSi9EI.nFJrrFLnIo8MjrAKLYY
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: ASRA9FZGEKS65KD9
age: 539
x-amz-server-side-encryption: AES256
x-amz-id-2: 6nj9REIQop6BSoovlOOYV2YahfaLsGuuasffowlW/XmrlcKAW/zeBSR2JuqUbcF+qd0PFfmUNwM=
last-modified: Thu, 02 Nov 2023 19:28:53 GMT
server: cloudflare
etag: W/"63ba5f33bef033632d254ca54c8ee999"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwEYm6xxwmoQQJv3epdaIj%2FoCIkppqEARK3%2BRG5hvJdAekaqfS3tRG1wzMx0XHPX256FGMVSBbjrmRDtWJgBsnfFk%2FaqYQo%2Ba8oIti%2Bj3g8qI4mvE3OSPjwvpswmqodyiDqfzYPxDr1rN9I5Rr7nnLHhVQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 822347731aa69bdc-FRA

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain

https://sb.scorecardresearch.com/c2/3005403/cs.js
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

0
381 B

34ms
34ms

Script
application/javascript

65.9.95.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol: H2
Server: 65.9.95.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-63.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:45:54 GMT
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:36 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 104
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: sTiXjjWzAa2VdebGzljoeNb96vsT4dMC2bUso7o2xMoO8zrkuBqufg==

Redirect headers

date: Tue, 07 Nov 2023 05:47:00 GMT
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
location: /internal-c2/3005403/cs.js
content-length: 0
x-amz-cf-id: J9CDOzfxyYITbDAjRidbdA2srkTZRebZYcjNmZKwDfO85dw8POZX-w==

GET
H2 200 match-prod-6baf9ab2a93fe67c4133.js Show response
platform.iteratehq.com/ 86 KB
30 KB 237ms
236ms Script
application/javascript 2606:4700:20::681a:6e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-6baf9ab2a93fe67c4133.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93a03220d2cacc03b0b40e69976cfd06201970c1febb108ac4ace5747dc114b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:01 GMT
x-amz-version-id: m6qIko0hGVLfB0fW2Ydgcxo5k1r0mneH
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: HVZXJ02K4BH8RDK6
age: 382501
x-amz-server-side-encryption: AES256
x-amz-id-2: PhJN/4QfvC/HOVZMLjmqVytA/EI6OAoTFRBCp3EFlSFwwhlWvuTjKZ+3p+7HF4X6zCQrnsZcyE8=
last-modified: Thu, 02 Nov 2023 19:28:52 GMT
server: cloudflare
etag: W/"a0edf9459ac39cd6a02228fbf64230be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqCJZbrDsIeKCiFtFjPUnoACzgc4Ir%2Ft8%2FwZh56DdxLJLDIUHsCrj8digj1AQmkIPzrgOH1zThOU2SLKnHTuaa7K2VSEhtYtO%2BllN6Vq0aFqXBJuG7s%2FoOjW%2B%2B38Vy5nAF7Lu5LnLa2ypY9QLdKY%2Bohbw1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 822347734ad59bdc-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 05:47:01 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 300 B
553 B 134ms
133ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1ac91f4b8eacd423db0efdc0981d253f15e4f6c91dac62458f51ad29c5040e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Nov 2023 05:47:01 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NteKu1todayGB6SqVRVeXpJGYxw1pcp9%2BzbSdXkb%2F%2BTR68O1MLaSTrsq9gfzwduaVMA67ABi36fYUq8cx9Qa4oxya5kshZXo1OikHSCFwWNOgf00A2dIJwCUkBr5QXxng3iPrWc9K4sNio%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82234775eba7371a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 165ms
119ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://panelsecurevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 822347752af0371a-FRA
content-length: 0
date: Tue, 07 Nov 2023 05:47:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLDtog5lEZK7pNeb%2BN4irJtST9cNM6CRk%2FNR%2BHtDO%2F1mX%2BEYO67Zpe132stc5BZLi1d7QIrk9fZxbgMYsZAmmzA3OACNkS2Feh0GnFqRqPHihdjyp4RlAsDDrWFCZesfFrBzoQH2vb6GiRU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 885A 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://panelsecurevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 27729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 22:04:52 GMT
expires: Tue, 05 Nov 2024 22:04:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4F71 829 B
1 KB 77ms
31ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

