securevip.secureweb.top Open in urlscan Pro
94.131.110.93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securevip.secureweb.top/
Submission: On November 07 via automatic, source certstream-suspicious (November 7th 2023, 5:46:56 am UTC) — Scanned from DE

Summary HTTP 182 Redirects Links 285 Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 24 domains to perform 182 HTTP transactions. The main IP is 94.131.110.93, located in Frankfurt am Main, Germany and belongs to STARK-INDUSTRIES, GB. The main domain is securevip.secureweb.top.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.

This is the only time securevip.secureweb.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	94.131.110.93 94.131.110.93	44477 (STARK-IND...) (STARK-INDUSTRIES)
39	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
1	13.225.83.103 13.225.83.103	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
5	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
6	52.3.42.214 52.3.42.214	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:249... 2600:9000:2491:1200:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.112.4 18.66.112.4	16509 (AMAZON-02) (AMAZON-02)
5	18.66.138.185 18.66.138.185	16509 (AMAZON-02) (AMAZON-02)
1	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	35.156.170.234 35.156.170.234	16509 (AMAZON-02) (AMAZON-02)
5	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.66.97.36 18.66.97.36	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1	44.211.112.71 44.211.112.71	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2646:400:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:4842	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	23.23.164.244 23.23.164.244	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	20.50.2.28 20.50.2.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::201b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700:20:... 2606:4700:20::681a:7e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
182	39

36 94.131.110.93 (Frankfurt am Main, Germany)

ASN44477 (STARK-INDUSTRIES, GB)
PTR: secureweb.top

securevip.secureweb.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-103.fra2.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.3.42.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-42-214.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:1200:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-4.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.138.185 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-185.fra60.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.170.234 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-170-234.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-36.fra56.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.211.112.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-112-71.compute-1.amazonaws.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:400:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4842 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.23.164.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-164-244.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.50.2.28 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

nyt-dti-prd-staticjs.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:7e5 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

nytimes-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	nyt.com g1.nyt.com — Cisco Umbrella Rank: 7214 static01.nyt.com — Cisco Umbrella Rank: 5347 a1.nyt.com — Cisco Umbrella Rank: 6906	864 KB
36	secureweb.top securevip.secureweb.top	1 MB
18	googlesyndication.com d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	1 MB
14	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 7412	207 KB
14	nytimes.com samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 5747 a.et.nytimes.com — Cisco Umbrella Rank: 5208 als-svc.nytimes.com Failed www.nytimes.com — Cisco Umbrella Rank: 3593 dd.nytimes.com — Cisco Umbrella Rank: 7435 purr.nytimes.com Failed a.nytimes.com Failed meter-svc.nytimes.com — Cisco Umbrella Rank: 17109 static01.nytimes.com — Cisco Umbrella Rank: 8854	147 KB
9	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598 aax.amazon-adsystem.com — Cisco Umbrella Rank: 394	71 KB
6	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 5915 iteratehq.com — Cisco Umbrella Rank: 5338	32 KB
5	gstatic.com fonts.gstatic.com	73 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 nyt-dti-prd-staticjs.storage.googleapis.com — Cisco Umbrella Rank: 19433	7 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 513	4 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	180 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 2806 collector.brandmetrics.com — Cisco Umbrella Rank: 3212	20 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	863 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 105 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1335 cs.media.net — Cisco Umbrella Rank: 1513	1 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 572 eb2.3lift.com — Cisco Umbrella Rank: 417	748 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 695 nytimes-d.openx.net — Cisco Umbrella Rank: 12828	559 B
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 2295	57 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	182 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 14376	515 B
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 6725	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1585	24 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 246	624 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1471	50 KB
182	24

	Domain	Requested by
36	securevip.secureweb.top	securevip.secureweb.top rumcdn.geoedge.be www.datadoghq-browser-agent.com
25	static01.nyt.com	securevip.secureweb.top www.datadoghq-browser-agent.com
12	securepubads.g.doubleclick.net	rumcdn.geoedge.be www.datadoghq-browser-agent.com d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com securevip.secureweb.top www.googletagservices.com
12	g1.nyt.com	securevip.secureweb.top g1.nyt.com
10	tpc.googlesyndication.com	d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com rumcdn.geoedge.be
6	a.et.nytimes.com	securevip.secureweb.top www.datadoghq-browser-agent.com
5	pagead2.googlesyndication.com	www.datadoghq-browser-agent.com tpc.googlesyndication.com www.googletagservices.com
5	fonts.gstatic.com	fonts.googleapis.com
5	fastlane.rubiconproject.com	www.datadoghq-browser-agent.com
5	aax.amazon-adsystem.com	www.datadoghq-browser-agent.com
4	iteratehq.com	www.datadoghq-browser-agent.com
4	fonts.googleapis.com	d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com client
3	www.googletagservices.com	d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com rumcdn.geoedge.be
3	d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
3	sb.scorecardresearch.com	1 redirects securevip.secureweb.top
3	c.amazon-adsystem.com	securevip.secureweb.top www.datadoghq-browser-agent.com
3	samizdat-graphql.nytimes.com	securevip.secureweb.top www.datadoghq-browser-agent.com
2	platform.iteratehq.com	securevip.secureweb.top platform.iteratehq.com
2	cdn.brandmetrics.com	www.googletagmanager.com rumcdn.geoedge.be
2	a1.nyt.com	securevip.secureweb.top www.googletagmanager.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	dd.nytimes.com	securevip.secureweb.top www.datadoghq-browser-agent.com
2	rumcdn.geoedge.be	securevip.secureweb.top rumcdn.geoedge.be
2	www.googletagmanager.com	securevip.secureweb.top www.googletagmanager.com
1	eb2.3lift.com
1	cs.media.net
1	nytimes-d.openx.net
1	www.google.com	rumcdn.geoedge.be
1	nyt-dti-prd-staticjs.storage.googleapis.com	static01.nytimes.com
1	static01.nytimes.com	d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	adservice.google.de	adservice.google.com
1	pnytimes.chartbeat.net	securevip.secureweb.top
1	adservice.google.com	5290727.fls.doubleclick.net
1	static.chartbeat.com	securevip.secureweb.top
1	meter-svc.nytimes.com	www.datadoghq-browser-agent.com
1	prebid.media.net	www.datadoghq-browser-agent.com
1	tlx.3lift.com	www.datadoghq-browser-agent.com
1	rtb.openx.net	www.datadoghq-browser-agent.com
1	ib.adnxs.com	www.datadoghq-browser-agent.com
1	config.aps.amazon-adsystem.com	rumcdn.geoedge.be
1	www.nytimes.com	securevip.secureweb.top
1	www.datadoghq-browser-agent.com	securevip.secureweb.top
0	a.nytimes.com Failed	www.datadoghq-browser-agent.com
0	purr.nytimes.com Failed	www.datadoghq-browser-agent.com
0	als-svc.nytimes.com Failed	securevip.secureweb.top
182	46

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com
cn.nytimes.com
cooking.nytimes.com
theathletic.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
securevip.secureweb.top R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
nytimes.com Thawte RSA CA 2018	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-14` - `2024-01-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
a.et.nytimes.com R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-08` - `2024-04-06`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
meter-svc.nytimes.com R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2023-05-10` - `2024-06-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
iteratehq.com E1	`2023-09-24` - `2023-12-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://securevip.secureweb.top/
Frame ID: 91602AF6A18809EC3D1335815B372DBD
Requests: 138 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F
Frame ID: 29A64A0EE11A583023F2212104DE19C0
Requests: 1 HTTP requests in this frame

Frame: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4F0F136FBDC896FFA4A68E977DDA534F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F
Frame ID: 1197CD352996B93DC34FEDED7014122E
Requests: 1 HTTP requests in this frame

Frame: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 47F99F6C6864972DA5950B1F94418191
Requests: 12 HTTP requests in this frame

Frame: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 79C56541AD92F79B9BE4A3A1E72FFA6D
Requests: 16 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F
Frame ID: 76A7D5A0B34EF4D3680A1D1366397D34
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4CPNSaxi6Kps_eBHMTzBsqC5Mhfx6tjt3VFqQKx2yHo0HPI_iuiALYMUiGWsLvCiDafjdXYkh_4BAc7I0Q-k89mVDadiExvqUATiE5EVEHypOuAxRWG_YGGH2FTS2e2pd7CjYoGqzf6cUU2I9SPqcZi8jXSLLEWlPJiUqippBseQfn4YitISnM3Iawa66L9qTTXAdP9bYoDZnIzKwS3WPJCGgpWmy3LclfHEYKV86YVJKJ4nJlAN9Ky8XmkMnW9jQayUK6OCQEmIRYZ6E_AYkXtEiBwX_H3ctnGpVxvbnkJnelg9ynhBaoujGe0BqrOvTE0k_UdY5j-dBZNWUBtnB9BbpFxz9iWaTSklxsuzw_rcqiXe31vVCA511IHvTgnZqHkn7Sa_9_m5vxjkybMxxZp3OiP0&sai=AMfl-YSZEvewK_PjyMOg2rhR3V__ibAfcMJEnZ4id-s9dOVLDWu6PhYn7Qo32BVU8EAZjXVfWxKyXuKW_NUNJBogcJDuNq4GhdXoKiyDXGBs_3z_dkZJL7S63ZnV6XJ_FTc&sig=Cg0ArKJSzA7HRTpLehebEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0D49889F94BE24FB0ADB3D0D4569E419
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCD05BFD5C37A18D44FC2D55A72820B3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6AC3CB303ED24CD19745A26BFAF0C192
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The New York Times - Breaking News, US News, World News and VideosGroupGroupGroup

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

182
Requests

96 %
HTTPS

45 %
IPv6

24
Domains

46
Subdomains

39
IPs

3
Countries

4060 kB
Transfer

9237 kB
Size

16
Cookies

285 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/es/
Title: Español

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/todayspaper
Title: Today’s Paper

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/us
Title: U.S.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/nyregion
Title: New York

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/california-today
Title: California

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/education
Title: Education

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/obituaries
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/science
Title: Science

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/climate
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/upshot
Title: The Upshot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/magazine
Title: The Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/2024-election
Title: 2024 Elections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-supreme-court
Title: Supreme Court

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-congress
Title: Congress

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/joe-biden
Title: Biden Administration

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2023/11/06/us/trump-biden-times-siena-poll-updates
Title: Times/Siena Poll

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2023/11/06/nyregion/trump-fraud-trial
Title: Trump’s Civil Fraud Trial

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing
Title: The MorningMake sense of the day’s news and ideas.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/upshot
Title: The UpshotAnalysis that explains politics, policy and everyday life.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters
Title: See all newsletters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-daily
Title: The DailyThe biggest stories of our time, in 20 minutes a day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/election-run-up-podcast
Title: The Run-UpOn the campaign trail with Astead Herndon.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/podcasts
Title: See all podcasts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/africa
Title: Africa

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/americas
Title: Americas

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/asia
Title: Asia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/australia
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/canada
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/europe
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/middleeast
Title: Middle East

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/israel-hamas-gaza
Title: Israel-Hamas War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/ukraine-russia
Title: Russia-Ukraine War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing-europe
Title: Morning Briefing: EuropeGet what you need to know to start your day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-interpreter
Title: The InterpreterOriginal analysis on the week’s biggest global stories.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/australia-letter
Title: Australia LetterNews, features and opinion for readers in the region.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/canada-letter
Title: Canada LetterBackstories and analysis from our Canadian correspondents.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/economy
Title: Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/media
Title: Media

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/markets-overview
Title: Finance and Markets

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/dealbook
Title: DealBook

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology/personaltech
Title: Personal Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/energy-environment
Title: Energy Transition

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/your-money
Title: Your Money

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/economy-business-us
Title: U.S. Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/subject/organized-labor
Title: Organized Labor

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/artificial-intelligence
Title: The Age of A.I.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/dealbook
Title: DealBookThe most crucial business and policy news you need to know.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/hard-fork
Title: Hard ForkOur tech journalists help you make sense of the rapidly changing tech world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts
Title: Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/books
Title: Books

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/books/best-sellers
Title: Best Sellers

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/dance
Title: Dance

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/movies
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/television
Title: Television

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/theater
Title: Theater

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/pop-culture
Title: Pop Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/t-magazine
Title: T Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/design
Title: Visual Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/critics-picks
Title: Critic’s Picks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/books-to-read
Title: What to Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/what-to-watch
Title: What to Watch

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/playlist
Title: What to Listen To

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/10/27/arts/music/music-fivemins-collection.html
Title: 5 Minutes to Make You Love Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/read-like-the-wind
Title: Read Like the WindBook recommendations from our critics.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/watching
Title: WatchingStreaming TV and movie recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/book-review-podcast
Title: Book ReviewThe podcast that takes you inside the literary world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/popcast-pop-music-podcast
Title: PopcastPop music news, new songs and albums, and artists of note.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well
Title: Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/food
Title: Food

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion/weddings
Title: Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/travel
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/style
Title: Style

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion
Title: Fashion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/realestate
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love
Title: Modern Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-hunt
Title: The Hunt

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/social-qs
Title: Social Q’s

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-ethicist
Title: The Ethicist

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/eat
Title: Eat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/move
Title: Move

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/mind
Title: Mind

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/family
Title: Family

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/live
Title: Live

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ask-well
Title: Ask Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/open-thread-fashion
Title: Open ThreadThe latest news on what we wear, by our chief fashion critic.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/love-letter
Title: Love LetterReal stories of relationship highs, lows and woes.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love-podcast
Title: Modern LoveThe complicated love lives of real people.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion
Title: Opinion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/contributors
Title: Guest Essays

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/editorials
Title: Editorials

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/op-docs
Title: Op-Docs

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/opinion-video
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/letters
Title: Letters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/international-world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/business-economics
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/environment
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/culture
Title: Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/charles-m-blow
Title: Charles M. Blow

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/jamelle-bouie
Title: Jamelle Bouie

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/david-brooks
Title: David Brooks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/gail-collins
Title: Gail Collins

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ross-douthat
Title: Ross Douthat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/maureen-dowd
Title: Maureen Dowd

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/david-french
Title: David French

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/thomas-l-friedman
Title: Thomas L. Friedman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/michelle-goldberg
Title: Michelle Goldberg

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ezra-klein
Title: Ezra Klein

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/nicholas-kristof
Title: Nicholas Kristof

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/paul-krugman
Title: Paul Krugman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/carlos-lozada
Title: Carlos Lozada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/farhad-manjoo
Title: Farhad Manjoo

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/tressie-mcmillan-cottom
Title: Tressie McMillan Cottom

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/pamela-paul
Title: Pamela Paul

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/lydia-polgreen
Title: Lydia Polgreen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/bret-stephens
Title: Bret Stephens

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/zeynep-tufekci
Title: Zeynep Tufekci

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/matter-of-opinion
Title: Matter of OpinionThoughts, aloud. With Michelle Cottle, Ross Douthat, Carlos Lozada and Lydia Polgreen.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ezra-klein-podcast
Title: The Ezra Klein ShowDiscussions of ideas that matter, plus book recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/audio/app
Title: Download the Audio app on iOS.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-headlines
Title: The Headlines

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/podcasts/serial-productions.html
Title: Serial Productions

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/reporter-reads
Title: Reporter Reads

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/the-sunday-read
Title: The Sunday Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/10/19/podcasts/serial-kids-rutherford-county.html
Title: The Kids of Rutherford CountyA series about how one county illegally jailed children.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/audio
Title: AudioOur editors share their favorite listens from the New York Times Audio app.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription/all-access
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords
Title: Games

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/spelling-bee
Title: Spelling Bee

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/mini
Title: The Mini Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/wordle/index.html
Title: Wordle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/daily/
Title: The Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/vertex
Title: Vertex

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/connections
Title: Connections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/sudoku
Title: Sudoku

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/letter-boxed
Title: Letter Boxed

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/tiles
Title: Tiles

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/spelling-bee-forum
Title: Spelling Bee Forum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/daily-crossword-column
Title: Wordplay Column

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/wordle-review
Title: Wordle Review

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/article/submit-crossword-puzzles-the-new-york-times.html
Title: Submit a Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/puzzle-making
Title: Meet Our Crossword Constructors

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2022/09/19/crosswords/mini-to-maestro-part-1.html
Title: Mini to Maestro

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/upshot/wordle-bot.html
Title: Wordlebot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/gameplay
Title: GameplayPuzzles, brain teasers, solving tips and more.

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-recipes
Title: Easy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/dinner-recipes
Title: Dinner

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/43843372-quick-recipes
Title: Quick

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/healthy-recipes
Title: Healthy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/breakfast
Title: Breakfast

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegetarian
Title: Vegetarian

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegan-recipes
Title: Vegan

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-chicken-recipes
Title: Chicken

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-pasta-recipes
Title: Pasta

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/desserts
Title: Dessert

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/thanksgiving
Title: Thanksgiving Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-weeknight
Title: Easy Weeknight

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/32998034-our-newest-recipes
Title: Newest Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/2370458-one-pot-dinner-recipes
Title: One-Pot Meals

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/950138-amazing-slow-cooker-recipes
Title: Slow Cooker Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/comfort-food
Title: Comfort Food

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/entertaining
Title: Party Recipes

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/cooking
Title: The Cooking NewsletterCulinary inspiration from Sam Sifton and Melissa Clark.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-veggie
Title: The VeggieDelicious vegetarian recipes and tips from Tanya Sichynsky.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/five-weeknight-dishes
Title: Five Weeknight DishesDinner ideas for busy people from Emily Weinstein.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/
Title: Wirecutter

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter
Title: WirecutterReviews and recommendations for thousands of products.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/kitchen-dining/
Title: Kitchen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/electronics/
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/sleep/
Title: Sleep

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/appliances/
Title: Appliances

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/home-garden/
Title: Home and Garden

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/make-a-plan/moving/
Title: Moving

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/gifts/
Title: Gifts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/deals/
Title: Deals

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/baby-kid/
Title: Baby and Kid

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/health-fitness/
Title: Health and Fitness

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-air-purifier/
Title: Air Purifier

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-electric-toothbrush/
Title: Electric Toothbrush

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-pressure-washer/
Title: Pressure Washer

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-cordless-stick-vacuum/
Title: Cordless Stick Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-office-chair/
Title: Office Chair

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-robot-vacuum/
Title: Robot Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-recommendation
Title: The RecommendationThe best independent reviews, expert advice and intensively researched deals.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/clean-everything
Title: Clean EverythingStep-by-step advice on how to keep everything in your home squeaky clean.