38227bcd3a8f1577343cc93aee6348e013e61543b208119ddf0c8255c1c63ce1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4OccdkQXF3YXynfdjYXNvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://panelsecurevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4OccdkQXF3YXynfdjYXNvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:47:01 GMT
expires: Tue, 07 Nov 2023 05:47:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 885A 38 KB
15 KB 59ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 20:13:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4F71 0
0 53ms
52ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=3910906740233798&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E0BC 42 B
174 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssI19tJTwSLMwvKnW1lKDPFhWaqgys2p8M2hhowMgYcv6ZP95xgDqLEFRlRr45YC92kWPx1kIxsOZORn7aRuUb9f1F4Uen9YgYuNGnqFdsSPZCMlTPkNO1LW7sHc8-vx-8kkZtW1E2Wjw&sig=Cg0ArKJSzAk9MbnvIIFMEAE&id=lidar2&mcvt=1015&p=15,436,105,1164&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20231106&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2496155832&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699336020145&rpt=175&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:47:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 885A 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CJAgCw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK cksync.php
cs.media.net/ 52 B
418 B 111ms
31ms Image
image/gif 2.18.160.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-160-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 05:47:01 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 52
x-mnet-hl2: E
Expires: Tue, 07 Nov 2023 05:47:01 GMT

GET
H2 200 pd
nytimes-d.openx.net/w/1.0/ 43 B
295 B 68ms
21ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nytimes-d.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:47:01 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 58ms
19ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:47:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
343 B 120ms
120ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTQ5Y2Y1NTBkMjUyOTAwMDE3MDA0ODMiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjk5MzM2MDIxfQ.RrWsT3oPI64ACUqHLJ8yXhVTPzo4YUOTjo8tL6j-Kfo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Nov 2023 05:47:01 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iN0ptGRDY15jIWmqzvCaGLKnTB1afecfBdOIuN%2FRLPfcDzQWPOtZnYtgmyP9yUJH3jHFYy3yRX%2BgbpgpRb0qtxQtrqZ7i6bOC3UqBSR4T0W7bB72B6mm6b2okgG7oNJYiJR5YPZRm09N0Tw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82234778bde6371a-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 119ms
119ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://panelsecurevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 82234777fd4a371a-FRA
content-length: 0
date: Tue, 07 Nov 2023 05:47:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAj2Xx6AQpiE5VYyM7p1oIHPHZeLlRbMjJiPHi%2Fm5Wf252%2BsTC4MQ7lQRAR3AOh5KWC%2F2kpTjrPAypaeBa4pwar6Zvx1uEIfrG2PnKApBlyTEATyrpRt%2BB4abChOR1l0%2FJzgxO9tKbepGLM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=3910906740233798&bg=!XV6lXhHNAAb4oU7C2KE7ADQBe5WfOA3I30uzF1TzN8A_NG3f4ZG38jqm8GONt0yd6bdni1tKTbpHwd66IbZWscw_SituAgAAAFNSAAAACGgBB5kDBYrQnmgZWx5DFKZzxuTCfScSAq9LPXSd9S54GgfqeH2OUn7KDzGMi5PX74Rd_W9NIKNez-yqeDqy4KxHe9DYnV6jsjQBTaxXo0GEi2Trblgw4HwHQU5H-SAXaW3Cp6lxryctkq0437Kv_UUuU27aVDsUu3sys7zeRZ2vO-Cajq2mdIXDRITOFg_dODQMnZooHf7DUQUelGuhWhYxEGKIPsoPNF2_JffhK4FSZ46Z-j7AR43usaq2eS8MivX7DRFQBQb_7n2aRUKE6y_fx1OCI8hhVLQOt7aNWLCLZd44duDMJ09TjyQtsQiKMACVcjWSDa17TvDh_JIXKoA-KfI8e8wHj4mxeOTsyVM_DSbpiCRnAKmS3RmWmVjeSnYQw8zOStTVPqKN9jeGWowNtQy6SjOXYFbPqPBioREGZVuaWYXDYPPWp0LD8tku6j5B97OUac67OwZUndu-GRfu_BfsQ5lW8WtR3CPr7zb2IoUjSZQTucW0FFl5QHGSFiEYIYCY8zs3sa69KGvYKY22CfGP5rwHhr-7o2-Ns8Hnjt5uHLJ6RqCChoIh9ZqcB0bizZDd8PXwKkNoKBKc3lJbg0Nu6td_3_MnHBGT4BUvBX3V4UUfniwjH3lafrVFIJsXGlU4ydNx5vuWr6zQhf6jFngPGB5i85FnkbDBqKrymlWJNDIsmssHL3tkvHdO_jh4azAB0281r2N89TbbJP38ep_0dLTsY-QcoWE1cwHFnklFWuN4gR7wWIt2nVYo9o-bnDdAh18H7KgiZMrQOOfKmR8zhC0QrtPveAz1m2g9AL4fFEdmMqF9SgOP3C4AWislel8hiXqqnG_wGIzdOoITgt89yDseQFMuEzI15a4TnKxhfBHekY0vA7CCRh39F4rJbmlIgN8P_LnSYKt2E5xqD0C3XDvTgcRufpcWeM3DeW_EAzP6IAUNiMAlndkCm8gWp7Rkh-C1PUEosVDG6HLEadCIsUVUEQZYfIBrg_JVUF1v3HI4aIihQ13Yoa65R3YhGViDU7-9THp2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://panelsecurevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