Search URL Search Domain Scan URL

URL: https://theathletic.com/
Title: The Athletic

Search URL Search Domain Scan URL

URL: https://theathletic.com/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://theathletic.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://theathletic.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/premier-league/
Title: Premier League

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-football/
Title: NCAAF

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-basketball/
Title: NCAAM

Search URL Search Domain Scan URL

URL: https://theathletic.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://theathletic.com/womens-college-basketball/
Title: NCAAW

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/mls/
Title: MLS

Search URL Search Domain Scan URL

URL: https://theathletic.com/formula-1/
Title: Formula 1

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/nwsl/
Title: NWSL

Search URL Search Domain Scan URL

URL: https://theathletic.com/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://theathletic.com/5029763/2023/11/06/nfl-midseason-week-9-mvp-coach-of-the-year/
Title: N.F.L. Week 9

Search URL Search Domain Scan URL

URL: https://theathletic.com/5034958/2023/11/06/daniel-jones-acl/
Title: Giants' Daniel Jones Injured

Search URL Search Domain Scan URL

URL: https://theathletic.com/5025639/2023/11/06/college-basketball-predictions-who-will-win-the-2024-ncaa-title/
Title: College Basketball Predictions

Search URL Search Domain Scan URL

URL: https://theathletic.com/5033625/2023/11/06/nhl-weekend-rankings-ducks-golden-knights/
Title: N.H.L. Power Rankings

Search URL Search Domain Scan URL

URL: https://theathletic.com/5033501/2023/11/06/arsenal-referees-briefing-column/
Title: Premier League Latest

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-pulse
Title: The PulseDelivering the top stories in sports, Sunday to Friday.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-windup
Title: The WindupThe biggest stories in baseball, by Levi Weaver with Ken Rosenthal.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-bounce
Title: The BounceEssential NBA news from Zach Harper and Shams Charania.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/full-time
Title: Full TimeThe biggest women's soccer stories, from Emily Olsen, Meg Linehan & Steph Yang

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/biden-israel-gaza-ukraine.html
Title: AnalysisBiden Confronts the Limits of U.S. Leverage in Two ConflictsPresident Biden’s influence over Israel and Ukraine seems far more constrained than expected, given his central role as the supplier of arms and intelligence.6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2023/11/06/world/israel-hamas-war-gaza-news
Title: Israel Says It Has Isolated Gaza City After ‘Large’ AttackIsrael said its troops had effectively split the Gaza Strip in half as the Biden administration worked to prevent a wider regional war.See more updates 9+

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/nyregion/trump-fraud-trial-testimony.html
Title: Trump Assails Judge and Concedes a Role in Valuing His Empire’s PropertyFormer President Trump, who also railed against New York’s attorney general in court, denied he committed fraud and called the trial “very unfair.”6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/nyregion/trump-fraud-trial-judge-power.html
Title: On the first day of Donald Trump’s testimony, the judge tried to do what few have accomplished: make him stop talking.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/trump-election-case-prosecutors.html
Title: Prosecutors asked a judge to reject motions by former President Trump that sought to toss out his federal election case.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/business/wework-bankruptcy.html
Title: WeWork Files for Bankruptcy Amid Glut of Empty OfficesThe move is a blow for landlords who have rented space to the co-working group, which is planning a reorganization that includes cutting leases.4 min read<img src="https://static01.nyt.com/images/2023/11/06/multimedia/06wework-bankruptsy-sub-chlk/06wework-bankruptsy-sub-chlk-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="People in winter coats outside a building with a gray facade and a WeWork sign hanging out front." class="css-122y91a"/>Hiroko Masuike/The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/07/books/review/barbra-streisand-memoir-my-name-is-barbra.html
Title: Book ReviewHer Name Is Barbra, but It Wasn’t AlwaysIn a chatty and candid new memoir, Barbra Streisand talks about her early determination to be famous and tallies the hurdles and helpers she met along the way.6 min read<img src="https://static01.nyt.com/images/2023/11/07/multimedia/07STREISAND-REVIEW-tgch/07STREISAND-REVIEW-tgch-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A black and white portrait of a young Barbra Streisand seen in profile from her left side, gazing upwards. Her left hand reaches over to touch the right side of her elongated neck. One eye and one dangling earring are visible to the camera." class="css-122y91a"/>Kobal/Shutterstock

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/11/05/magazine/james-webb-space-telescope.html
Title: A Beginner’s Guide to Looking at the UniverseA giant leap in the history of stargazing, the James Webb telescope revealed light where we saw darkness, forever changing our view of the cosmos.Illustration by Daniel Zvereff; Photographs by NASA

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/business/china-bri-aiddata.html
Title: China Is Lending Billions to Countries in Financial TroubleInstead of lending money for highways and bridges, China has shifted to providing emergency rescues for previous borrowers.4 min read<img src="https://static01.nyt.com/images/2023/11/06/multimedia/06china-debt-01-cmpl/06china-debt-01-cmpl-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Buildings under construction with a river in between." class="css-122y91a"/>Adam Dean for The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/nyregion/nyc-rich-private-clubs.html
Title: Behind the Gates of a Private World for Only the Wealthiest New YorkersAlthough everyday life has become increasingly unaffordable for almost everyone, a new class of private, members-only and concierge services is emerging.6 min read<img src="https://static01.nyt.com/images/2023/10/19/nyregion/00privatenyc-bond/00privatenyc-bond-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="People milling about at Zero Bond in late 2021 with orange and pink lighting providing illumination in a darkened room." class="css-122y91a"/>Eugene Gologursky/Getty Images for Haute Living

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/us/politics/presidential-candidates-2024.html
Title: Who Is Running?

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/republican-debate-miami.html
Title: Third G.O.P. Debate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/08/18/us/politics/republican-candidates-2024-issues.html
Title: Issues Tracker

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/biden-trump-black-voters-poll-democrats.html
Title: As Black Voters Drift to Donald Trump, Biden’s Allies Say They Have Work to DoA New York Times/Siena College poll painted a worrisome picture of President Biden’s standing with a crucial constituency, and a shift for Donald Trump.6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/desantis-iowa-kim-reynolds-trump.html
Title: Ron DeSantis landed a big endorsement: Kim Reynolds, Iowa’s popular governor.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/politics/nashville-covenant-school-shooting-writings.html
Title: Excerpts From Nashville School Shooter’s Writings Are Published OnlineThe publication of the apparent excerpts by a conservative commentator enraged the parents of surviving students, who have been fighting to keep them private.4 min read<img src="https://static01.nyt.com/images/2023/11/06/multimedia/06nat-covenant-bwmj/06nat-covenant-bwmj-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Flowers and stuffed animals lie at the base of a brick wall that has a sign reading “Covenant Presbyterian Church, the Covenant School.”" class="css-122y91a"/>Desiree Rios/The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/columnists/united-states-right-social-change.html
Title: <img src="https://static01.nyt.com/images/2018/04/02/opinion/paul-krugman/paul-krugman-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Paul Krugman" class="css-122y91a"/>Paul KrugmanWhy Does the Right Hate America?4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/jewish-palestine-literature.html
Title: <img src="https://static01.nyt.com/images/2023/11/06/opinion/06udel/06udel-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration of a person reading a book under a very large book shielding the person from smoke and flames." class="css-122y91a"/>Miriam UdelWhat I Read to My Son When the World Is on Fire5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/joe-biden-polling.html
Title: John Della VolpeJoe Biden Is in Trouble7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/biden-trump-times-siena.html
Title: Gail Collins and Bret StephensTrump May Not Need a Coup This Time7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/trump-allan-bloom-republicans.html
Title: <img src="https://static01.nyt.com/images/2015/03/16/opinion/Wehner-Peter-circular/Wehner-Peter-circular-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Peter Wehner" class="css-122y91a"/>Peter WehnerRepublicans Have Chosen Nihilism5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/guns-domestic-abuse-supreme-court.html
Title: <img src="https://static01.nyt.com/images/2018/04/02/opinion/linda-greenhouse/linda-greenhouse-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Linda Greenhouse" class="css-122y91a"/>Linda GreenhouseWill the Supreme Court Toss Out a Gun Law Meant to Protect Women?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/matthew-perry-shame.html
Title: <img src="https://static01.nyt.com/images/2023/11/06/multimedia/06Havrilesky-1-zbhj/06Havrilesky-1-zbhj-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A photo of the actor Matthew Perry sits inside a bouquet of flowers in a makeshift memorial to him." class="css-122y91a"/>Heather HavrileskyMatthew Perry Told the Truth About Everything5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/democratic-party-inequality-biden.html
Title: <img src="https://static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/Peter_Coy_Final-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Peter Coy" class="css-122y91a"/>Peter CoyHow Democrats Lost Voters With a ‘Compensate Losers’ Strategy6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/trump-biden-president-election.html
Title: Letters From Our ReadersWith Poll Results Favoring Trump, Should Biden Step Aside?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/opinion/electric-battery-energy-china.html
Title: James Morton TurnerThe U.S. Can Counter China’s Control of Minerals for the Energy Transition5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/ohio-abortion-ballot-initiative.html
Title: David N. HackneyIn Ohio, an Attempt to End the Winning Streak for Abortion Rights5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/space-billionaires-sex.html
Title: Kelly WeinersmithWhy Go to Mars if You Can’t Have Sex There?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/israel-palestinians-hostage-silence.html
Title: Alana ZeitchikSix Members of My Family Are Hostages in Gaza. Does Anyone Care?5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/beatles-lennon-mccartney-last-song.html
Title: Ian LeslieHere’s Why the Final Beatles Song Matters So Much6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/05/opinion/maga-mike-johnson-christianity.html
Title: David French‘MAGA Mike Johnson’ and Our Broken Christian Politics5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/04/opinion/sunday/palestinians-west-bank-israel.html
Title: Nicholas KristofLosing Hope in the West Bank6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/elijah-mcclain-death-police-verdict.html
Title: Second Police Officer Acquitted in Elijah McClain DeathNathan Woodyard was the first officer to stop Mr. McClain in what became a violent encounter. The young, unarmed Black man died days later.4 min read

Search URL Search Domain Scan URL

URL: https://theathletic.com/5037110/2023/11/06/craig-counsell-cubs-brewers-manager/
Title: Craig Counsell Will Leave Brewers to Manage Cubs in Stunning MoveThe Cubs hired Counsell away from a division rival and will make him the highest-paid manager in Major League Baseball.From The Athletic

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/us/charles-adelson-dan-markel-murder-conviction.html
Title: Florida Dentist Convicted in Murder-for-Hire Plot Against Law ProfessorA jury in Tallahassee found Charles Adelson guilty of murder and conspiracy in the 2014 death of his former brother-in-law, Dan Markel.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/business/electric-planes-beta-technologies.html
Title: Tony Cenicola/The New York TimesElectric Planes, Once a Fantasy, Start to Take to the SkiesHow a small cargo plane’s 16-day trip from Vermont to Florida might help usher in a new era of battery-powered air travel long considered implausible.6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/style/beatles-fans-now-and-then-reaction.html
Title: On TikTok, Gen Z Beatles Fans Share Thoughts on ‘Now and Then’“Can’t believe it’s 2023 and I get the joy of hearing a new Beatles song for the first time ever,” a 23-year-old says in a video post.3 min readJiji Press/Agence France-Presse — Getty Images

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/arts/television/daniel-sloss-russell-brand.html
Title: It’s All Fair Game for the Comic Daniel SlossThe Scottish standup made a career of finding humor in “things that we should not be laughing at.”5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/style/priscilla-necklace-locket.html
Title: The Heart of ‘Priscilla’ Is for SaleThe film studio A24 makes a case for cool movie merch.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/arts/the-invincible-starward-stanislaw-lem.html
Title: The Novel Source for This Space Mystery? A Novel.With The Invincible, a Polish video game studio embraces a science fiction book.4 min read

Search URL Search Domain Scan URL

URL: https://theathletic.com/4960036/2023/10/16/paige-bueckers-uconn-huskies-basketball/
Title: How Is Paige Bueckers? The Answer Will Dictate the College Basketball Season.After a grueling rehab, UConn’s star is back for an all-or-nothing campaign.

Search URL Search Domain Scan URL

URL: https://theathletic.com/5038015/2023/11/06/cubs-craig-counsell-david-ross-jed-hoyer/
Title: Behind a $40 Million Deal, the Cubs Shocked the Baseball WorldOn Monday, Chicago poached the best manager in M.L.B. from a divisional rival.

Search URL Search Domain Scan URL

URL: https://theathletic.com/5028596/2023/11/06/notre-dame-womens-basketball-coach-niele-ivey/
Title: After Her Brother’s Tragic Death, Notre Dame’s Basketball Coach Finds Peace

Search URL Search Domain Scan URL

URL: https://theathletic.com/5022106/2023/11/06/geddy-lee-rush-baseball-collection/
Title: How a Canadian Rock Star Became an Unlikely Archivist of America’s Pastime

Search URL Search Domain Scan URL

URL: https://theathletic.com/5036290/2023/11/06/nba-in-season-tournament-courts-nuggets-celtics-hollinger/
Title: Two Weeks Into the N.B.A. Season, Two Teams Stand Above the Rest

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/06/podcasts/the-daily/biden-trump-2024.html
Title: The DailySwing State Voters Are Souring on Biden30 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/podcasts/hard-fork-executive-order-ai-copyright.html
Title: Hard ForkInside Biden’s A.I. Executive Order66 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/opinion/ezra-klein-podcast-amaney-jamal.html
Title: Opinion: The Ezra Klein ShowShe Polled Gazans on Oct. 6. Here’s What She Found.46 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/11/03/books/review/shakespeares-first-folio-turns-400.html
Title: The Book ReviewShakespeare’s First Folio Turns 40028 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/connections-companion
Title: Connections CompanionIn case you need some puzzle help.<img src="https://static01.nyt.com/images/2023/10/19/crosswords/19connections-column-133/19connections-column-133-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration of a person giving a figure a thumbs up." class="css-122y91a"/>

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2023 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/cookie-policy#how-do-i-manage-trackers
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/ca/
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/international/
Title: International

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription?campaignId=37WXW
Title: Subscriptions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F

Request Chain 167

https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

182 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
securevip.secureweb.top/ 682 KB
148 KB 75ms
40ms Document
text/html 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

5fc82b7959be4071b0751538cf86e7d74d936e841a851d60ba223fcb62d946dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 41
cache-control: s-maxage=30,no-cache
content-encoding: gzip
content-length: 150315
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Tue, 07 Nov 2023 05:46:47 GMT
last-modified: Tue, 07 Nov 2023 05:46:04 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/
server: nginx/1.24.0
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 3b304774eb5f4b4b93f2543f43322a07
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-content-type-options: nosniff
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Tue, 07 Nov 2023 05:46:04 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: homepage
x-origin-time: 2023-11-07 05:46:07 UTC
x-pagetype: vi-homepage
x-served-by: cache-lga21922-LGA, cache-fra-eddf8230085-FRA
x-timer: S1699336008.896280,VS0,VE2
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
11 KB 62ms
7ms Stylesheet
text/css 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-encoding: gzip
age: 1209879
x-guploader-uploadid: ABPtcPov0X-LQSenSYoM7Eq6MBI4FpEvITKHW4dODZLY8Ax4SMpM-X0HNS1TLLLPKyib6Jv5eWS-tUSEuFh4EEm2GL6nMA
x-goog-stored-content-encoding: gzip
x-served-by: cache-fra-eddf8230065-FRA
x-timer: S1699336008.966325,VS0,VE0
etag: W/"b79308aee772cf8921761a4fdb884fe5"
vary: Accept-Encoding
x-goog-generation: 1673991774978541
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-cache-hits: 5626
expires: Wed, 23 Oct 2024 05:42:08 GMT
date: Tue, 07 Nov 2023 05:46:47 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 1
content-length: 10710
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
securevip.secureweb.top/vi-assets/static-assets/ 6 KB
3 KB 24ms
23ms Stylesheet
text/css 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 7099080
x-guploader-uploadid: ADPycduhiXPSjAmvTOeEvsL5W9Sbr8W7OBvGcSfktDgJf5GEO79r26XP4FcESqPvi5OclQTJokas6EvU5VsdkVwoNs_oVQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-17 01:48:46 UTC
x-served-by: cache-fra-eddf8230088-FRA
x-timer: S1699336008.926072,VS0,VE1
etag: "e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1692068681438560
content-type: text/css; charset=utf-8
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 11948
expires: Fri, 16 Aug 2024 01:48:46 GMT
date: Tue, 07 Nov 2023 05:46:47 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1968
last-modified: Thu, 17 Aug 2023 00:55:14 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr: 1
x-goog-stored-content-length: 5656
accept-ranges: bytes

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v4/ 150 KB
50 KB 45ms
8ms Script
application/javascript 13.225.83.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-103.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:06 GMT
content-encoding: gzip
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Mon, 09 Oct 2023 09:24:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 51
x-amz-server-side-encryption: AES256
etag: W/"2630b3d7ad4a41fac67742216e506d83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: mj0qJ2H0pwWRbSPvn4PV-kSS9DBxr_LHftEJF4AKdWS5VGXH3o00-w==

GET
H2 200 adslot-42e9c3fd69719c71ab62.js Show response
securevip.secureweb.top/vi-assets/static-assets/ 22 KB
9 KB 124ms
114ms Script
application/javascript 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/adslot-42e9c3fd69719c71ab62.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

a500afc866062030e5a0314da72313ab8fbda561df3571d832a56576d6e1da46

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 480359
x-guploader-uploadid: ABPtcPrfvF6Ry4a6SCfFAixekTnRmYNhQowPkIRS167CH3NdHOtjtolP_VyNRRhiF-autUtmhAGGhVGgEw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-01 16:20:52 UTC
x-served-by: cache-fra-eddf8230139-FRA
x-timer: S1699336008.044672,VS0,VE1
etag: "6c6afb88c8e54043eb007ef33f577715"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1698855361925022
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-42e9c3fd69719c71ab62.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7288
expires: Thu, 31 Oct 2024 16:20:49 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7940
last-modified: Wed, 01 Nov 2023 16:16:02 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=5B8QrA==, md5=bGr7iMjlQEPrAH7zP1d3FQ==
x-gdpr: 1
x-goog-stored-content-length: 22998
accept-ranges: bytes

GET
H2 200 icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp
securevip.secureweb.top/vi-assets/static-assets/ 986 B
2 KB 22ms
21ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

63cd01bf8a87ddc8a07e6491ea1ab7bb28613587cfddd7c9664dda47f71dcda3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 7311550
x-guploader-uploadid: ADPycduQL6Z-2UsrqNIZkvxj6CVaDgcXbqFs04lckVAh6fb63AUdi62AngTA7YH13bkhPg04q2MbMu6WEKxNb6e9Obpvm8nuhf60
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-14 14:47:47 UTC
x-served-by: cache-fra-eddf8230077-FRA
x-timer: S1699336008.954305,VS0,VE1
etag: "bfcd0980517659122c43c38b3e4e9a02"
vary: Fastly-SSL
x-goog-generation: 1692024395665431
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-morning-dd86bff0a93166101faa63110f3830b9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3039
expires: Tue, 13 Aug 2024 14:47:36 GMT
date: Tue, 07 Nov 2023 05:46:47 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 986
last-modified: Mon, 14 Aug 2023 14:46:35 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=chcsKA==, md5=v80JgFF2WRIsQ8OLPk6aAg==
x-gdpr: 1
x-goog-stored-content-length: 986
accept-ranges: bytes

GET
H2 200 icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp
securevip.secureweb.top/vi-assets/static-assets/ 696 B
2 KB 23ms
22ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

5e58c4c90b85eda4055a5b30fe55ef60cbcf6ea093311f2ff38861c7b4fe448a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 618708
x-guploader-uploadid: ADPycdtyX7StlRlmPL6D1dmCtKtyQF5w58jXkz-gLI30Xnu6XME929mee7flszd3cULXBYYW2NCywxCAqKz66mLCPTp91Q
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-03 05:35:43 UTC
x-served-by: cache-fra-eddf8230072-FRA
x-timer: S1699336008.954856,VS0,VE1
etag: "2437584c92e9c7204837b9eb1745bc86"
vary: Fastly-SSL
x-goog-generation: 1695922492234617
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-upshot-826140ece0fb230ed2af6d87ef0ab42b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 984
expires: Wed, 02 Oct 2024 05:35:43 GMT
date: Tue, 07 Nov 2023 05:46:47 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 696
last-modified: Thu, 28 Sep 2023 17:34:52 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=hF6+VA==, md5=JDdYTJLpxyBIN7nrF0W8hg==
x-gdpr: 1
x-goog-stored-content-length: 696
accept-ranges: bytes

GET
H2 200 the-daily-album-art-square320-v5.jpg
static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/ 4 KB
4 KB 48ms
7ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/the-daily-album-art-square320-v5.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

66debd0db62a3f53e72503a053f862b586a886e6a399fd8243b5e0180d304dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 22 Aug 2023 16:27:32 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 326776
x-guploader-uploadid: ADPycdvaP7Cqp9sfJLhDT6DcGQYdeXgkoVrY6n7Ff57CJsbV08emz2wlAKAAoMCBhyfargY7elRq9ZjWtl70qQ6HeRBoqd42RL5i
x-cache: HIT, HIT
fastly-io-info: ifsz=15986 idim=320x320 ifmt=jpeg ofsz=3614 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3614
x-served-by: cache-iad-kcgs7200066-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.007965,VS0,VE0
etag: "HnnVz93O4bK0D9Smvlwnf0lv96YmNmLNlX7IWtdXh7Q"
vary: Accept
x-goog-generation: 1688068264438165
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=JiXB7Q==, md5=PfDXw6toN2ZQvpOKxIlHug==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 15986
x-amz-checksum-crc32c: JiXB7Q==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 234, 52

GET
H2 200 the-run-up-album-art-thumbLarge.jpg
static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/ 5 KB
6 KB 48ms
8ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/the-run-up-album-art-thumbLarge.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 04 Oct 2023 07:17:37 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300720
age: 501079
x-guploader-uploadid: ADPycdtHTcE6oJpJUyUJnS6FTqtIPAzmrvyHf2ozzBd7EyI2NabnUMlD_D4MBVpxerg89VPOoGGvALuUGSQuPelDzTjXtQ
x-cache: HIT, HIT
fastly-io-info: ifsz=13823 idim=150x150 ifmt=jpeg ofsz=5314 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 5314
x-served-by: cache-iad-kiad7000132-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.007990,VS0,VE0
etag: "hoyyH5q1+NTFT41vUc5DQY1n5mPXI75JtPWFn4Jaf4Q"
vary: Accept
x-goog-generation: 1688683994203172
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=10HhSg==, md5=VVlpmckmFDe4+jzoN3ttXQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 13823
x-amz-checksum-crc32c: 10HhSg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15, 46

GET
H2 200 icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp
securevip.secureweb.top/vi-assets/static-assets/ 676 B
2 KB 86ms
76ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

c01bb7101c3b034d4e913bdc36280e1a3034d84ab1f8ab674e0d43e75f20e229

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 2356514
x-guploader-uploadid: ADPycdt6mG4Lb8xLbFm3rS-1XLm36DNu7cVZdKkOdt4aasb-g_eJSjYevT9_BrOPb-ov_0tMjTCpTUC6KU1HjhDbbl23KkJee7iD
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 23:11:33 UTC
x-served-by: cache-fra-eddf8230137-FRA
x-timer: S1699336008.044301,VS0,VE1
etag: "07aebeb8fa8f52b4cc27a52f35fbb07e"
vary: Fastly-SSL
x-goog-generation: 1696973945021389
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-europe-morning-briefing-41f17eb6dcc335c7516cee80c200a07e.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2754
expires: Wed, 09 Oct 2024 23:11:33 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 676
last-modified: Tue, 10 Oct 2023 21:39:05 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=VLRZ1Q==, md5=B66+uPqPUrTMJ6UvNfuwfg==
x-gdpr: 1
x-goog-stored-content-length: 676
accept-ranges: bytes

GET
H2 200 icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp
securevip.secureweb.top/vi-assets/static-assets/ 1 KB
3 KB 125ms
115ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

de417027b3c04d64f0f0e42493e0cb5a6936609eb56f6f0440580a191d6d6b2c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 2416971
x-guploader-uploadid: ADPycds_Dwo-PMYRishw3PRQvQfIGy-_YvbicKVPO5RqrSAyYZTfF7o5nnJKUAN3Gd7QFwwxL1JJPTAHW_0uF7WbEGf_xvNneqNz
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 06:47:29 UTC
x-served-by: cache-fra-eddf8230033-FRA
x-timer: S1699336008.044518,VS0,VE1
etag: "c00e7e36e294d9f8e173eb4405f1af3a"
vary: Fastly-SSL
x-goog-generation: 1696611983278718
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-interpreter-3af234d8fdc0066b6424a94f1893b1f0.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3328
expires: Wed, 09 Oct 2024 06:23:57 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1336
last-modified: Fri, 06 Oct 2023 17:06:23 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=5qx58A==, md5=wA5+NuKU2fjhc+tEBfGvOg==
x-gdpr: 1
x-goog-stored-content-length: 1336
accept-ranges: bytes

GET
H2 200 icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp
securevip.secureweb.top/vi-assets/static-assets/ 862 B
2 KB 87ms
78ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

fcb0ab4f6d3a4da0916061428974c4e222922d127a1da82f2e79173fa2fea1ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 1719803
x-guploader-uploadid: ADPycdvoPnFDb_zPOf-ybpjR-Gkzr7eJ08ast9YWh44DNLC-WMS_FAwjQMn0p3R4-sr4Aia2kuSiHsciggG1O1OkwZIvoJetm_WX
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-14 14:47:47 UTC
x-served-by: cache-fra-eddf8230045-FRA
x-timer: S1699336008.044740,VS0,VE1
etag: "ac88f362d87d31af374e54b4f1bdc6e3"
vary: Fastly-SSL
x-goog-generation: 1692024395443487
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-australia-letter-968327f63e43ed894591f997ff4fcad3.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3287
expires: Tue, 13 Aug 2024 14:47:47 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 862
last-modified: Mon, 14 Aug 2023 14:46:35 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=4mYSIg==, md5=rIjzYth9Ma83TlS08b3G4w==
x-gdpr: 1
x-goog-stored-content-length: 862
accept-ranges: bytes

GET
H2 200 icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp
securevip.secureweb.top/vi-assets/static-assets/ 860 B
2 KB 126ms
116ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

007070e6f905e2aefbfcc7568cdf61c38a422d933c9c8166a6ba2f6223dd9ec5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3637866
x-guploader-uploadid: ADPycdvXA1FwZ1xLaHPHvBZHHF-WTJcvfYfAMoSFdHIcHDxHA90A3ma5O7ejJkDuB6lA1iQ6DBaDPjV0GzoIt5yjXE8TKg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 03:15:42 UTC
x-served-by: cache-fra-eddf8230070-FRA
x-timer: S1699336008.046592,VS0,VE1
etag: "98ffc313a69bea78c5a4ffb0cd8bf09e"
vary: Fastly-SSL
x-goog-generation: 1695320370103876
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-canada-letter-30c08e776a61316a12718a308c12ca18.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7058
expires: Wed, 25 Sep 2024 03:15:41 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 860
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=IvjhWA==, md5=mP/DE6ab6njFpP+wzYvwng==
x-gdpr: 1
x-goog-stored-content-length: 860
accept-ranges: bytes

GET
H2 200 icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp
securevip.secureweb.top/vi-assets/static-assets/ 652 B
2 KB 81ms
72ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

e7f4ae3d77496807413afb4a0d56451b31667200c0293d3e89df130190e1f10b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 2423573
x-guploader-uploadid: ADPycduDGMRVpGCKz12d1-1bSBsOitOTK0r_Ej9bSps-jSVUCEDXoW--zOOqiRQiS6mDFb6GUkKesoGR4zFSLcP_zPNbwwfy-dwz
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 04:33:55 UTC
x-served-by: cache-fra-eddf8230047-FRA
x-timer: S1699336008.044019,VS0,VE1
etag: "98014cde1d5d5ee7342a2bef5387c8a8"
vary: Fastly-SSL
x-goog-generation: 1696611983243709
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-dealbook-fc342092e07d3e54c5b740508ec9b956.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4978
expires: Wed, 09 Oct 2024 04:33:54 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 652
last-modified: Fri, 06 Oct 2023 17:06:23 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=/vnRlQ==, md5=mAFM3h1dXuc0KivvU4fIqA==
x-gdpr: 1
x-goog-stored-content-length: 652
accept-ranges: bytes

GET
H2 200 hard-fork-album-art-square320-v2.png
static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/ 116 KB
117 KB 29ms
9ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/hard-fork-album-art-square320-v2.png?quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

abb3e9b4b429be28947890a3c281f600604d4e27492624a3290bfa735e57e570

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 22 Sep 2023 14:25:44 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 339281
x-guploader-uploadid: ADPycdvwSo6zfvjiOaNWzmgHedYr6u8DVZvJ7AW1V6sYtnM93jOo5qHSn0hlvSkj2AZeW_2nZxc2oAyQsyb83zfqEFuCg2oOJZt5
x-cache: HIT, HIT
fastly-io-info: ifsz=171964 idim=320x320 ifmt=png ofsz=118752 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 118752
x-served-by: cache-iad-kjyo7100038-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.008658,VS0,VE0
etag: "MIre+hRw2cMgJa2uP+CeD5Zo0tG02ZYiidiRIV/6TxQ"
vary: Accept
x-goog-generation: 1666018564084320
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=rwW/FQ==, md5=QcPAglE24zD6+D1DXSLedQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 171964
x-amz-checksum-crc32c: rwW/FQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 91, 49

GET
H2 200 icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp
securevip.secureweb.top/vi-assets/static-assets/ 788 B
2 KB 81ms
73ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

41d61937d6f1b2b8887f735949cb30f7be1f3027a5d495621672f0d8fd3f9d14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 2322068
x-guploader-uploadid: ADPycdso6MjLoxV7P4mDehnu4kBnMgUT16fDu7q_8oDmBLqNHoD0Hen2gIfgtwq4MyjckDiABcshKkjhu1_40MeUHPo4gdAu77-J
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-11 08:45:39 UTC
x-served-by: cache-fra-eddf8230115-FRA
x-timer: S1699336008.044465,VS0,VE1
etag: "0167446aebebfe34aa60d544d95c5818"
vary: Fastly-SSL
x-goog-generation: 1696611983266512
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-read-like-the-wind-b4c96c99529e1967200b4e98206c6371.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 22
expires: Thu, 10 Oct 2024 08:45:39 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 788
last-modified: Tue, 10 Oct 2023 21:39:05 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=z6+8Rg==, md5=AWdEauvr/jSqYNVE2VxYGA==
x-gdpr: 1
x-goog-stored-content-length: 788
accept-ranges: bytes

GET
H2 200 icon-watching-0fa860946d704b26aae6f0a562f26011.webp
securevip.secureweb.top/vi-assets/static-assets/ 534 B
2 KB 85ms
77ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-watching-0fa860946d704b26aae6f0a562f26011.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

dc288edaf30d3566c6a43f7db44c69243ef51481f3ae50a4b35868d6ac11706a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 2335346
x-guploader-uploadid: ADPycds3MqopKMr99VQjxiuQw0Ih2PpOJ8dooOH9AJ1sUCYsTrOeVKaVGlbaoWAwNnMh67wIvSN8PXXr_Gloe74jMNl6n78bEc6l
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-11 05:04:22 UTC
x-served-by: cache-fra-eddf8230105-FRA
x-timer: S1699336008.044485,VS0,VE1
etag: "9237616fe80765aedc1571c6438498bc"
vary: Fastly-SSL
x-goog-generation: 1696973945071741
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-watching-0fa860946d704b26aae6f0a562f26011.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1199
expires: Thu, 10 Oct 2024 05:04:22 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 534
last-modified: Tue, 10 Oct 2023 21:39:05 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=UOL/EA==, md5=kjdhb+gHZa7cFXHGQ4SYvA==
x-gdpr: 1
x-goog-stored-content-length: 534
accept-ranges: bytes

GET
H2 200 book-review-album-art-v2-thumbLarge-v3.jpg
static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/ 3 KB
3 KB 39ms
20ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/book-review-album-art-v2-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sun, 24 Sep 2023 02:21:07 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 576080
x-guploader-uploadid: ADPycdsyYRcNwqmei6D7KtfxFEjxgTh2X-ui7IkcaT6xQMJTSJC2hVqSR-wte6rQeKp8DFBZX3aKy3LR-LIrsax4XSBD
x-cache: HIT, HIT
fastly-io-info: ifsz=10250 idim=150x150 ifmt=jpeg ofsz=2772 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 2772
x-served-by: cache-iad-kjyo7100097-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.008899,VS0,VE0
etag: "f6YZ2ZJovRqmFs0MIuaEVzpH2+CtkFFBiLmf31seml4"
vary: Accept
x-goog-generation: 1662891747534151
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=EsOybg==, md5=cjEwJ43bqRCDXcDgnJcMnA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10250
x-amz-checksum-crc32c: EsOybg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 59, 18

GET
H2 200 music-popcast-thumbLarge-v3.jpg
static01.nyt.com/images/2011/05/20/multimedia/music-popcast/ 4 KB
4 KB 27ms
9ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2011/05/20/multimedia/music-popcast/music-popcast-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sun, 01 Oct 2023 21:54:26 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300701
age: 595366
x-guploader-uploadid: ADPycdskfN_kivKR46zxGVSf_iopUQOo5Mcrv5jJ4tW7twU7f66MB2YFXaoGqZHFEeTq2El-ib-HAqt5iGSLJzsweqBEjXaews6I
x-cache: HIT, HIT
fastly-io-info: ifsz=24419 idim=150x150 ifmt=jpeg ofsz=3828 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3828
x-served-by: cache-iad-kiad7000117-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.008373,VS0,VE0
etag: "qr3LW0rNOUvnYKyDbm09gWnw94oFzi+G4wvyjqveNos"
vary: Accept
x-goog-generation: 1538741982829422
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=VUkWbw==, md5=jSTktUwT+uCRgjlqA0y9BQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 24419
x-amz-checksum-crc32c: VUkWbw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21, 48

GET
H2 200 icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp
securevip.secureweb.top/vi-assets/static-assets/ 1 KB
3 KB 66ms
58ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

4ba9c62e2d791768ee9cf91a2257b631d3d3d3e4d0039b2d60affb962b562219

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 1227298
x-guploader-uploadid: ADPycduuefHtVsh6hFYFy6cx_r1HPTvPV0m5tu0y1pegocAdA_N8UftkU5LTmSTfs_eB088stHzDyAvID-nN9uRJx4a_6JtKoL3U
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 03:41:01 UTC
x-served-by: cache-fra-eddf8230021-FRA
x-timer: S1699336008.043993,VS0,VE1
etag: "425dea063366376915979217fff73e16"
vary: Fastly-SSL
x-goog-generation: 1695320370182710
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-open-thread-fashion-421b633c9b286165ebaa180a470c1ef9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3492
expires: Wed, 25 Sep 2024 03:41:01 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1286
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=kvn+Sw==, md5=Ql3qBjNmN2kVl5IX//c+Fg==
x-gdpr: 1
x-goog-stored-content-length: 1286
accept-ranges: bytes

GET
H2 200 icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp
securevip.secureweb.top/vi-assets/static-assets/ 1 KB
2 KB 131ms
124ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

644159a517427813378bf283fb86f497ef2fd81c8656225b3e209972f0e4ccbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 1216820
x-guploader-uploadid: ADPycdu_lXRtonvaBEl0mdaPRTUmbCDehBxtwd8bncxodv_sqv0AoklLMjbVYwxq_xZAUwZou07A6xyXactNrylaNfWJsemEfk9g
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 03:41:01 UTC
x-served-by: cache-fra-eddf8230036-FRA
x-timer: S1699336008.055827,VS0,VE1
etag: "681a68b635f1dde16fd3ded972ee2c5e"
vary: Fastly-SSL
x-goog-generation: 1695320370164240
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-love-letter-fe90fe3ff001ee39f3b90784874c1368.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6994
expires: Wed, 25 Sep 2024 03:41:01 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1160
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=Ay99EQ==, md5=aBpotjXx3eFv097Zcu4sXg==
x-gdpr: 1
x-goog-stored-content-length: 1160
accept-ranges: bytes

GET
H2 200 modernlove-logo-thumbLarge-v3.jpg
static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/ 4 KB
5 KB 27ms
8ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/modernlove-logo-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 27 Sep 2023 08:44:33 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300709
age: 413983
x-guploader-uploadid: ADPycdsx7nyltROzFP1GN7HHaG2oSsI2FR9QqsLBmydSQHedugQCUqhZqVfC25b3XveH6xF0tQ3yeJeRXd6dJVeH24NNywae28a8
x-cache: HIT, HIT
fastly-io-info: ifsz=11068 idim=150x150 ifmt=jpeg ofsz=4084 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4084
x-served-by: cache-iad-kcgs7200165-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.008323,VS0,VE0
etag: "m/kFRv2O1tFCo0C85yLpe5fDFs//5pFoSBOWMgnJf9E"
vary: Accept
x-goog-generation: 1665608966820623
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=BQuLtQ==, md5=p/lR9gCKmtliQRSN6dd/dg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 11068
x-amz-checksum-crc32c: BQuLtQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 80, 50