POST
H2 403 / Show response
o82024.ingest.sentry.io/api/178860/envelope/ 56 B
127 B 266ms
84ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 07 Nov 2023 05:47:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56

POST
H2 200 putRecords Show response
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 146 B
374 B 189ms
189ms Fetch
application/json 44.236.161.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.77.0/bundle.tracing.es5.debug.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.161.73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-73.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: c50f2dcf3859f06d7fd5b11fc4e1bf7fb31027a1e1f763c4782eb935f5577bd4

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
x-api-key: 79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type: application/json

Response headers

date: Tue, 07 Nov 2023 05:47:04 GMT
x-amzn-trace-id: Root=1-6549cf58-4996a0cf644293d8790afa55
x-amzn-requestid: 6985f50e-2e35-4680-9241-e45a26c91e66
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: OA1V1G29PHcEuaA=
content-length: 146

OPTIONS
H2 204 putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 0
0 614ms
244ms Preflight 44.236.161.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.161.73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-161-73.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://panelsecurevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
date: Tue, 07 Nov 2023 05:47:04 GMT
x-amz-apigw-id: OA1VzENiPHcEXkg=
x-amzn-requestid: 283f8515-d3ca-4d22-b021-a9ae6011b185

POST
H2 200 track
a.et.nytimes.com/ 0
0 251ms
250ms Ping
text/plain 52.54.49.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: panelsecurevip.secureweb.top
URL: https://panelsecurevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.54.49.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-49-121.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://panelsecurevip.secureweb.top/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: als-svc.nytimes.com
URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: purr.nytimes.com
URL: https://purr.nytimes.com/v1/purr-cache

Domain: a.nytimes.com
URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1699336018936&referrer=&sourceApp=nyt-vi

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: meter-svc.nytimes.com
URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&referer=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&pageviewID=GxPsR5P62h7p-9VwzSP3CjUb&MessageSelectionAPI=real