GET
H2 200 matter-of-opinion-album-art-thumbLarge-v2.jpg
static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/ 4 KB
5 KB 12ms
10ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/matter-of-opinion-album-art-thumbLarge-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 02 Oct 2023 15:32:50 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300710
age: 112948
x-guploader-uploadid: ADPycdt0TrNqndBEgkmC118TvA85g415qMWEAee92mC0Bcva_u9DBgWVzdZgq8SIX8GJuvMvlfmIJIZaC4IYtgW7H_q0ZA
x-cache: HIT, HIT
fastly-io-info: ifsz=12674 idim=150x150 ifmt=jpeg ofsz=4132 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4132
x-served-by: cache-iad-kiad7000079-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.019274,VS0,VE0
etag: "yoekWzapvzDgK5g1tJpvXR4Q3abo6OZMw027E8Ag3Fo"
vary: Accept
x-goog-generation: 1685027532007855
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=cBstdQ==, md5=af0IeRKwURQQpabIs66V1Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 12674
x-amz-checksum-crc32c: cBstdQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16, 304

GET
H2 200 ezra-klein-album-art-square320-v2.jpg
static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ 9 KB
9 KB 13ms
12ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ezra-klein-album-art-square320-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eb66d19d76b2a591f290eb9cbefa2faf0a2c8f90b124cb937270ab4b8adee08e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 09 Oct 2023 16:34:12 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300714
age: 497713
x-guploader-uploadid: ADPycduvijOYgrLgV8LIH-vUTUAOb9ZmP34jdGGNlcN2s3QskhgEKi5LdW4pkR_-MkZ3wLnhB3ZOmnf2LqpqAwbt98wu
x-cache: HIT, HIT
fastly-io-info: ifsz=26546 idim=320x320 ifmt=jpeg ofsz=9114 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 9114
x-served-by: cache-iad-kiad7000062-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.019823,VS0,VE0
etag: "I8CFstK+e/z6clnl3bXOFjL81AzI4rEnG10lPXiE8TY"
vary: Accept
x-goog-generation: 1635784873905458
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=bgL3XA==, md5=gRKhpC1X4GNr6vjxBbhc7g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 26546
x-amz-checksum-crc32c: bgL3XA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 40, 18

GET
H2 200 headlines-albumartwork-audioapp-2-thumbLarge.png
static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/ 13 KB
13 KB 12ms
11ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/headlines-albumartwork-audioapp-2-thumbLarge.png?quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 14:00:23 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 315983
x-guploader-uploadid: ADPycdvcZw_RvVMFlkZc-xVGK9Qm1jixjRMOF1OZQTuJz-ns8UHD7U3fmD1ap8dkm3WKHbSW9KRYqouno2vTFey4_12ZycrQY02c
x-cache: HIT, HIT
fastly-io-info: ifsz=20844 idim=150x150 ifmt=png ofsz=12952 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 12952
x-served-by: cache-iad-kcgs7200036-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.019503,VS0,VE0
etag: "LbFwq71cDcti1tLA50q2p9CsL0R7Xg7ULZY6QK7bdcY"
vary: Accept
x-goog-generation: 1680812038156789
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5MfQCw==, md5=qqLRi3ewu5a5crO4pskKzg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 20844
x-amz-checksum-crc32c: 5MfQCw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 382

GET
H2 200 icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp
securevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 140ms
133ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

f9619e7a1dc4ec09dc3d6c5df8aa6eada684c79482d283459eac511852d5bb3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 1010417
x-guploader-uploadid: ABPtcPoJR8_Ceo8358QBxoVffGi6RvuDGlJYe3k58rTXxuXTKB_FwliDBZA9TF_5GypyQjK1pOMqHFoYW3HfRgB_2eHTHw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-26 13:06:31 UTC
x-served-by: cache-fra-eddf8230130-FRA
x-timer: S1699336008.111877,VS0,VE1
etag: "28bc2710ecd2b1d5d9556b8ae390a943"
vary: Fastly-SSL
x-goog-generation: 1698324737243390
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-tkorc-e70cf6b0628d964d89952497590a03ba.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6397
expires: Fri, 25 Oct 2024 13:06:31 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1954
last-modified: Thu, 26 Oct 2023 12:52:17 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=XaQJPw==, md5=KLwnEOzSsdXZVWuK45CpQw==
x-gdpr: 1
x-goog-stored-content-length: 1954
accept-ranges: bytes

GET
H2 200 icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp
securevip.secureweb.top/vi-assets/static-assets/ 448 B
2 KB 137ms
131ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

7c65354f69fbaf3704fa399fb2755f8f1e12a4febd45037a125f17de050fca7c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 1146000
x-guploader-uploadid: ABPtcPq76oy3MDqLvMzqSBoYv_YqZSd4j60B7igqvJlaMW1nb5Jhjkh07_KY3RUk-NmfPYdcTk66ZpTm8coMVxvzRrm27w
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 16:19:28 UTC
x-served-by: cache-fra-eddf8230041-FRA
x-timer: S1699336008.111511,VS0,VE1
etag: "519c1a44c1767defa217a278d164b36c"
vary: Fastly-SSL
x-goog-generation: 1698077567247330
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-reporter-reads-75f75d9ff93c918be35824c2d9920ab6.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2653
expires: Tue, 22 Oct 2024 16:19:20 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 448
last-modified: Mon, 23 Oct 2023 16:12:47 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=CbwOcA==, md5=UZwaRMF2fe+iF6J40WSzbA==
x-gdpr: 1
x-goog-stored-content-length: 448
accept-ranges: bytes

GET
H2 200 icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp
securevip.secureweb.top/vi-assets/static-assets/ 424 B
2 KB 138ms
132ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

5d7824c56fadbab811bb6be7b48d8eec8fd4269877246eeed5b9b33d1a953292

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 1258047
x-guploader-uploadid: ABPtcPrBBs9rZs1jtcwtEYJIQTt59phg4G20Xa7F5dhWprIf1V9FY9DbWLyPO9q-cWbtiGelbducRakhxG9ACqkRiX7Xaw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-23 16:19:28 UTC
x-served-by: cache-fra-eddf8230084-FRA
x-timer: S1699336008.111660,VS0,VE1
etag: "ca44229b7404d9077baf5bd2f0fcebb0"
vary: Fastly-SSL
x-goog-generation: 1698077567160430
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-audio-cd2b56214bd17df62dd56b8c8f2bc0da.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7057
expires: Tue, 22 Oct 2024 16:19:20 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 424
last-modified: Mon, 23 Oct 2023 16:12:47 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=m+UYtg==, md5=ykQim3QE2Qd7r1vS8PzrsA==
x-gdpr: 1
x-goog-stored-content-length: 424
accept-ranges: bytes

GET
H2 200 icon-gameplay-0e0a0696c194512474af7462274eaa97.webp
securevip.secureweb.top/vi-assets/static-assets/ 516 B
2 KB 145ms
139ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-gameplay-0e0a0696c194512474af7462274eaa97.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

20a1e05cca983d2c838b5637de79857db90bd69705e38126260f9dca7fc29186

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 1119811
x-guploader-uploadid: ADPycdvK6tE7bY93zJbYzBIaGZbNuVMmMw6mohhBPY6dxgB5wrhNj0Zze3eCPgkHKKuPh9MeiYqWRooqUSf8etUq97bc6Q
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-25 22:54:22 UTC
x-served-by: cache-fra-eddf8230101-FRA
x-timer: S1699336008.113709,VS0,VE1
etag: "8fb0705de15ee3fb853d82b64fc3fbfa"
vary: Fastly-SSL
x-goog-generation: 1695320370148652
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-gameplay-0e0a0696c194512474af7462274eaa97.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 581
expires: Tue, 24 Sep 2024 22:54:22 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 516
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=6krs5Q==, md5=j7BwXeFe4/uFPYK2T8P7+g==
x-gdpr: 1
x-goog-stored-content-length: 516
accept-ranges: bytes

GET
H2 200 icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp
securevip.secureweb.top/vi-assets/static-assets/ 748 B
2 KB 158ms
152ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

f2e4eb2e6499e7805732b936694778a0547e32010bca773807743cfcd8e4b049

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3637867
x-guploader-uploadid: ADPycdvsz11sa0IdpDTp5WBrGL7YqqZu48D6WMG7VNDpe6bM1w_YcVWTbfV1Cg1tmmiOaJhPNSnwMBuVmsCXG0jDjovEdw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 03:15:42 UTC
x-served-by: cache-fra-eddf8230096-FRA
x-timer: S1699336008.116521,VS0,VE1
etag: "9894fb012dcd739cdcecf1bc31d507a4"
vary: Fastly-SSL
x-goog-generation: 1695320370124229
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-cooking-276e5519a9df3d2697b666fb95ddd69b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6591
expires: Wed, 25 Sep 2024 03:15:41 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 748
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=PJBKmg==, md5=mJT7AS3Nc5zc7PG8MdUHpA==
x-gdpr: 1
x-goog-stored-content-length: 748
accept-ranges: bytes

GET
H2 200 icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp
securevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 131ms
125ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

4af9b52b5cf0f6a694ec51e283ccabc662be7881a3ecefecccf5441a687a894a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3025951
x-guploader-uploadid: ADPycdtlejB7noJVh42oOzOrOYF7YqP_k9kroIdXIbUMFBqT4tEJfW-W5MjgFANuKigV-unYnop-q9CVS-xWIv4u8unUww
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-03 05:35:43 UTC
x-served-by: cache-fra-eddf8230057-FRA
x-timer: S1699336008.107969,VS0,VE1
etag: "75dce34b2cab91f7347cbe697eaec668"
vary: Fastly-SSL
x-goog-generation: 1695922492235768
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-veggie-f7c053c8b480b183342a9514c3b2787c.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3063
expires: Wed, 02 Oct 2024 05:14:16 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 2122
last-modified: Thu, 28 Sep 2023 17:34:52 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=ORbazQ==, md5=ddzjSyyrkfc0fL5pfq7GaA==
x-gdpr: 1
x-goog-stored-content-length: 2122
accept-ranges: bytes

GET
H2 200 icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp
securevip.secureweb.top/vi-assets/static-assets/ 1 KB
3 KB 145ms
140ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

c4fd486c427aff4879822fc8e342979aa0110d283582bbee589cb941de95f39f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 1812063
x-guploader-uploadid: ADPycdsFk6Fz1XOly_cCriETjlye1zECS1lpXPj8X3kIk4-7UUzN7HvLMoxWSAXDMFD8RZ7mW9GztoaTnof5UrJyUJGzKw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-20 00:58:41 UTC
x-served-by: cache-fra-eddf8230114-FRA
x-timer: S1699336008.113662,VS0,VE1
etag: "2b654162f60dd23c00417299cce80666"
vary: Fastly-SSL
x-goog-generation: 1695162144943567
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-five-weeknight-dishes-9a372f22fce6bcf493f7c31a8e3220e7.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2737
expires: Thu, 19 Sep 2024 00:58:41 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1486
last-modified: Tue, 19 Sep 2023 22:22:25 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=125xEQ==, md5=K2VBYvYN0jwAQXKZzOgGZg==
x-gdpr: 1
x-goog-stored-content-length: 1486
accept-ranges: bytes

GET
H2 200 icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp
securevip.secureweb.top/vi-assets/static-assets/ 480 B
2 KB 140ms
135ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

832c2e84f40e3512fc4a9326e54e6c3a8e8b91d691dd601e5716ab8b4cd01f32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3016211
x-guploader-uploadid: ADPycducmF4HmdyYvD01LNYz1e6efLt4DL7lxz6rF5NTRI4gIuq_Y3CK85DOzjHxUU-WcmeU4AT8EVYITjj3FQ9h2Y4XEw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-03 07:56:37 UTC
x-served-by: cache-fra-eddf8230084-FRA
x-timer: S1699336008.113466,VS0,VE1
etag: "31e3b5a35faa43e94c8692daca44339a"
vary: Fastly-SSL
x-goog-generation: 1695922492236156
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-recommendation-b43bb0e154cda17a4b232f1105511a28.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6921
expires: Wed, 02 Oct 2024 07:56:37 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 480
last-modified: Thu, 28 Sep 2023 17:34:52 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=qzwDhg==, md5=MeO1o1+qQ+lMhpLaykQzmg==
x-gdpr: 1
x-goog-stored-content-length: 480
accept-ranges: bytes

GET
H2 200 icon-clean-everything-2ec25627f12347716015757e012ec04b.webp
securevip.secureweb.top/vi-assets/static-assets/ 1 KB
3 KB 159ms
154ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-clean-everything-2ec25627f12347716015757e012ec04b.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

11cad19b226383c7e859031e5cd320644ad1a33d12abc2689a4d3bdbc8253ab7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3564860
x-guploader-uploadid: ADPycdsAqHPKXdV_mgZJzgPAu4j6UnV35NSQhv1F4RSjkJq0-DJg6OSVfjBgsuslELUCCQuphJDolgXjtPFMBiuhmjGgYQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-09-26 23:32:28 UTC
x-served-by: cache-fra-eddf8230099-FRA
x-timer: S1699336008.123151,VS0,VE1
etag: "1d11a29b40906c218d08fd261c621573"
vary: Fastly-SSL
x-goog-generation: 1695320370149351
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-clean-everything-2ec25627f12347716015757e012ec04b.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7189
expires: Wed, 25 Sep 2024 23:32:28 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1314
last-modified: Thu, 21 Sep 2023 18:19:30 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=dd5g7A==, md5=HRGim0CQbCGNCP0mHGIVcw==
x-gdpr: 1
x-goog-stored-content-length: 1314
accept-ranges: bytes

GET
H2 200 icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp
securevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 141ms
136ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

4d3928e5b934069fa3b78d716121fd1838737cb5b1aecd98b82e62982435ada6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 1219061
x-guploader-uploadid: ADPycdtdW4kWU-kY6kyTVymXq8lqDjGUJtyfVrG0CCINp-5JuxjgJq3u9uLAzpPsUHiz0sV0EfCLKRdKdofGp8L06D-NshlI342I
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-04 17:13:19 UTC
x-served-by: cache-fra-eddf8230091-FRA
x-timer: S1699336008.113550,VS0,VE1
etag: "8b7a3436254e062758ee1da7e31172ca"
vary: Fastly-SSL
x-goog-generation: 1696434463124960
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-pulse-bc1160f70031b452aec5578d67207a0a.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 44
expires: Thu, 03 Oct 2024 17:13:19 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1686
last-modified: Wed, 04 Oct 2023 15:47:43 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=IKGGXA==, md5=i3o0NiVOBidY7h2n4xFyyg==
x-gdpr: 1
x-goog-stored-content-length: 1686
accept-ranges: bytes

GET
H2 200 icon-athletic-windup-d4cce80f590773db71172618038e5787.webp
securevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 164ms
159ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-athletic-windup-d4cce80f590773db71172618038e5787.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

7e9b1bcc8b7f6c40a146c67b1ae4d804d1a00f9374ebd5ce5b4f2de65ff69cc6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 3024666
x-guploader-uploadid: ADPycdv31GUwP6zxkqgYgnoYYHdPTDYmLCFrGpChrlV40DQ2k2RQMc3bIshybgWbLJ_1cqy-HBmpYpfMYwAJTymtvEsqvQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-03 05:35:42 UTC
x-served-by: cache-fra-eddf8230099-FRA
x-timer: S1699336008.119603,VS0,VE1
etag: "cbf08c4ea3747245058f541d8fd30518"
vary: Fastly-SSL
x-goog-generation: 1695922492049625
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-windup-d4cce80f590773db71172618038e5787.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 7164
expires: Wed, 02 Oct 2024 05:35:42 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1810
last-modified: Thu, 28 Sep 2023 17:34:52 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=DU5MYg==, md5=y/CMTqN0ckUFj1Qdj9MFGA==
x-gdpr: 1
x-goog-stored-content-length: 1810
accept-ranges: bytes

GET
H2 200 icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp
securevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 138ms
134ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

1b212ea12e667d35e7127d3c59788897d07d32a661336ccf122b02af12fab96d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 2415560
x-guploader-uploadid: ADPycdsv26WI3rnaCR9SEuuab76COBGnEf4otBMo5ocDO6YMvuaIC0NNNgdUbWFz1G88DR3CcQ8jqzwQDE8CBS8m8fcrwg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 06:47:28 UTC
x-served-by: cache-fra-eddf8230092-FRA
x-timer: S1699336008.113390,VS0,VE1
etag: "6da573b90ea5519ac60ae64a15664824"
vary: Fastly-SSL
x-goog-generation: 1696611983236738
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-bounce-6b7dccf3bd213cda0ff4e4dcaaff59e9.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1771
expires: Wed, 09 Oct 2024 06:47:28 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 2074
last-modified: Fri, 06 Oct 2023 17:06:23 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=JIYI5Q==, md5=baVzuQ6lUZrGCuZKFWZIJA==
x-gdpr: 1
x-goog-stored-content-length: 2074
accept-ranges: bytes

GET
H2 200 icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp
securevip.secureweb.top/vi-assets/static-assets/ 2 KB
3 KB 142ms
138ms Image
image/webp 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

8bafef9de45070f320e6d34730a285286b7b00ae2fbc1757ef49b1ff21d80c24

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
age: 2415559
x-guploader-uploadid: ADPycducbUMW3sAmEoDuJePVgK3ARkAp2W93nsbjDMLoX9XkaZ3jmZ6P-bsL83HKRl_70xKeFnHLANHVBJwAfXYzc0IinA
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-10 06:47:28 UTC
x-served-by: cache-fra-eddf8230048-FRA
x-timer: S1699336008.113536,VS0,VE1
etag: "b7137a8997feaa89747ffa6457a58125"
vary: Fastly-SSL
x-goog-generation: 1696611983251211
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-fulltime-3e238b9729ef70e0c8c715f60d632cd2.webp
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6937
expires: Wed, 09 Oct 2024 06:47:28 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1800
last-modified: Fri, 06 Oct 2023 17:06:23 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=iEBX8g==, md5=txN6iZf+qol0f/pkV6WBJQ==
x-gdpr: 1
x-goog-stored-content-length: 1800
accept-ranges: bytes