Domain: o82024.ingest.sentry.io
URL: https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-21 00:47:52	Name: khaos Value: LONWSFLT-1I-2L6G
.rubiconproject.com/	1970-01-21 00:47:52	Name: audit Value: 1\|SDziDG3X/EjWrbL89gSfyHMylPn9loes1z8yuimHAOIzGV0kST+Yv9uTggG9VSOWRyjYF73cXS0cXVa8ZNSejSAd9nYNykirwts17joIQBjaMvpofRrTDtVq1Qbb0Jw1vsVAPbIH/+GyqVI1k5poNA==
.nytimes.com/	1970-01-21 00:47:52	Name: nyt-a Value: 0O8OPCQwW2wxTK8ykGUvKQMe
.et.nytimes.com/	1970-01-20 16:02:17	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-21 00:47:52	Name: sessionIndex Value: 1\|1699336018480\|0O8OPCQwW2wxTK8ykGUvKQMe\|1699336018480
.et.nytimes.com/	1970-01-20 16:03:42	Name: et-ppvid Value: https://panelsecurevip.secureweb.top/=GxPsR5P62h7p-9VwzSP3CjUb
.secureweb.top/	1970-01-20 18:11:52	Name: _gcl_au Value: 1.1.1302844343.1699336020
.secureweb.top/	1970-01-21 01:23:52	Name: __gads Value: ID=633002ea853cc650:T=1699336019:RT=1699336019:S=ALNI_Ma3zXftlo6BmG8KFmfptTaEzDUd6g
.secureweb.top/	1970-01-21 01:23:52	Name: __gpi Value: UID=00000cb74b2c9c78:T=1699336019:RT=1699336019:S=ALNI_MYtNIxYrBc7eXG7VrgDQ_J-u9cRZw
.doubleclick.net/	1970-01-21 01:23:52	Name: IDE Value: AHWqTUkfDT68yrjnjvNnqfTN5v1V4MsVzLfog_lXoFavhTQYZjzxvitRBAzFa0NfCoc
.panelsecurevip.secureweb.top/	1970-01-21 00:47:52	Name: datadome Value: 1_NzT~Qzq7oXbR~jUMRVd9PPN_AJXIzgFJWtSiAVRUfEVxAeTVbyvLwvhmUoLyajM2kdvMcLBJcGzSXC_Yc4_QIBsNG~rs2vRItPnhDrZ3pqt7FMAcK1P15Bh_4SOr2I
.secureweb.top/	1970-01-21 01:31:04	Name: _cb Value: DhdjcfB3AsTzxLHep
.secureweb.top/	1970-01-21 01:31:04	Name: _chartbeat2 Value: .1699336020272.1699336020272.1.BNz6x-CR1m3ICcFn3pCjAV6eCXZG-7.1
.secureweb.top/	1970-01-20 16:02:17	Name: _cb_svref Value: null
.secureweb.top/	1970-01-21 01:38:16	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTQ5Y2Y1NTBkMjUyOTAwMDE3MDA0ODMiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjk5MzM2MDIxfQ.RrWsT3oPI64ACUqHLJ8yXhVTPzo4YUOTjo8tL6j-Kfo
panelsecurevip.secureweb.top/	1970-01-20 16:02:16	Name: _dd_s Value: rum=0&expire=1699336918601