GET
H2 200 06dc-prexy-01-gwzf-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/06/multimedia/06dc-prexy-01-gwzf/ 15 KB
15 KB 13ms
12ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06dc-prexy-01-gwzf/06dc-prexy-01-gwzf-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4caf6c7af5ea1580e3aa315c7e5375aa7d6aec929faca9b0fe0687113cb83e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 00:45:02 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 18106
x-guploader-uploadid: ABPtcPpC4_CBALqU1ZbVj0lIUYvkTvEuXjrQjsifuWiWIPw2GfjUrmpTdgEg72cMpcc65FD4qIWMbN-GBA
x-cache: HIT, HIT
fastly-io-info: ifsz=43619 idim=600x400 ifmt=jpeg ofsz=15016 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 15016
x-served-by: cache-iad-kcgs7200114-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336008.019878,VS0,VE0
etag: "2Lt4Jyrd/S24HmE11zGDzAQmNeQbsZeOWCkzCzgn/R4"
vary: Accept
x-goog-generation: 1699317853944471
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5rIxzw==, md5=ze1XO9I1RK13QIajOV5mBw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 43619
x-amz-checksum-crc32c: 5rIxzw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 12

GET
H2 200 vendor-604cacae1060c88c58e5.js Show response
securevip.secureweb.top/vi-assets/static-assets/ 167 KB
49 KB 140ms
136ms Script
application/javascript 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/vendor-604cacae1060c88c58e5.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

d1afec1ae97e85059d8bc36b774818c924a47040f9a956870e719e7ce231dc0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1588950
x-guploader-uploadid: ADPycdssnJRkTVQo-P8TTvKXDRhd4hjDG3IT_XIX4QyYREvgDtgttGrlHxegNNpfrFFpDSDRqDPCdj8WIuftwjeGbrRisQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-19 20:24:17 UTC
x-served-by: cache-fra-eddf8230066-FRA
x-timer: S1699336008.113459,VS0,VE1
etag: "a3e34db94111a24b5c375a7c945787ec"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1697746482558466
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-604cacae1060c88c58e5.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 21728
expires: Fri, 18 Oct 2024 20:24:17 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 48639
last-modified: Thu, 19 Oct 2023 20:14:42 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=k05IUQ==, md5=o+NNuUERoktcN1p8lFeH7A==
x-gdpr: 1
x-goog-stored-content-length: 171082
accept-ranges: bytes

GET
H2 200 home-ff32cdab3f151164e72c.js Show response
securevip.secureweb.top/vi-assets/static-assets/ 790 KB
197 KB 141ms
137ms Script
application/javascript 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/home-ff32cdab3f151164e72c.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

0b75f1263c2e4a65318c576d3de943c8792d344b061a366548a1bb93ff8942aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 36402
x-guploader-uploadid: ABPtcPoyRREN2X49l9oB4W2KWHRUa_ZTsLq1Gj-K9pSMmW1fBAmOLq8fo4qvfo_NBIiqBEZCM8IaqlTeeQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 19:40:06 UTC
x-served-by: cache-fra-eddf8230061-FRA
x-timer: S1699336008.113487,VS0,VE1
etag: "66f62f17be848797fd1b4f0afd6aec27"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699299490973644
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/home-ff32cdab3f151164e72c.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3
expires: Tue, 05 Nov 2024 19:40:06 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 200127
last-modified: Mon, 06 Nov 2023 19:38:11 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=Y3UX+Q==, md5=ZvYvF76Eh5f9G08K/WrsJw==
x-gdpr: 1
x-goog-stored-content-length: 809360
accept-ranges: bytes

GET
H2 200 desktopLogoNav-c1a73e53fda9a9604a09.js Show response
securevip.secureweb.top/vi-assets/static-assets/ 1 KB
2 KB 145ms
142ms Script
application/javascript 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/desktopLogoNav-c1a73e53fda9a9604a09.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

6e2ebe67009b7cfad70167fc977f56844eae0683b216f8fb12fa6e9bdd7dac29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1839923
x-guploader-uploadid: ADPycds50l7IjN4Cmwf8fZ1JG3-GmSNNLQYqRk2PpVXRko--pKL3BD0i9FFBcduOrKSGaIY_ZNZsZ3LTFybO8HdafnfStNmUcDjC
x-goog-stored-content-encoding: identity
x-origin-time: 2023-10-12 18:35:34 UTC
x-served-by: cache-fra-eddf8230089-FRA
x-timer: S1699336008.114691,VS0,VE1
etag: "76b688f1ced157215e389b4a6a441a26"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1697135363708764
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/desktopLogoNav-c1a73e53fda9a9604a09.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2782
expires: Fri, 11 Oct 2024 18:35:34 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 840
last-modified: Thu, 12 Oct 2023 18:29:23 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=dgz+Bg==, md5=draI8c7RVyFeOJtKakQaJg==
x-gdpr: 1
x-goog-stored-content-length: 1488
accept-ranges: bytes

GET
H2 200 nestedNav-f8a37c36fb79026d0359.js Show response
securevip.secureweb.top/vi-assets/static-assets/ 106 KB
15 KB 147ms
144ms Script
application/javascript 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/nestedNav-f8a37c36fb79026d0359.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

868fa0aee4b3170445519391c249b544438425cdb392aba77b9dae9b5ea7e27f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 45965
x-guploader-uploadid: ABPtcPqWGDQhFNOu67PSJXOpS4zc-8rqNlgJcglB6PRfu8rthgCmqPrIia0baVr0YmGQX0Sziq7H05uaEg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 17:00:43 UTC
x-served-by: cache-fra-eddf8230117-FRA
x-timer: S1699336008.113692,VS0,VE1
etag: "223ae12e2dc10c616040d88c61c052db"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699290028186751
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/nestedNav-f8a37c36fb79026d0359.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 355
expires: Tue, 05 Nov 2024 17:00:43 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14040
last-modified: Mon, 06 Nov 2023 17:00:28 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=PTWvXg==, md5=IjrhLi3BDGFgQNiMYcBS2w==
x-gdpr: 1
x-goog-stored-content-length: 108106
accept-ranges: bytes

GET
H2 200 main-f6e9bf5bf8e07ff87fa7.js Show response
securevip.secureweb.top/vi-assets/static-assets/ 2 MB
482 KB 144ms
141ms Script
application/javascript 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/main-f6e9bf5bf8e07ff87fa7.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

52dc9d8c27d10f6478e371f82bd0e12f56758f4c40337149c3bfd0df8318a5b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 39373
x-guploader-uploadid: ABPtcPqdzpadAFUVyiTqHXPXg1Fzjn4OyAUPmZNG2V2YQSv3hIkzyFvQaaXkeFbXtPLxvxCnnCpF_IT4rg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 18:50:39 UTC
x-served-by: cache-fra-eddf8230032-FRA
x-timer: S1699336008.113552,VS0,VE1
etag: "07218d73f76f6a22f47bcd8384265564"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699296528595840
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-f6e9bf5bf8e07ff87fa7.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9
expires: Tue, 05 Nov 2024 18:50:35 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 491269
last-modified: Mon, 06 Nov 2023 18:48:48 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=mHWP6w==, md5=ByGNc/dvaiL0e82DhCZVZA==
x-gdpr: 1
x-goog-stored-content-length: 1734191
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 447 KB
121 KB 51ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ea98f2e24222234229cb836e4616568812b330adcc25f911b3cc613a3604de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123311
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 158ms
117ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://securevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-length: 0
date: Tue, 07 Nov 2023 05:46:48 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EUDE:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: HE
x-samizdat-query-exe-id: 976d25318b5f3536
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-etou8220094-FRA
x-timer: S1699336008.022087,VS0,VE111

POST
H2 200 track
a.et.nytimes.com/ 0
0 352ms
120ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET als
als-svc.nytimes.com/ 0
0

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 15 KB
6 KB 56ms
11ms Script
application/javascript 2600:9000:2491:1200:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:03:31 GMT
x-amz-version-id: 97N1XuC065XmB4DEf6HyYikKPu2vnzE3
content-encoding: br
last-modified: Sat, 30 Sep 2023 14:56:12 GMT
server: AmazonS3
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 2598
x-amz-cf-id: n2CB5fCFNWHhIbXSXufYd8ejtjKVPEyJQMbf6Xsju_eHQFSoECQf2w==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 265 KB
65 KB 61ms
6ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:41:41 GMT
content-encoding: gzip
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
last-modified: Wed, 01 Nov 2023 21:46:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 308
x-amz-server-side-encryption: AES256
etag: W/"952090f32d44601808d121a61e707826"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: HMchJsYtVNR6fzshQARkcWuFJud45ZBPUz3g-jwDUgYgCUE6NeHhag==

GET
H2 200 prebid8.1.0.js Show response
www.nytimes.com/ads/ 302 KB
96 KB 56ms
8ms Script
text/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/prebid8.1.0.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1384
x-guploader-uploadid: ADPycdsUdeFaKXVxFq9sYced9gbCBWviM10gQfQwbxF_yuQulHThWV0Tkd-Fnbve_rcS6N0r3fOIRgFnrhtzD_Bz3WuMjg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-07-07 16:39:04 UTC
x-served-by: cache-fra-eddf8230065-FRA
x-timer: S1699336008.083619,VS0,VE1
etag: "69d0b1569bbd0b87116d60db3a12cd34"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1687806692468937
content-type: text/javascript
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.1.0.js
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview: 0
x-nyt-route: ads-static-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4
expires: Fri, 07 Jul 2023 16:39:04 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
content-length: 97611
last-modified: Mon, 26 Jun 2023 19:11:32 GMT
server: UploadServer
x-goog-hash: crc32c=VcerCA==, md5=adCxVpu9C4cRbWDbOhLNNA==
x-gdpr: 1
x-goog-stored-content-length: 308841
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73bd4d0f8a3ec1a6b0ec41f111a2b46ba4c242d4dc7bdf0817c4af97a6dfa48e

Request headers

Referer
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 24ms
8ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 17 Jul 2024 01:51:27 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 9690919
x-guploader-uploadid: ADPycdukQL-qvgibY3peXMfS72fA6NpBf1kj7YzjAC6ujpgw_6hsjM_3grlp_k3j2T6wUPaBPjsRE7UVmYhaamjajINqRDPWPJuJ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1699336008.028258,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1673991776265363
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 11925

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 30ms
16ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 09 Oct 2024 03:05:29 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2428878
x-guploader-uploadid: ADPycdueQ6Rnxcn3qKwC17Sqeq5rar05w5SxtnisB0ZVGGlMEml3iKvsLbMM5lB9tw0wFYOP5A8ea1gK2TDh3GwnR5gcitTps82I
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1699336008.028898,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation: 1673991776231570
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 12025

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 29ms
14ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Sat, 21 Sep 2024 23:22:06 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2267798
x-guploader-uploadid: ADPycdtcubMiwfcQF0zjjS_rhEJ0pSZNds_QHcSrP3kcQpO23yvTug3K-UhX3yc6HixAW6WolpdoiKak_yLHyeHBzfrY6yGymjvX
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1699336008.028948,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
x-goog-generation: 1673991776257702
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20196
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9338

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 29ms
15ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 23:34:53 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1832108
x-guploader-uploadid: ADPycdugHm5dt_wCjAcnGMLnBFPjBOh2FDwEp4oWgdJFr6EXY76--AZhjYkLX4xcH84B-KNFAzH99yACQEyeaHbpEEF2DQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336008.028954,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
x-goog-generation: 1673991775200429
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 6870

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 29ms
15ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 00:32:20 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 24729267
x-guploader-uploadid: ADPycdu8EQpQm3V7zdMFkJ8XgnencwVnT2B2YUBtaf-sewkAiBh8gRLsetmgM9V27ohK7R6xXMuURFc3DzPNRarYrc9Kgw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1699336008.028959,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation: 1673991776736810
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 10912

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 23ms
9ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 25 Jan 2024 00:37:40 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1225515
x-guploader-uploadid: ADPycdt38TCVFQs07sap3a_qPNNQhOB-oNJNkUm_5NonsSEFt4KS8xlMhMrghM6zQ_O5kimI_tkdWYmaGFdi_deDSjYNLGG5VM4c
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336008.028213,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation: 1673991775007595
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7811

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 38ms
24ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 30 Apr 2024 23:46:34 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1142820
x-guploader-uploadid: ADPycdsieML4XuwXFGqb9edZuCzrTUFlXDh-P9aDq6_mj1SAPBD_xFNAu5ycd1rrBhr_13xBo5niJr93aODWEUAWKo5O
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336008.029235,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
x-goog-generation: 1673991775015704
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26448
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 5644

GET
H2 200 karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2
g1.nyt.com/fonts/family/karnak/ 23 KB
23 KB 13ms
12ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/karnak/karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 00:16:17 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 627844
x-guploader-uploadid: ADPycdu3ELhz8_QKXX4Kg_2lJKB_OHfN8bPLGumKNZY8cr8503NC7MkR6pdS6H5mBv93x0PWleqKalCGQGOz4pGl2vhVsOcYqkHM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23400
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:57 GMT
server: UploadServer
x-timer: S1699336008.108601,VS0,VE0
etag: "4a0c7e79ac2f009f12f9106482c961c4"
x-goog-generation: 1673991777120718
x-goog-hash: crc32c=a9fAaA==, md5=Sgx+eawvAJ8S+RBkgslhxA==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23400
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 513

GET
H2 200 cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
24 KB 13ms
13ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Wed, 02 Oct 2024 04:06:39 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 523970
x-guploader-uploadid: ADPycduiH73gcBql1ZP_0JiTMnlwwauA7s-59eMoAcVpIQvKf_GdFsxHFuDfRKX8ETI75oz5qHuE0B9-4dkiBj5TzPl5MQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24028
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336008.108694,VS0,VE0
etag: "cdfa0ec29cca8c2d2f54c79d898e15c1"
x-goog-generation: 1673991775386814
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=2JQyuQ==, md5=zfoOwpzKjC0vVMediY4VwQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24028
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 6

GET
H2 200 cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
23 KB 16ms
15ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 12 Sep 2024 03:31:55 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 4760093
x-guploader-uploadid: ADPycdvILR6hNe8vqXLmgWwGG23uuwLxWhV8v_CW2-PNCBapsczK_jZrFUa-4JDkqvbxWEWnsd6GHxYjaEXwSFc5RLhiFw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23704
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336008.109423,VS0,VE0
etag: "1a0b316424cdebd18086b8dbbc768eef"
x-goog-generation: 1673991775396405
x-goog-hash: crc32c=FTq84Q==, md5=GgsxZCTN69GAhrjbvHaO7w==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23704
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 9

GET
H2 200 cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
g1.nyt.com/fonts/family/cheltenham-text-cond/ 28 KB
29 KB 17ms
16ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-text-cond/cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://securevip.secureweb.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 19 Sep 2024 07:58:17 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1801077
x-guploader-uploadid: ADPycdtLis9oqwwHlhWXOnqLhK6i7dzHtJjxKPtlo_fHql7qGmGiBl653yJIwd1SltlD2hurnWKCqpGPhsFST95y2d3Sow
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28868
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1699336008.109698,VS0,VE0
etag: "7e78f9e7e6c2e02d82592c4466929fa3"
x-goog-generation: 1673991775506403
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=UQFt6w==, md5=fnj55+bC4C2CWSxEZpKfow==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 153 KB
51 KB 7ms
7ms Script
text/javascript 2600:9000:2491:1200:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:1200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9fd1e8da45cc479046e68a609cadd9bdb7b4e177687de4bdd890c7cb78b6e6f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:03:31 GMT
x-amz-version-id: Nklf6y34OT9zHX7ff24nvhkolvWvhDW6
content-encoding: br
last-modified: Tue, 07 Nov 2023 04:31:52 GMT
server: AmazonS3
via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/"0628f3516309253b0c0cc2225d924cf4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 2598
x-amz-cf-id: NeAVIe8te39XzuhJQflZ3UnE19vJSMwh5vhLgW1ZY2JK8uYrERCeFg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
31 KB 104ms
76ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b6437fab9bc6490c08e4a4870c4eb33f626518d918a7fa299eef27bb3c33022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31163
x-xss-protection: 0
server: cafe
etag: 634 / 19668 / 31079420 / config-hash: 14006379532634456263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 07 Nov 2023 05:46:48 GMT

GET
H2 200 3030 Show response
config.aps.amazon-adsystem.com/configs/ 505 B
780 B 42ms
6ms Script
application/javascript 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3030
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-4.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 56e6f324b5c96993959adc6f720bfb789bdf4a9db9e2ef5ba1e78ff0ab712225

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:11:00 GMT
via: 1.1 b30b1c2659a3fb836783824fe37110ee.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
age: 2148
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 505
x-amz-cf-id: jEEMGOBcy_zu4N58G3mavDn5XVfcNon9rbr91LtjcLswhlXn3DCo2Q==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 103ms
103ms XHR
text/plain 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fsecurevip.secureweb.top
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:47 GMT
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
access-control-allow-origin: https://securevip.secureweb.top
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: btHTLj8HGAAtqaTBtEcuZPUaQjdaQ2tZ0j_p-U41OCdO-eT3EF6vWg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
510 B 101ms
38ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fsecurevip.secureweb.top%2F&pid=8LSWe9GK4sMfA&cb=0&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: DT0JNW4C4ZF872MCY13V
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://securevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: kKQHg2ux6F7dIi3qwFx38ZaaTOg-FyuZ3tQnQVrJC4E66NAlIfc0Cg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 415ms
394ms XHR
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:49 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: I6X5ctr8OIXTNnulKXpYuJhq7Tquxh8HpqKmiX6y-KexGttueEuGRA==

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 53 B
624 B 44ms
14ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:48 GMT
an-x-request-uuid: 4448694f-77c6-48b6-8917-e44886e7c0fd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.134; 138.199.38.134; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 53
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
255 B 52ms
16ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 8b44657fba4a5f7f7217acab9b1bf55d71aad13f4d482ff67df1e73d46147d1f

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Nov 2023 05:46:48 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://securevip.secureweb.top
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
608 B 72ms
9ms XHR
application/json 35.156.170.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.1.0&referrer=https%3A%2F%2Fsecurevip.secureweb.top%2F&tmax=10000

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.156.170.234 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-170-234.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:48 GMT
accept-ch: sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink
x-auction-status: 3, 3, 3, 3, 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 434 B
786 B 64ms
12ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=securevip.secureweb.top&tg_i.page=https%3A%2F%2Fsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_top&tg_i.pbadslot=dfp-ad-top&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=20973dc7fbcfc6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7681599283466265
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4db26d30e230d70262a092bff4eaf8c9e77098fb7715d1f08093579d9a7d926d

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 434
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
787 B 62ms
10ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=securevip.secureweb.top&tg_i.page=https%3A%2F%2Fsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_mid1&tg_i.pbadslot=dfp-ad-mid1&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=215f52e331290f3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3775157831708844
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 34b6815440fe059ee3b784821e98111ebe23f37762092fcfafb3397a3cdaff82

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 436
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
787 B 62ms
11ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=securevip.secureweb.top&tg_i.page=https%3A%2F%2Fsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_mid2&tg_i.pbadslot=dfp-ad-mid2&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=2293f242b73a04b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5995322752139509
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b62c920ab03d3341e126fa542864d12aa6156f16ab0e1512bacf006fe0aa6cb5

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 436
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
968 B 59ms
8ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=securevip.secureweb.top&tg_i.page=https%3A%2F%2Fsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_mid3&tg_i.pbadslot=dfp-ad-mid3&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=23af2a76c715626&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9968664678398611
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1fbbb0b7c2a704c88a0856a46eb53d57c02e37c6a21e24dac7954f05287c37ad

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 436
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 440 B
791 B 59ms
9ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088374&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fsecurevip.secureweb.top%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=securevip.secureweb.top&tg_i.page=https%3A%2F%2Fsecurevip.secureweb.top%2F&tg_i.invCode=nyt_home_bottom&tg_i.pbadslot=dfp-ad-bottom&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=2401559a7b1b609&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8821297323359287
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2d153e1c7bf7bbb2310000deae56a055fd9343db54be3614b0b898e1953da621

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 440
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 334 B
740 B 202ms
155ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: fd9575fce53dce99b77257d894927fa4f5bfe59d1a2b6d793d8b3d01bf15cd6e

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://securevip.secureweb.top
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 07 Nov 2023 05:46:48 GMT

GET
H2 200 vendors~allAccessLandingPage~bestsellers~card~collections~cookingLandingPage~explainer~gamesGiftLand~294d5d80-35ba912c048d03f4db3a.js Show response
securevip.secureweb.top/vi-assets/static-assets/ 44 KB
10 KB 80ms
78ms Script
application/javascript 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingLandingPage~explainer~gamesGiftLand~294d5d80-35ba912c048d03f4db3a.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

4501bb0294daf1a98751db74fe0917f9134d90ab743318c3e8a7d9722efbae41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 45148
x-guploader-uploadid: ABPtcPricut4U1z8vQu7WFBu8J5YBU41OiSSwBqzxvG6Jw5U8hcoygEihPgjyYcUyjL95UyeKAIvJay3Wg
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 17:14:20 UTC
x-served-by: cache-fra-eddf8230136-FRA
x-timer: S1699336009.574054,VS0,VE1
etag: "bc5ac66573bd426320b5d3b3e2fdebba"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699290518944923
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~allAccessLandingPage~bestsellers~card~collections~cookingLandingPage~explainer~gamesGiftLand~294d5d80-35ba912c048d03f4db3a.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 639
expires: Tue, 05 Nov 2024 17:14:20 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 9124
last-modified: Mon, 06 Nov 2023 17:08:39 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=I/zq0Q==, md5=vFrGZXO9QmMgtdOz4v3rug==
x-gdpr: 1
x-goog-stored-content-length: 44674
accept-ranges: bytes

GET
H2 200 vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~9963152a-19e89dc7a603e4102bca.js Show response
securevip.secureweb.top/vi-assets/static-assets/ 199 KB
55 KB 81ms
79ms Script
application/javascript 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~9963152a-19e89dc7a603e4102bca.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

94df5d2926f84023b53a7b88d959ec0a24857fccc905c82b5bee2869845eb4c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 480344
x-guploader-uploadid: ABPtcPoD5YzTLBYaXzKZE9EU40pxXPmS4TgokDE4oRP0fuo73_cvKAPU_2uJHPibJvOm8gA9U6wwNxX__g
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-01 16:21:03 UTC
x-served-by: cache-fra-eddf8230051-FRA
x-timer: S1699336009.575788,VS0,VE1
etag: "559367abf8d93938749b090dcf53a49b"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1698855661331513
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~accessCodeLPAllAccess~accessCodeLPCooking~accessCodeLPGames~accessCodeLPNews~activateaccess~~9963152a-19e89dc7a603e4102bca.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5902
expires: Thu, 31 Oct 2024 16:21:03 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 54366
last-modified: Wed, 01 Nov 2023 16:21:01 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=lv0vnA==, md5=VZNnq/jZOTh0mwkNz1Okmw==
x-gdpr: 1
x-goog-stored-content-length: 204119
accept-ranges: bytes

GET
H2 200 vendors~audio~bestsellers~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~slide~b202aa65-3e08838b78a41d5f409d.js Show response
securevip.secureweb.top/vi-assets/static-assets/ 46 KB
15 KB 98ms
97ms Script
application/javascript 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/vi-assets/static-assets/vendors~audio~bestsellers~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~slide~b202aa65-3e08838b78a41d5f409d.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

cb554020ec10b151dcccf7f5eae72f7807d392f2324582f4ae45168ccf9b007e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 36407
x-guploader-uploadid: ABPtcPrdeUJRVLDdAtEM0rK4OCylDl_js0HB30P3-car7YDSuYOg5o4_yC2YyUJ4B2BBFFDTcuw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-11-06 19:40:02 UTC
x-served-by: cache-fra-eddf8230066-FRA
x-timer: S1699336009.640546,VS0,VE1
etag: "6bcf719b5c3e4391f14146dd1e4911bc"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1699299492364100
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~slide~b202aa65-3e08838b78a41d5f409d.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 420
expires: Tue, 05 Nov 2024 19:40:02 GMT
date: Tue, 07 Nov 2023 05:46:48 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14309
last-modified: Mon, 06 Nov 2023 19:38:12 GMT
server: nginx/1.24.0
x-goog-hash: crc32c=nl8vAg==, md5=a89xm1w+Q5HxQUbdHkkRvA==
x-gdpr: 1
x-goog-stored-content-length: 46690
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
61 KB 27ms
9ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cf9d55fffe8603f5953f97b9bb0c0328d40ed1b150fe876345f0dd58e74ca5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62487
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Nov 2023 05:46:48 GMT

GET
H2 200 tags.js Show response
dd.nytimes.com/ 227 KB
47 KB 115ms
7ms Script
text/javascript 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-36.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

8efe1572be12f6646d54cfb294c79d31a010fa99cf4948e168582234b0464f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
date: Tue, 07 Nov 2023 05:26:33 GMT
x-amz-cf-pop: FRA56-P2
age: 1216
x-cache: Hit from cloudfront
content-length: 47609
last-modified: Tue, 31 Oct 2023 08:00:41 GMT
server: Apache
etag: "38dd0-608fe8d090ad9-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: 7L7DFS6mm27h8ev8w8_VsK7ocpKL7vZEqNfH_HzPAEzeJj_aeI9FMA==
expires: Tue, 07 Nov 2023 06:26:32 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 34ms
8ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1699336008625&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fsecurevip.secureweb.top%2F&c9=
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:48 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 5axGNbQUFayTY2tCKBF4Ce2em_ioLCtR0byg06S4l-4tSPriHvFWTA==
x-cache: Miss from cloudfront

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 134ms
134ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://securevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-encoding: gzip
content-length: 20
date: Tue, 07 Nov 2023 05:46:49 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EUDE:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: MISS
x-nyt-meridiem: AM
x-nyt-region: HE
x-samizdat-query-exe-id: aeaa4dec1b799f12
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-etou8220094-FRA
x-timer: S1699336009.125330,VS0,VE111

GET
H2 200 market Show response
securevip.secureweb.top/api/ 516 B
1 KB 20ms
20ms Fetch
application/json 94.131.110.93
STARK-INDUSTRIES

General

Check archive.org

Show headers Download Go to

Full URL

https://securevip.secureweb.top/api/market

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.131.110.93 Frankfurt am Main, Germany, ASN44477 (STARK-INDUSTRIES, GB),

Reverse DNS

secureweb.top

Software

nginx/1.24.0 /

Resource Hash

be9dcda7136b10664180d9376d56acf52cb27126082e1dd1fda47ca67316de55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:49 GMT
content-encoding: gzip
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-api-version: F-F-X
age: 24
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT, HIT
content-length: 255
x-origin-time: 2023-11-07 05:46:24 UTC
x-served-by: cache-lga21927-LGA, cache-fra-eddf8230036-FRA
server: nginx/1.24.0
x-timer: S1699336009.116921,VS0,VE1
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/api/market
cache-control: s-maxage=60,(null)
x-nyt-route: market
x-nyt-app-webview: 0
x-gdpr: 1
x-nyt-edge-cache: HIT-HIT
accept-ranges: bytes
x-cache-hits: 12, 1

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET purr-cache
purr.nytimes.com/v1/ 0
0

GET data-layer
a.nytimes.com/svc/nyt/ 0
0

GET
H2 200 nested-nav2.json Show response
static01.nyt.com/newsgraphics/sujo/ 1 KB
773 B 121ms
120ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/newsgraphics/sujo/nested-nav2.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

17615132642880808e44f8f5b54edef8ee37a514e003b6faf98014ecca401194

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 05:46:54 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 0
x-guploader-uploadid: ABPtcPrH6Se3_2MxXB2BmxZeDvFRxF9EtPoX-h7lmrld0_sQ6ELUblPiJSNQ3qtnoEJJ8hup6pM
x-cache: MISS, MISS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 647
x-served-by: cache-iad-kcgs7200177-IAD, cache-fra-etou8220094-FRA
x-amz-meta-checksum
last-modified: Mon, 06 Nov 2023 15:23:16 GMT
server: UploadServer
x-timer: S1699336009.233812,VS0,VE113
etag: "ff0b0bfbb417a399fc27134f846d8c1b"
vary: Origin, Accept-Encoding
x-goog-generation: 1699284196140782
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=3F6zzA==, md5=/wsL+7QXo5n8JxNPhG2MGw==
cache-control: max-age=5
x-goog-stored-content-length: 1475
x-amz-checksum-crc32c: 3F6zzA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 nested-nav2.json Show response
static01.nyt.com/newsgraphics/sujo/ 1 KB
1 KB 119ms
119ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/newsgraphics/sujo/nested-nav2.json

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

17615132642880808e44f8f5b54edef8ee37a514e003b6faf98014ecca401194

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 05:46:54 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 0
x-guploader-uploadid: ABPtcPrH6Se3_2MxXB2BmxZeDvFRxF9EtPoX-h7lmrld0_sQ6ELUblPiJSNQ3qtnoEJJ8hup6pM
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 647
x-served-by: cache-iad-kcgs7200177-IAD, cache-fra-etou8220094-FRA
x-amz-meta-checksum
last-modified: Mon, 06 Nov 2023 15:23:16 GMT
server: UploadServer
x-timer: S1699336009.234000,VS0,VE113
etag: "ff0b0bfbb417a399fc27134f846d8c1b"
vary: Origin, Accept-Encoding
x-goog-generation: 1699284196140782
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=3F6zzA==, md5=/wsL+7QXo5n8JxNPhG2MGw==
cache-control: max-age=5
x-goog-stored-content-length: 1475
x-amz-checksum-crc32c: 3F6zzA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 1

GET
H2 200 06trump-trial-hp1-qbtc-threeByTwoSmallAt2X-v3.jpg
static01.nyt.com/images/2023/11/06/multimedia/06trump-trial-pinned-01/ 39 KB
40 KB 9ms
7ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06trump-trial-pinned-01/06trump-trial-hp1-qbtc-threeByTwoSmallAt2X-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f256b1151bcdcb1156ec95c6e40a56f17a91ef8b6668bcd9d113779d98cebf42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 22:54:25 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 24745
x-guploader-uploadid: ABPtcPrGbHDBqeXjo0F1n5ALdGIGAtlU8bPiq1WeotQlGMqfP5-3oJwj-BHdr_b8H8NtnJ5RovmJQ_gFJQ
x-cache: HIT, HIT
fastly-io-info: ifsz=84842 idim=600x400 ifmt=jpeg ofsz=39778 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 39778
x-served-by: cache-iad-kcgs7200080-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.581763,VS0,VE0
etag: "5XCiefd/KYMBjvIVJPn75lgHCvaxLvfEIEvJrw0diyM"
vary: Accept
x-goog-generation: 1699311213693089
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=AJiDRA==, md5=LeqgzaI0HKxTlrxCqovzJA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 84842
x-amz-checksum-crc32c: AJiDRA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 31, 15

GET
H2 200 06wework-bankruptsy-sub-chlk-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/06/multimedia/06wework-bankruptsy-sub-chlk/ 31 KB
31 KB 12ms
10ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06wework-bankruptsy-sub-chlk/06wework-bankruptsy-sub-chlk-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9ec978213051509467672fa65a939d16cadd988e81d53c81bf6fd5b81e90151f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 02:24:58 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300709
age: 12111
x-guploader-uploadid: ABPtcPpfEys8__j9QWV6Wz83DyB4B606Wch4fdjf-khEL4ae00lTTW9Qjv89BdI4OEjj-KZTyHBccH5Orw
x-cache: HIT, HIT
fastly-io-info: ifsz=69516 idim=600x400 ifmt=jpeg ofsz=31732 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 31732
x-served-by: cache-iad-kcgs7200143-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.582598,VS0,VE0
etag: "TI4efoW9XwAQX/QTH8m57GfZ3IcP/jNcPpC/RyiDVj0"
vary: Accept
x-goog-generation: 1699323786293598
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=xhs/lQ==, md5=GUDexhcKbu5f0TMlGaxDlQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 69516
x-amz-checksum-crc32c: xhs/lQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 103, 7

GET
H2 200 07STREISAND-REVIEW-tgch-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/07/multimedia/07STREISAND-REVIEW-tgch/ 10 KB
10 KB 12ms
10ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/07/multimedia/07STREISAND-REVIEW-tgch/07STREISAND-REVIEW-tgch-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3f91fa3c8c68bf9155006b179e21c46ef9abf71d6b5a4e11a74a40e5b176da65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 05:02:25 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 2663
x-guploader-uploadid: ABPtcPrGTvOuqCUBICwH07er1_XAwx11tHw3f2b5cro1faiZEmbu_fj6uAxo2iOrzJjgdavvMgmQVLl_yQ
x-cache: HIT, HIT
fastly-io-info: ifsz=23159 idim=600x400 ifmt=jpeg ofsz=9840 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 9840
x-served-by: cache-iad-kcgs7200095-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.582666,VS0,VE0
etag: "Yaj4cTlcqCiGOYdBsmZMExsxrAmTemu7ujBdNESSfro"
vary: Accept
x-goog-generation: 1699333287748155
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=3doRcQ==, md5=2BhormZQQit/pp7DSG3frw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 23159
x-amz-checksum-crc32c: 3doRcQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24, 4

GET
H2 200 06china-debt-01-cmpl-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/06/multimedia/06china-debt-01-cmpl/ 48 KB
48 KB 10ms
8ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06china-debt-01-cmpl/06china-debt-01-cmpl-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

15bb3ffc59f462f8200d11db9a59ac35b5ed9b197e6d20596fc68fa16e73de69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 23:01:05 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 24345
x-guploader-uploadid: ABPtcPorl02Bci88W-6cVAcsm5Qd4INyhypxcn6Z8xC3rkHPrs-KLmmjkSbVJ-UyfrP12S2eMGQ
x-cache: HIT, HIT
fastly-io-info: ifsz=95374 idim=600x400 ifmt=jpeg ofsz=49134 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 49134
x-served-by: cache-iad-kcgs7200058-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.582315,VS0,VE0
etag: "h+Z5p4WR+ME0onW+a6+QWsq0l+HxHk3KCpG4wV8z0ZE"
vary: Accept
x-goog-generation: 1699311607255206
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=sKxTAA==, md5=+uvVBYx7nAKJWpx8CzYjaQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 95374
x-amz-checksum-crc32c: sKxTAA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 9

GET
H2 200 00privatenyc-bond-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/10/19/nyregion/00privatenyc-bond/ 24 KB
24 KB 13ms
12ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/10/19/nyregion/00privatenyc-bond/00privatenyc-bond-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

39cb04ebdef1112f9cfd08ab486e0c2f94692d63e04eaa079512f8a14cf910e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 08:25:27 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300715
age: 76882
x-guploader-uploadid: ABPtcPq4lfP5-frvTjESJZNUCZDTe4dHMwd0eL-IJ6UhSRys8Gk6ZF94Ggqm02OoKVVgLmR-CfGtT3fxQQ
x-cache: HIT, HIT
fastly-io-info: ifsz=68504 idim=600x400 ifmt=jpeg ofsz=24124 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 24124
x-served-by: cache-iad-kcgs7200098-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.582768,VS0,VE0
etag: "fd0ZgntsBn7AtBxROeyewPXwOsGBCExg/F3/r6EVnyM"
vary: Accept
x-goog-generation: 1699257615842854
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=seb51Q==, md5=LDsAT470mpFvAkJzxdo2PQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 68504
x-amz-checksum-crc32c: seb51Q==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 9

GET
H2 200 05dc-biden-flvm-threeByTwoSmallAt2X-v2.jpg
static01.nyt.com/images/2023/11/05/multimedia/05dc-biden-flvm/ 22 KB
22 KB 10ms
8ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/05/multimedia/05dc-biden-flvm/05dc-biden-flvm-threeByTwoSmallAt2X-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2db2cfa6273e20e55276f9e79223a43ac226bd4abcdc7db55a2764b9417ee3b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 15:20:06 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300717
age: 52003
x-guploader-uploadid: ABPtcPqrgZLEyiyPgQe7arIhsRG1qHUjkfBahaQ2VTpJvhRhmJhA0orysuv7tSj2EndtmeEvu94
x-cache: HIT, HIT
fastly-io-info: ifsz=58586 idim=600x400 ifmt=jpeg ofsz=22384 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 22384
x-served-by: cache-iad-kjyo7100129-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.582347,VS0,VE0
etag: "cXrQ8bmOwn5SyGN0udQ3teRNwCD8Jw6PS0yP+GPYjdU"
vary: Accept
x-goog-generation: 1699283999649742
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=N1Bjww==, md5=Dqu94bJl4fBA+btwTKAE0g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 58586
x-amz-checksum-crc32c: N1Bjww==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 58, 5