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://panelsecurevip.secureweb.top/(Line 19) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.sentry-cdn.com/7bc8bccf5c254286a99b11c68f6bf4ce.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://panelsecurevip.secureweb.top/(Line 19) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.sentry-cdn.com/7bc8bccf5c254286a99b11c68f6bf4ce.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://panelsecurevip.secureweb.top/ Message: Access to XMLHttpRequest at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://panelsecurevip.secureweb.top' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://panelsecurevip.secureweb.top/ Message: Access to XMLHttpRequest at 'https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web' from origin 'https://panelsecurevip.secureweb.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://panelsecurevip.secureweb.top/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://panelsecurevip.secureweb.top' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://panelsecurevip.secureweb.top/ Message: Access to fetch at 'https://purr.nytimes.com/v1/purr-cache' from origin 'https://panelsecurevip.secureweb.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://purr.nytimes.com/v1/purr-cache Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://panelsecurevip.secureweb.top/ Message: Access to fetch at 'https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1699336018936&referrer=&sourceApp=nyt-vi' from origin 'https://panelsecurevip.secureweb.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1699336018936&referrer=&sourceApp=nyt-vi Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://panelsecurevip.secureweb.top/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://panelsecurevip.secureweb.top' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=panelsecurevip.secureweb.top&t=5664453&v=1.720.0&sl=0&si=51325642-1c79-4f95-aeb5-8d705c5237e2-s3qo2a&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao= Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://panelsecurevip.secureweb.top/ Message: Access to fetch at 'https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&referer=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&pageviewID=GxPsR5P62h7p-9VwzSP3CjUb&MessageSelectionAPI=real' from origin 'https://panelsecurevip.secureweb.top' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&referer=https%3A%2F%2Fpanelsecurevip.secureweb.top%2F&pageviewID=GxPsR5P62h7p-9VwzSP3CjUb&MessageSelectionAPI=real Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://o82024.ingest.sentry.io/api/178860/envelope/?sentry_key=7bc8bccf5c254286a99b11c68f6bf4ce&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
aax.amazon-adsystem.com
adservice.google.com
als-svc.nytimes.com
b2a865ed5d2d14f0ebd6e5cbc8fb40e7.safeframe.googlesyndication.com
browser.sentry-cdn.com
c.amazon-adsystem.com
c.go-mpulse.net
cdn.brandmetrics.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
cs.media.net
dd.nytimes.com
eb2.3lift.com
fastlane.rubiconproject.com
g1.nyt.com
ib.adnxs.com
iteratehq.com
js.sentry-cdn.com
meter-svc.nytimes.com
nytimes-d.openx.net
o82024.ingest.sentry.io
pagead2.googlesyndication.com
panelsecurevip.secureweb.top
platform.iteratehq.com
pnytimes.chartbeat.net
prebid.media.net
prod.tahoe-analytics.publishers.advertising.a2z.com
purr.nytimes.com
rtb.openx.net
rumcdn.geoedge.be
s.go-mpulse.net
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tlx.3lift.com
tpc.googlesyndication.com
www.datadoghq-browser-agent.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
a.nytimes.com
als-svc.nytimes.com
meter-svc.nytimes.com
o82024.ingest.sentry.io
purr.nytimes.com
samizdat-graphql.nytimes.com
108.138.9.235
13.248.245.213
142.250.186.134
151.101.1.164
151.101.193.164
18.66.112.124
18.66.97.95
185.89.210.212
2.18.160.23
20.50.2.28
2600:9000:2491:0:4:b37b:9440:93a1
2600:9000:2646:ea00:18:1fcd:353:c61
2602:803:c003:200::41
2606:4700:20::681a:6e5
2606:4700:20::681a:7e5