GET
H2 200 06nat-covenant-bwmj-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/11/06/multimedia/06nat-covenant-bwmj/ 52 KB
53 KB 10ms
6ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06nat-covenant-bwmj/06nat-covenant-bwmj-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

99c47f89457c9ad74212dcf0d7c3b0d893212fb17f0473dd592fdb1bf8611d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 07 Nov 2023 01:17:10 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300712
age: 16179
x-guploader-uploadid: ABPtcPp_QHgt1E5mBXcAp60BcrXxSAhLdJm0UuV0hSxmWVylRqdz8K_3LvYCNuzA8nmiIJUqKrFKckncSQ
x-cache: HIT, HIT
fastly-io-info: ifsz=100302 idim=600x400 ifmt=jpeg ofsz=53642 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 53642
x-served-by: cache-iad-kjyo7100082-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.594175,VS0,VE0
etag: "c9rjdQjnZ91V2wUJi7qIxr3EPzctGf99wfZpapJjTVU"
vary: Accept
x-goog-generation: 1699319790160836
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=sP/pdg==, md5=ZSme6t52MtwsUvvZ2ZcRFQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 100302
x-amz-checksum-crc32c: sP/pdg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 81, 5

GET
H2 200 paul-krugman-thumbLarge.png
static01.nyt.com/images/2018/04/02/opinion/paul-krugman/ 21 KB
22 KB 9ms
6ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/04/02/opinion/paul-krugman/paul-krugman-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fb177985ebe75561e65bcb91d425186017f2017e70c5c7f8cf8915ef7e403181

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 02:09:42 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300713
age: 13021
x-guploader-uploadid: ADPycdv8XKkQxnOkD2NHq3d_1ASS-SztOTwWVQP_qad-z4bep1NhUg_ZEreVreJsvM9TJcYck7WpOFd9nJN7nZjBkP4HB6BRGwE0
x-cache: HIT, HIT
fastly-io-info: ifsz=35334 idim=150x150 ifmt=png ofsz=21898 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 21898
x-served-by: cache-iad-kcgs7200107-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.594953,VS0,VE0
etag: "25/bK4qfzv2YH7IHtdmueBNh4xhIINR0fD+lcq1TdCk"
vary: Accept
x-goog-generation: 1522683526678420
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=qhevTQ==, md5=m29KXnfO3NU0MLAVICO8qQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 35334
x-amz-checksum-crc32c: qhevTQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5831, 18

GET
H2 200 06udel-square320-v3.jpg
static01.nyt.com/images/2023/11/06/opinion/06udel/ 38 KB
38 KB 9ms
7ms Image
image/jpeg 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/opinion/06udel/06udel-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cceac7ac0d2450faea3f70111cdd13df45e3c976deb8cb3e989da68e145651eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 17:50:21 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 42989
x-guploader-uploadid: ABPtcPoResaYnIAm8iIu__HGgZYAI17mdpE_3BBjQ2LXyboCTPDStPltPsTmuO7SJtlYGD7PD_lfTY1eqg
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 38638
x-served-by: cache-iad-kiad7000118-IAD, cache-fra-eddf8230065-FRA
last-modified: Mon, 06 Nov 2023 17:50:18 GMT
server: UploadServer
x-timer: S1699336010.595159,VS0,VE0
etag: "433f21041ac7fdfdb7dc64d143eb84e2"
vary: Accept
x-goog-generation: 1699293018680704
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=hqr/UA==, md5=Qz8hBBrH/f233GTRQ+uE4g==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 38638
x-amz-checksum-crc32c: hqr/UA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 36

GET
H2 200 Wehner-Peter-circular-thumbLarge-v3.png
static01.nyt.com/images/2015/03/16/opinion/Wehner-Peter-circular/ 19 KB
20 KB 11ms
9ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2015/03/16/opinion/Wehner-Peter-circular/Wehner-Peter-circular-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cb9b31ff535e2b76cf704d03beeeb2b2a60e6a6206b9759040430cc7774ba72e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 13:30:38 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 446259
x-guploader-uploadid: ADPycdvAvLMMNBtHIlRRpCvedYpo35NdYTt_KCrJxhxA5OVTkvv2iUMBbknzdHEHuts3lwFW-V_6FiCBMM3vUgkbyibmv2tU3G23
x-cache: HIT, HIT
fastly-io-info: ifsz=31794 idim=150x150 ifmt=png ofsz=19696 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19696
x-served-by: cache-iad-kcgs7200092-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.595684,VS0,VE0
etag: "LQ5hop57rUyQxG2a6RuS8SBcYi5kFzWJBqZuGMAUUM8"
vary: Accept
x-goog-generation: 1526145388159876
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=2G43EQ==, md5=KNevhKr8t5fsBgxv57LHIQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 31794
x-amz-checksum-crc32c: 2G43EQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9, 240

GET
H2 200 linda-greenhouse-thumbLarge.png
static01.nyt.com/images/2018/04/02/opinion/linda-greenhouse/ 24 KB
25 KB 9ms
8ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/04/02/opinion/linda-greenhouse/linda-greenhouse-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4c7e66d672ad01d9a4b945bb09097d6776e2c05383c48f6c64aba44cc24fe96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 06:57:12 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300720
age: 306658
x-guploader-uploadid: ADPycds2reim6dMEj2f2HcFnaMZpwWc0_oWHBaAHWsmu44vfrUyiIA-pdAjKTWalq383IRrRG8iKufqZi5ufcf_i9-vDBkX2mUXP
x-cache: MISS, HIT
fastly-io-info: ifsz=37145 idim=150x150 ifmt=png ofsz=24872 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 24872
x-served-by: cache-iad-kjyo7100055-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.595321,VS0,VE0
etag: "6NTQSfiCy/NzG8Auma603MGcJGgtK4cRp27daplZfTM"
vary: Accept
x-goog-generation: 1522685321653393
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=YbQBgA==, md5=ZAZNv8Bo5h9AIN0Zs6vXxQ==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 37145
x-amz-checksum-crc32c: YbQBgA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 552

GET
H2 200 06Havrilesky-1-zbhj-square320-v3.jpg
static01.nyt.com/images/2023/11/06/multimedia/06Havrilesky-1-zbhj/ 30 KB
30 KB 10ms
10ms Image
image/jpeg 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/11/06/multimedia/06Havrilesky-1-zbhj/06Havrilesky-1-zbhj-square320-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6cc3281cee537a9c05efa58b1f4b9df336d2ad10f511eb6af0b620e65b45ed6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Mon, 06 Nov 2023 16:17:38 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 48551
x-guploader-uploadid: ABPtcPqfGV_EOJYxQXdoR3gHv_wX5YRRRZhrLZrxLb1fj8bqVkExsNcb2ut6xROBijPikJWhtfs
x-cache: MISS, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 30451
x-served-by: cache-iad-kcgs7200082-IAD, cache-fra-eddf8230065-FRA
last-modified: Mon, 06 Nov 2023 16:17:33 GMT
server: UploadServer
x-timer: S1699336010.596018,VS0,VE0
etag: "4e53c20c5fda0337ca5940e935a5f857"
vary: Accept
x-goog-generation: 1699287453575625
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=H3LUHA==, md5=TlPCDF/aAzfKWUDpNaX4Vw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 30451
x-amz-checksum-crc32c: H3LUHA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 20

GET
H2 200 Peter_Coy_Final-thumbLarge.png
static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/ 19 KB
19 KB 9ms
5ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/Peter_Coy_Final-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d398b90b592b327e99a6d915c3a8b2896d03a3c6b617bb5cbbf555fa57ee9725

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 16:32:49 GMT
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 399897
x-guploader-uploadid: ADPycduC9xqPJaEW5r8_fyUfHfuhkHXC6ar9BTOSAwkek--i5tfliBcSYkw97GobxxuXeDoUEMh3rWqtVOX6zPNlTy6VXQ
x-cache: HIT, HIT
fastly-io-info: ifsz=30899 idim=150x150 ifmt=png ofsz=19030 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19030
x-served-by: cache-iad-kiad7000050-IAD, cache-fra-eddf8230065-FRA
server: UploadServer
x-timer: S1699336010.605136,VS0,VE0
etag: "pKxVSvUhBTYCP2nV/TCQfl9L8Trc0nAOFrwQjd7jZzw"
vary: Accept
x-goog-generation: 1678306549211650
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=HcBmbg==, md5=a/NESZYrulE18m32Zyd6QA==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 30899
x-amz-checksum-crc32c: HcBmbg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8, 35

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 426 KB
134 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 15:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51424
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136626
x-xss-protection: 0
server: cafe
etag: 12374074705736737879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 05 Nov 2024 15:29:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 45 B
71 B 56ms
41ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=securevip.secureweb.top

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a4baa6061d4b9e293346882f8a3aa7d799ccf955c18d275f2ee30626f80bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47
x-xss-protection: 0
expires: Tue, 07 Nov 2023 05:46:49 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 118ms
118ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 7ms
7ms Preflight 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://securevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 0
content-encoding: gzip
content-length: 20
date: Tue, 07 Nov 2023 05:46:49 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 17
x-nyt-audience-target-flat: EUDE:AM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: HE
x-samizdat-query-exe-id: 8d36afe22dcff682
x-samizdat-query-field-errors: 0
x-served-by: cache-fra-etou8220094-FRA
x-timer: S1699336010.723968,VS0,VE0

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

POST
H2 200 / Show response
dd.nytimes.com/js/ 243 B
629 B 23ms
10ms XHR
application/json 18.66.97.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.36 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-36.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

777f63a4a78068e2ff01c9666e6319f4a139367bc584d5fd3d5a94d58eb9b5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:49 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 243
x-amz-cf-id: 7PZ3bi2TV1vWl9zdYIhkWb0-V1ao2P3Dw6Cg2Vg8OXPRoV9ccOfBLw==
expires: 0

OPTIONS
H2 405 meter.js
meter-svc.nytimes.com/ Frame 0
0 337ms
126ms Preflight 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fsecurevip.secureweb.top%2F&referer=https%3A%2F%2Fsecurevip.secureweb.top%2F&pageviewID=aPrfDzr3aDWns9bNN1XJMUZa&MessageSelectionAPI=real

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-211-112-71.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-nyt-internal-meter-override
Access-Control-Request-Method: GET
Origin: https://securevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-length: 0
date: Tue, 07 Nov 2023 05:46:50 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 google
x-envoy-decorator-operation: meter-svc.nytimes.com:443/*
x-envoy-upstream-service-time: 24

GET meter.js
meter-svc.nytimes.com/ 0
0

GET
H2

200

activityi;dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b6... Show response
5290727.fls.doubleclick.net/ Frame 29A6
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.s...

628 B
516 B

46ms
45ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

d8db0a985f1dfef50600401525dc34633f424298720239ba90888b0089ec1f06

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 340
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:46:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:46:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 54ms
7ms Script
application/x-javascript 2600:9000:2646:400:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 00:04:40 GMT
content-encoding: gzip
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:52:49 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 20530
etag: W/"64d2e361-1197e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kGtyGe6KJpR6hOZ0mVaaAzWs2hkjD59SuMULSFiiSRMunmPCsi-AIg==
expires: Wed, 08 Nov 2023 00:04:40 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
392 B 32ms
23ms Script
text/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Tue, 16 May 2023 23:50:37 GMT
date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 41831
x-guploader-uploadid: ADPycdtscvtwua-aV23Ie4HH8S1lqi9QidJsXhbEqRNfxkV6tNV1KH0icsZAxhU-HV9bftk4IJw_R0mZhYygMLPaRF9Ba3aD4zym
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-fra-eddf8230065-FRA
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1699336010.000103,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1640215841852360
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 508

GET
H2 200 comscore-streaming.js Show response
a1.nyt.com/analytics/ 103 KB
19 KB 31ms
22ms Script
text/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/comscore-streaming.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 15 Jun 2023 01:26:18 GMT
date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 20239
x-guploader-uploadid: ADPycdtdMejfVXl_FkgB6Xfaz5FQWf1-TwrQzNFqbYjqAR9vB2EBfz7lEXkLZjYgX7tqI1iJP2FqVkV35Qg-u5fFMDWkaszFCzt-
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18717
x-served-by: cache-fra-eddf8230065-FRA
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1699336010.999984,VS0,VE0
etag: "04e0b9556a78ce5cedf86a34e5483036"
vary: Accept-Encoding
x-goog-generation: 1640215841902856
x-goog-hash: crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 105675
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 101

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 4 KB
2 KB 64ms
15ms Script
text/javascript 2606:4700:20::ac43:4842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51810745d3e4e28eec27857037693434619b5a9487d389a2243a555d6830f66b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 05:05:20 GMT
server: cloudflare
age: 2490
cf-polished: origSize=4727
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBDO3%2B1JlMMnGiWcWoKtGwbUH1mUSPo81AFLEdLJ9dtfj6YcUPW4EtY76xtGR3MTpKiAvcb5YdMUQH8CWZYM59L%2F%2FmKBZiT6xu%2FCCFYZ8gx421%2BMs9oD8NEhreC1A4YYCaqcdnC%2Bzdx5rHAUlwn7qRG%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8223472ece239bb6-FRA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
467 B 43ms
43ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fsecurevip.secureweb.top%2F&pid=8LSWe9GK4sMfA&cb=1&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid1_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 9XQGTZ4MHMPTBCGXMF2K
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://securevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _iit4Z4UPEueE5yeAVq-snuFhtsrGxqW_1QYTLjOha1Peg98YGbwMQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
468 B 40ms
40ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fsecurevip.secureweb.top%2F&pid=8LSWe9GK4sMfA&cb=2&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid2_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: VG3VE61F5YRK6W2MME1N
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://securevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ZZPWUD-udpCJrVlYddSpJEqlk-ZZ6dnKTiZAcgbB08gLxpPP5EdOVQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
466 B 41ms
41ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fsecurevip.secureweb.top%2F&pid=8LSWe9GK4sMfA&cb=3&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid3_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: 5JMTSHPX7Y2GD7HKMGKY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://securevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Nf-4FmjYLa1gHndm-M55EgyL8cjSAIeBjG8F5lwZQb-QciSYQct1og==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
467 B 41ms
41ms XHR
text/javascript 18.66.138.185
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fsecurevip.secureweb.top%2F&pid=8LSWe9GK4sMfA&cb=4&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-bottom%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-bottom_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.138.185 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-138-185.fra60.r.cloudfront.net

Software

Server /

Resource Hash

6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P4
x-amz-rid: B65FT3906483TCDXHFKV
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://securevip.secureweb.top
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 7dlcXMQwj6uRcHzfS9AUTClI15w9SxX4RrHKddLY8mgbeTW209dMbw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
14 KB 199ms
199ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1726969335339641&correlator=3414127920789668&eid=31079420%2C31079379&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699336010222&lmt=1699335964&adxs=0&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurevip.secureweb.top%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1730931130.1699336010&ga_sid=1699336010&ga_hid=1635905166&ga_fc=false&dlt=1699336007906&idt=2196&prev_scp=div%3Ddfp-ad-top%26pos%3Dtop%26amznbid%3D2%26amznp%3D2%26request_time%3D2252&cust_params=als_test_clientside%3Dreqfailed_reqfailed_reqfailed_203407064648%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3D%26sov%3D3%26page_view_id%3DaPrfDzr3aDWns9bNN1XJMUZa%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser&adks=2496155832&frm=20

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a418bfa6d61a018eaef6c4b4e33d4eff4486edd4b52d7ef0636edc8047cc46b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14558
x-xss-protection: 0
google-lineitem-id: 6273174912
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440999674
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
14 KB 56ms
56ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1726969335339641&correlator=3414127920789668&eid=31079420%2C31079379&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699336010233&lmt=1699335964&adxs=0&adys=5592&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurevip.secureweb.top%2F&vis=1&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1730931130.1699336010&ga_sid=1699336010&ga_hid=1635905166&ga_fc=false&dlt=1699336007906&idt=2196&prev_scp=div%3Ddfp-ad-mid2%26pos%3Dmid2%26format_rules%3Dnoxl%26amznbid%3D1%26amznp%3D1%26request_time%3D2265&cust_params=als_test_clientside%3Dreqfailed_reqfailed_reqfailed_203407064648%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3D%26sov%3D3%26page_view_id%3DaPrfDzr3aDWns9bNN1XJMUZa%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser&adks=1191999390&frm=20

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

228ea886501a1a755910d1be32d8c64723e008474f93e5789d18a5591f9f64a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14680
x-xss-protection: 0
google-lineitem-id: 6362589111
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138443229459
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 318ms
318ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1726969335339641&correlator=3414127920789668&eid=31079420%2C31079379&output=ldjh&gdfp_req=1&vrg=202311020101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1699336010237&lmt=1699335964&adxs=0&adys=7058&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fsecurevip.secureweb.top%2F&vis=1&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=1730931130.1699336010&ga_sid=1699336010&ga_hid=1635905166&ga_fc=false&dlt=1699336007906&idt=2196&prev_scp=div%3Ddfp-ad-mid3%26pos%3Dmid3%26format_rules%3Dnoxl%26amznbid%3D1%26amznp%3D1%26request_time%3D2270&cust_params=als_test_clientside%3Dreqfailed_reqfailed_reqfailed_203407064648%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3D%26sov%3D3%26page_view_id%3DaPrfDzr3aDWns9bNN1XJMUZa%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser&adks=1809501303&frm=20

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

284a7852619478bd6307816e0d27a41ec476718e6ffb7c7c0d2d028a59f31a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13146
x-xss-protection: 0
google-lineitem-id: 6273174912
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430169524
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://securevip.secureweb.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F0F 6 KB
3 KB 52ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js?cb=31079420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:46:50 GMT
expires: Wed, 06 Nov 2024 05:46:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 209ms
209ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797... Show response
adservice.google.com/ddm/fls/i/ Frame 1197 627 B
709 B 68ms
45ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad8c049e5502d1edef72f170ae6ab4165cdde116031ae55dac0ff17e0254bb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 334
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:46:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 47F9 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:46:50 GMT
expires: Wed, 06 Nov 2024 05:46:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 62 KB
17 KB 55ms
55ms Script
text/javascript 2606:4700:20::ac43:4842
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=securevip.secureweb.top
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7a118dd01892b5a9302e22b61a8e96c6c006f2ca642a8e24ad256ada052f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Nov 2023 05:46:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZtvJTFDDLkSV170ui92nKj00%2FVNpTVv3IddSQ5%2Fif1ubpwSWNqYqMEYUUULAkcvN%2FHLislYC9TxeumqdzTW2QTKLd6BYS%2F8YvR977jTvl1l%2BfpymHm%2FgVG3TPFjdqzX1kVKv1VngRUdNFWJxoDXK3kM"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8223473158ba9bb6-FRA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 303ms
96ms Image
image/gif 23.23.164.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=C6XssQmZmpqCneMRM&d=securevip.secureweb.top&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11155&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fsecurevip.secureweb.top%2F&b=2639&t=CSp3yODdYyMtDmup7mBAPfLkCoDeh5&V=141&i=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&tz=-60&sn=1&sv=CZ4kKCaeFzCsKiwhQeB6cKJeug&sd=1&im=06672fd3&_
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.164.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-164-244.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 07 Nov 2023 05:46:50 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 container.html Show response
d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 79C5 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:46:50 GMT
expires: Wed, 06 Nov 2024 05:46:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 47F9 24 KB
7 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Nov 2024 09:13:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 47F9 5 KB
1 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&lang=de

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbd72c9f40a8903d4eb22dd875d21dcb4e604b01c9b57c5847cd9c5ee1ee6af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 05:03:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 05:46:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 47F9 5 KB
756 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbd72c9f40a8903d4eb22dd875d21dcb4e604b01c9b57c5847cd9c5ee1ee6af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 04:38:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 05:46:50 GMT

GET
H2 200 12709063123019235784
tpc.googlesyndication.com/simgad/ Frame 47F9 17 KB
18 KB 33ms
9ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12709063123019235784?