2606:4700:20::681a:d12
2a00:1450:4001:803::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a02:26f0:3100:795::11a6
2a02:26f0:480:184::11a6
2a04:4e42:600::729
2a06:98c1:3121::3
3.74.50.207
34.120.195.249
34.120.63.153
35.227.252.103
35.244.159.8
44.214.186.146
44.236.161.73
52.54.49.121
65.9.89.147
65.9.90.93
65.9.95.63
007070e6f905e2aefbfcc7568cdf61c38a422d933c9c8166a6ba2f6223dd9ec5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b75f1263c2e4a65318c576d3de943c8792d344b061a366548a1bb93ff8942aa
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
11cad19b226383c7e859031e5cd320644ad1a33d12abc2689a4d3bdbc8253ab7
14cf5553e7cc941ddcc3058b93490b9d3255bf29879222156d1a90860827a65e
15bb3ffc59f462f8200d11db9a59ac35b5ed9b197e6d20596fc68fa16e73de69
17615132642880808e44f8f5b54edef8ee37a514e003b6faf98014ecca401194
1b1b5eba0b40959ff84b21b6456846aa72149e00d06f96b412df8cd64ae683f3
1b212ea12e667d35e7127d3c59788897d07d32a661336ccf122b02af12fab96d
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9
20a1e05cca983d2c838b5637de79857db90bd69705e38126260f9dca7fc29186
23e7da19feddfb3d4b99b0e20b886d719eed6e0c0de5116c57edd0a17be32fd8
241b98aa7a1fac734a3cb7ef86a2a3eb055f4cce1c5380bc63fd275f8d320624
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
2db2cfa6273e20e55276f9e79223a43ac226bd4abcdc7db55a2764b9417ee3b8
333470f6249848b532e54feaaf41e1c82c6c816960a38013f72d33eb89683e1a
352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d
37135696f5afe7dd4a4f6d8632b1a69db1b03632ea2172a900df7f48085070eb
38227bcd3a8f1577343cc93aee6348e013e61543b208119ddf0c8255c1c63ce1
39cb04ebdef1112f9cfd08ab486e0c2f94692d63e04eaa079512f8a14cf910e6
3f490a3d712a85f6a22c14ab88ae66da554b9b0a858695b272bf19db3a748afc
3f91fa3c8c68bf9155006b179e21c46ef9abf71d6b5a4e11a74a40e5b176da65
41d61937d6f1b2b8887f735949cb30f7be1f3027a5d495621672f0d8fd3f9d14
4501bb0294daf1a98751db74fe0917f9134d90ab743318c3e8a7d9722efbae41
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4af9b52b5cf0f6a694ec51e283ccabc662be7881a3ecefecccf5441a687a894a
4ba9c62e2d791768ee9cf91a2257b631d3d3d3e4d0039b2d60affb962b562219
4c7e66d672ad01d9a4b945bb09097d6776e2c05383c48f6c64aba44cc24fe96a
4caf6c7af5ea1580e3aa315c7e5375aa7d6aec929faca9b0fe0687113cb83e20
4d3928e5b934069fa3b78d716121fd1838737cb5b1aecd98b82e62982435ada6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
51810745d3e4e28eec27857037693434619b5a9487d389a2243a555d6830f66b
52dc9d8c27d10f6478e371f82bd0e12f56758f4c40337149c3bfd0df8318a5b2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
56e6f324b5c96993959adc6f720bfb789bdf4a9db9e2ef5ba1e78ff0ab712225
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5d7824c56fadbab811bb6be7b48d8eec8fd4269877246eeed5b9b33d1a953292
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e58c4c90b85eda4055a5b30fe55ef60cbcf6ea093311f2ff38861c7b4fe448a
5ed9e9f81abee651d7645c6ae932a099ff7595eb893df2bd66306c818adf5a39
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
618d457e341d1295162929ae235ba58b0823ddf062ddd2bc1dab50faa44c68df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cd01bf8a87ddc8a07e6491ea1ab7bb28613587cfddd7c9664dda47f71dcda3
644159a517427813378bf283fb86f497ef2fd81c8656225b3e209972f0e4ccbb
646d2a9c9d07b7d22fea45512a9d6fd226411c0e8083433a8709e4a22cc7e454
66debd0db62a3f53e72503a053f862b586a886e6a399fd8243b5e0180d304dec
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6a7cc369b7799fe4a3442e72d5d5e06b438dc2d350535b3cb6edc194f2804c79
6cc3281cee537a9c05efa58b1f4b9df336d2ad10f511eb6af0b620e65b45ed6b
6e2ebe67009b7cfad70167fc977f56844eae0683b216f8fb12fa6e9bdd7dac29
71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a
73bd4d0f8a3ec1a6b0ec41f111a2b46ba4c242d4dc7bdf0817c4af97a6dfa48e
752ca31375491e290c49bc0f9023c9658fa4662b362be601522128a0b1b7c128
767ebea232693901e0dcf16289fb7217d75bd3edf75031df79d6c253b5ded8bc
7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65
7c65354f69fbaf3704fa399fb2755f8f1e12a4febd45037a125f17de050fca7c
7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47
7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1
7e9b1bcc8b7f6c40a146c67b1ae4d804d1a00f9374ebd5ce5b4f2de65ff69cc6
82359bf9a1eb50bb2a478f649f8302550b39c5d7ec00b623e718a58364a5cc7e
832c2e84f40e3512fc4a9326e54e6c3a8e8b91d691dd601e5716ab8b4cd01f32
84b074311a3f7d218f369c4dccac7d656351251639e708d90f0138b2f33c4357
868fa0aee4b3170445519391c249b544438425cdb392aba77b9dae9b5ea7e27f
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a58cb7500d1a96c853b6b353cdfb889a733ba3e755d573922b919cacc81f9d4
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8bafef9de45070f320e6d34730a285286b7b00ae2fbc1757ef49b1ff21d80c24
8efe1572be12f6646d54cfb294c79d31a010fa99cf4948e168582234b0464f11
9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294
93a03220d2cacc03b0b40e69976cfd06201970c1febb108ac4ace5747dc114b2
94df5d2926f84023b53a7b88d959ec0a24857fccc905c82b5bee2869845eb4c4
99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e
99c47f89457c9ad74212dcf0d7c3b0d893212fb17f0473dd592fdb1bf8611d7b
9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47
9ec978213051509467672fa65a939d16cadd988e81d53c81bf6fd5b81e90151f
9fd1e8da45cc479046e68a609cadd9bdb7b4e177687de4bdd890c7cb78b6e6f6
a500afc866062030e5a0314da72313ab8fbda561df3571d832a56576d6e1da46
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a8a1b5deb1793b58ca907d8d3264d29b825d487ee141cee3c5cfb98afd0ba20a
aaddd14677151784462e32b52a7eb07bc581b8421b3e6bd0ab05f2e677fb9748
ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b
af7a6a4f4fa60eba9bfef2d79977d00c79a0b8848f2163a246641299d4dcc9c8
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8
be9dcda7136b10664180d9376d56acf52cb27126082e1dd1fda47ca67316de55
c01bb7101c3b034d4e913bdc36280e1a3034d84ab1f8ab674e0d43e75f20e229
c4fd486c427aff4879822fc8e342979aa0110d283582bbee589cb941de95f39f
c50f2dcf3859f06d7fd5b11fc4e1bf7fb31027a1e1f763c4782eb935f5577bd4
ca7a118dd01892b5a9302e22b61a8e96c6c006f2ca642a8e24ad256ada052f5c
cb554020ec10b151dcccf7f5eae72f7807d392f2324582f4ae45168ccf9b007e
cb9b31ff535e2b76cf704d03beeeb2b2a60e6a6206b9759040430cc7774ba72e
cceac7ac0d2450faea3f70111cdd13df45e3c976deb8cb3e989da68e145651eb
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1ac91f4b8eacd423db0efdc0981d253f15e4f6c91dac62458f51ad29c5040e7
d1afec1ae97e85059d8bc36b774818c924a47040f9a956870e719e7ce231dc0d
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d398b90b592b327e99a6d915c3a8b2896d03a3c6b617bb5cbbf555fa57ee9725
d9828a91702b4db79d0b02c33f81ebc8f604827e77682371b10f9f2dd2581103
dc288edaf30d3566c6a43f7db44c69243ef51481f3ae50a4b35868d6ac11706a
de417027b3c04d64f0f0e42493e0cb5a6936609eb56f6f0440580a191d6d6b2c
de6cfbbb2c9495f7f6cabdea7e0abd91e45e1a055d45ac5ae903060e98d2e640
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e7f4ae3d77496807413afb4a0d56451b31667200c0293d3e89df130190e1f10b
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
eb66d19d76b2a591f290eb9cbefa2faf0a2c8f90b124cb937270ab4b8adee08e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f256b1151bcdcb1156ec95c6e40a56f17a91ef8b6668bcd9d113779d98cebf42
f2e4eb2e6499e7805732b936694778a0547e32010bca773807743cfcd8e4b049
f6c2c44352cc62f88c3b2a49f0cb59231b4f9e65dae8f24d6ca0647e3df906d4
f9619e7a1dc4ec09dc3d6c5df8aa6eada684c79482d283459eac511852d5bb3c
fb177985ebe75561e65bcb91d425186017f2017e70c5c7f8cf8915ef7e403181
fbffd1871439537267e23d6f4f93ea3af3294531ac2fccb9cec69df7f262b37f
fcb0ab4f6d3a4da0916061428974c4e222922d127a1da82f2e79173fa2fea1ac
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

panelsecurevip.secureweb.top Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

168 Requests

95 %HTTPS

46 %IPv6

25 Domains

47 Subdomains

40 IPs

3 Countries

3173 kBTransfer

8285 kBSize

16 Cookies

285 Outgoing links

Redirected requests

168 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

panelsecurevip.secureweb.top Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

168
Requests

95 %
HTTPS

46 %
IPv6

25
Domains

47
Subdomains

40
IPs

3
Countries

3173 kB
Transfer

8285 kB
Size

16
Cookies

168 HTTP transactions
2 data transactions