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49d4ccb431e000c9ac0a811610499ce551fa8ef43a4e217444e1152f7417afdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 16:54:13 GMT
x-content-type-options: nosniff
age: 564757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17708
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 10:22:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 16:54:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 47F9 190 KB
60 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 05:46:50 GMT

GET
H2 200 dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797... Show response
adservice.google.de/ddm/fls/i/ Frame 76A7 194 B
515 B 67ms
45ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJWr7_mXsYIDFb1KkQUd1oELzA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8955977080923;auiddc=2069427030.1699336010;u17=https%3A%2F%2Fsecurevip.secureweb.top%2F;u5=;u18=;gtm=45He3b60v72703797;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fsecurevip.secureweb.top%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:46:50 GMT
expires: Tue, 07 Nov 2023 05:46:50 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 79C5 7 KB
815 B 23ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 04:44:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 05:46:50 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 79C5 24 KB
6 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 09:13:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Nov 2024 09:13:59 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 79C5 7 KB
804 B 21ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&lang=de

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 04:13:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Nov 2023 05:46:50 GMT

GET
H2 200 2178290142467267654
tpc.googlesyndication.com/simgad/ Frame 79C5 24 KB
24 KB 19ms
14ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2178290142467267654?

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af4850b6a455d58d5809a26a3c9128bd769ae3d282cb75dc037c09e52dcf487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 00:54:23 GMT
x-content-type-options: nosniff
age: 449547
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24219
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:11:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 00:54:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79C5 190 KB
60 KB 38ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 05:46:50 GMT

GET
H2 200 c.js Show response
collector.brandmetrics.com/ 0
143 B 174ms
25ms Script
text/javascript 20.50.2.28
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=securevip.secureweb.top&rnd=21604
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=securevip.secureweb.top
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.50.2.28 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
date: Tue, 07 Nov 2023 05:46:50 GMT
content-length: 0
content-type: text/javascript;charset=utf-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 47F9 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiuHwFOjr8pFvVr6butV2cka-chdHT_VyYZTsvGfJaJfr31KFfnXJB-RMIFtjH_TMWatnKAwHPma-URtXfpiH6o_rcBxTjq1Nbpt42kvdlVEXNu99WAOR9-8nMa3y02nSm5W-CEsSDskYhloO575IT7N0eB_DGUS-qqSPtpwdbhQ1Qr_ijiSbKW8oByc8b3pgWoNHYPD2iALyu-PjfkJCldsEecwqLoQbwcOzNy68VUiBYndHZdIYQCK8ez9r5y3KzmJoFExFv1utJmHkrorsdN72Vo07drjYuhaU_mH8ADlbxLVVtxTfoPDrt-X5LF41oukZ7kU-S4PHW4eWKGhmQ&sai=AMfl-YSKfZbwuAKcy3Fkeqp3BYicG_5HeTSS0IZh3x7SvGJ6vpel6zds8cwL0iQAI0mY1yA-vRVv0LjIKaqH99zRTMLz7UnOtKXj8sIzJ4kNGc6DwoJI5alolGBlTnbThow&sig=Cg0ArKJSzMq_lOAa1RJkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79C5 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_jXlLHz0hayCgiZgJn_gbud5-J_k2xaTFZnc559tsKFeLp323Ly-IMh9pDkH14QcQFYQXDj16bH86_bwF6QEOFmExR1gOIGwlzmpQMtP2dVMirCW0isShHfUcW7ilDkRxvxw2N4qg46REJe3SVKGQKieiUism9lmobO6oQxjF85LR--P47BjgmyHLhH5G8VJFLkhIKcg8_T2mdk7tk-79OOSxArB1jZ1rRIrcJg7y_YoZW9O5icyBYnT4G-06xZbZHawObVur_LTEdtaz2zq7xfYYs3hm7YV4lkfbS7fQADCyAtSQGIx76d0KNJ6BZjal4Po3l0KrHHKkHvwfnLvj2y9zpFdFmIxzJCl5jRQ2V8YDiPb8UzAhsTp6zoEIMHttpCp2VsP8xkmXGqaRvLQQ1CPG2zU&sai=AMfl-YRrGMjUiokimkBum-dpSRG5EVMjWl5f5eRqVQKNcjM_9ePzTWZpEiT9571UTHt4mpyXVd0R6fIE0BnnYmBiL6zVhL9pkZrLok2A9CzhKdS8KntImpD1WyTKOC-vyA&sig=Cg0ArKJSzNZndtWnESlpEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ad-tracking.js Show response
static01.nytimes.com/ads/adplatforms/cdn/ET/ Frame 79C5 9 KB
3 KB 18ms
7ms Script
text/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nytimes.com/ads/adplatforms/cdn/ET/ad-tracking.js

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

46db5b462e063bcd60edfb6a6efa82969e1d1fbb8812259bc70b337afe026755

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: Thu, 21 Sep 2023 17:55:04 GMT
date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2296
x-guploader-uploadid: ADPycdvZ3c2EqYOQJIlN3qo9opxAIfueJl3OD46SDZ_E70Rt-Nel1XojDSARCSx7m_wZHLlcVxMA1KaA9A
x-cache: HIT, HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 2372
x-served-by: cache-iad-kiad7000059-IAD, cache-fra-eddf8230065-FRA
last-modified: Mon, 10 Jul 2023 17:00:44 GMT
server: UploadServer
x-timer: S1699336011.564914,VS0,VE0
etag: "b787e3d6003409a1e48a30e0600cdb37"
vary: Accept-Encoding
x-goog-generation: 1689008444082064
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=t5C97A==, md5=t4fj1gA0CaHkijDgYAzbNw==
cache-control: max-age=7200
x-goog-stored-content-length: 9231
x-amz-checksum-crc32c: t5C97A==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 298628, 28

GET
H2 200 10160169395875749975
tpc.googlesyndication.com/simgad/ Frame 47F9 160 KB
160 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10160169395875749975?

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5e94ebb81ec1660e6760f8d7f4a451ac434a9b8d404eccdae6ea653b3fb50d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 12:52:39 GMT
x-content-type-options: nosniff
age: 406451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163666
x-xss-protection: 0
last-modified: Fri, 18 Aug 2023 10:24:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 12:52:39 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 47F9 15 KB
15 KB 35ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 353149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 03:41:01 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 47F9 14 KB
15 KB 33ms
7ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 17:44:00 GMT
x-content-type-options: nosniff
age: 388970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 17:44:00 GMT

GET
H2 200 9376744555904406431
tpc.googlesyndication.com/simgad/ Frame 79C5 435 KB
436 KB 15ms
14ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9376744555904406431?

Requested by

Host: d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
URL: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f35eb84078ea2b334a083a090ec8069a537525bd6bd1e7d6e484f876e5f39c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 18:07:19 GMT
x-content-type-options: nosniff
age: 41971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 445778
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:11:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Nov 2024 18:07:19 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 79C5 14 KB
15 KB 36ms
13ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 283324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 23:04:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 79C5 15 KB
15 KB 38ms
15ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 353149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 03:41:01 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 79C5 14 KB
14 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 17:44:00 GMT
x-content-type-options: nosniff
age: 388970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 17:44:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D49 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4CPNSaxi6Kps_eBHMTzBsqC5Mhfx6tjt3VFqQKx2yHo0HPI_iuiALYMUiGWsLvCiDafjdXYkh_4BAc7I0Q-k89mVDadiExvqUATiE5EVEHypOuAxRWG_YGGH2FTS2e2pd7CjYoGqzf6cUU2I9SPqcZi8jXSLLEWlPJiUqippBseQfn4YitISnM3Iawa66L9qTTXAdP9bYoDZnIzKwS3WPJCGgpWmy3LclfHEYKV86YVJKJ4nJlAN9Ky8XmkMnW9jQayUK6OCQEmIRYZ6E_AYkXtEiBwX_H3ctnGpVxvbnkJnelg9ynhBaoujGe0BqrOvTE0k_UdY5j-dBZNWUBtnB9BbpFxz9iWaTSklxsuzw_rcqiXe31vVCA511IHvTgnZqHkn7Sa_9_m5vxjkybMxxZp3OiP0&sai=AMfl-YSZEvewK_PjyMOg2rhR3V__ibAfcMJEnZ4id-s9dOVLDWu6PhYn7Qo32BVU8EAZjXVfWxKyXuKW_NUNJBogcJDuNq4GhdXoKiyDXGBs_3z_dkZJL7S63ZnV6XJ_FTc&sig=Cg0ArKJSzA7HRTpLehebEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D49 190 KB
60 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61127
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699274420466708"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 05:46:50 GMT

GET
H3 200 2776693126932317958
tpc.googlesyndication.com/simgad/ Frame 0D49 395 KB
395 KB 8ms
8ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2776693126932317958?

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaddd14677151784462e32b52a7eb07bc581b8421b3e6bd0ab05f2e677fb9748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 05:40:50 GMT
x-content-type-options: nosniff
age: 432360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404529
x-xss-protection: 0
last-modified: Thu, 13 Apr 2023 19:08:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Nov 2024 05:40:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 47F9 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEBIukfxdeaHp50UBm09SK3aibT4X1Z3RDn3QYytb-8NNpRjvibQZcPr_fSYNDZQbDcOmflGwcbBmn0YQEfS9WTLQ7LLsnzpWK48k3mSuBIV0MgW2Ck1mV1I3DpKCuNXTZgsXy7rRgw6m0oM-Hb_KqVkMRI7WhtMp-zN80auwa279ZBwjiPwZeKKUUjWLIF2pkYIoDnMItsMeEPj_H5H202TZxPlPa2KK4A5p9Bf-RXktZ74Fl8qqPxT8hP3OdbbT5vM-Z6qui_LK2yxQrazlFYsnESXXHfSPT8lBiaduNic0U4F1h5whOa3uei_jKGtRl8mR7mYWkvtl7s05BB4m2iF0&sai=AMfl-YRrWkl9GV8cOxxUbJrPRI_eZAKIl0b_aAXtysYWiUGwUNW5EWp6Nq7iJ4kwemrlM4v4CdZL7Nqs0x2nlYGicBsBT7FFZFmmmFYSyDvQFF7psnwgqfx2pslKodIZH24&sig=Cg0ArKJSzIh_Z6HuCk6wEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Nov 2023 05:46:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79C5 0
0 43ms
43ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVJzONXDu4X6NCHA_T-oh3C2eb1ZDoIGhHUB70-9OpK9qTkXIPcx9Y0txfzlwrcDYzoditbKAzMnmXt0YfEPkO5BCQzKu9vgVS02qfihdCHLAdvi4KkSsEB-wElec7xczDKr0GSOTpKECrsvNE7_5Tun2v8ZHTnuQQjIg1b1TjiKhnmsNKVjIRZJAUAzcfTIeQXCySkuvkk_29ObtuwB7I_QY4Hs0ALzn6B8oeHMyWAd-Oy9Wx2l0rgxz6Xpl5Z073NGsNZ61sqkSam8Ps0--M3hcsNw_yZCDmt7ToOdeNFTA4n14W-lPwXn-2dfpjf0nhTtxcVq7NLIt2_axyMXY9i8jx5KbA_z2d4gEIiskVlQ-Om-0p_-pO3kms&sai=AMfl-YQt3m30MJJ2gwPNE7XnQ5E5yYwpwZar0cRUsvwjRsbXp88Pf3wnuhhTgb5XiR3QQMGlmwhp_r1oYqkMk6o0FWQURiarVpwIULpCVImVGWaTD3PrIsYzjNuUFcbcVw&sig=Cg0ArKJSzI16OcJbeWYWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Nov 2023 05:46:50 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 118ms
117ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
DATA 200
OK truncated
/ Frame 47F9 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 560da19036ef76b946ad5c59d440af5a1a327a3e84160a2e83d14019073001a9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 eventtracker-snippet.js Show response
nyt-dti-prd-staticjs.storage.googleapis.com/analytics/et2/ Frame 79C5 3 KB
4 KB 60ms
8ms Script
text/javascript 2a00:1450:4001:811::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nyt-dti-prd-staticjs.storage.googleapis.com/analytics/et2/eventtracker-snippet.js
Requested by: Host: static01.nytimes.com
URL: https://static01.nytimes.com/ads/adplatforms/cdn/ET/ad-tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 75f781a1bc9a89ae2f3814dfb5e3dab712c6edd2b35a10e43a646daa338b2f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:23:58 GMT
age: 1372
x-guploader-uploadid: ABPtcPrCLRok1MCui57DVzXCM9N86NhgcVRkn6Em0Oxxgo_VhROH8lYtM0W7qf2uMQfvuaKSNLA
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3190
last-modified: Mon, 15 Aug 2022 20:07:43 GMT
server: UploadServer
etag: "dcda8651f2fd6410a0bac2a0625874aa"
x-goog-generation: 1660594063515807
x-goog-hash: crc32c=GCowug==, md5=3NqGUfL9ZBCgusKgYlh0qg==
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400
x-goog-stored-content-length: 3190
accept-ranges: bytes
expires: Wed, 08 Nov 2023 05:23:58 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D49 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSRmHeUgGOvRo5Jxw6N2yS_53JlXgMyeG6Ft6H9YiCUJeCRZmAM-c3CXlQciP5QQYYu7YKSpVgLCqPQPrJ2NUAXsrutusILpFpigEdJIgMHIGE53BeiacbSSJGcGX8VckpeXWkN9yUfnNccXE_QJuz7-nHff_C1a8hlcWF3Bqtjeh0q7QLEWi1HsiaICutATxzMso4ZShd85Lvyj7PF6Bs5hLwL7AtBntgNhjp_QSvDvCy9gJgXheZvDCqnR5Iu-GaLcyEVO_7jm5Pn093RvYju1q-gNHrhuz_zm0I5GVXi1QkNwb7O-VgntHn5eFhCVqoarv4k_TCuF3ePwPPf3gW3XQTClYm6GiipNT3H85XylZ4y4H32I3OIwtq&sai=AMfl-YR9XGNtwEzf5VUV927OF1BQ_TJOS4l_jaS6CvzyV4-GR_igLgvk3H71JLYKOdj3JZ6cBtT_Bvy_pzbRz0o7HKxs-3w-AcF6PAsnsK0B5p0N-1-VoshwjJKn6drLviM&sig=Cg0ArKJSzKo9F4o1jg3TEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Nov 2023 05:46:50 GMT

GET
DATA 200
OK truncated
/ Frame 0D49 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a735cfe2082129c24e5f70a1af3babc3e3ca95eda947000df39c1f504c6df1ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 79C5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67bf55d8e7d53873f69e41415e5e491a6581f9f09cf8b2ebc0f37e96fc5f8c0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 .status Show response
a.et.nytimes.com// 0
0 419ms
419ms Fetch
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept: */*
Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 81ms
60ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311020101&st=env

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94c464b2072b7a6619fe76f9f58a7d45af1dd42970652c74b1259337c3d168b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12145
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 49ms
14ms Script
application/javascript 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a7cc369b7799fe4a3442e72d5d5e06b438dc2d350535b3cb6edc194f2804c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
x-amz-version-id: uq.wnYxSi9EI.nFJrrFLnIo8MjrAKLYY
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: YNXK4YYE76J1KXHB
age: 400
x-amz-server-side-encryption: AES256
x-amz-id-2: 7qe1zzCNVprN8RBMAl2CCcAuFUcCmc9JviV0ia3KH6IBxSB6g9VHedNC5GoUGGEF/V40DIId7/PgUFywWo0d41PGDhAIaSQ83B1sZwBUxyU=
last-modified: Thu, 02 Nov 2023 19:28:53 GMT
server: cloudflare
etag: W/"63ba5f33bef033632d254ca54c8ee999"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrIMU6Ls2O%2F3orkISWq3A1iHnDe%2Bw%2BQ0DW46m5ueGCM1M%2B5cwbP0Jzn80hyiiDFfgSRrfmorgqqJVU8DoZLXy9q40uxns8mHj1keOiMtIQQf%2Bv5H0LaMjZGMFNPs2wFEGwGJsszhkbm1fojNdctXMKEZDPw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 82234733aaac4d94-FRA

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain

https://sb.scorecardresearch.com/c2/3005403/cs.js
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

0
380 B

8ms
8ms

Script
application/javascript

13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol: H2
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:45:17 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 94
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 3oVbCNg21YlIfEd_0AjaZ9cKHhTQRMdvMiNXne4FiNLdqeYfizRvBQ==

Redirect headers

date: Tue, 07 Nov 2023 05:46:50 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-c2/3005403/cs.js
content-length: 0
x-amz-cf-id: IbpP9G_5aWA_f2dh1IfaQoOnYRHqrRjiPcRwiq0e_Rnxtt3cjTeQKw==

GET
H2 200 match-prod-6baf9ab2a93fe67c4133.js Show response
platform.iteratehq.com/ 86 KB
30 KB 18ms
17ms Script
application/javascript 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-6baf9ab2a93fe67c4133.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93a03220d2cacc03b0b40e69976cfd06201970c1febb108ac4ace5747dc114b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:50 GMT
x-amz-version-id: m6qIko0hGVLfB0fW2Ydgcxo5k1r0mneH
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: 9CSG5CJ2P0968R2R
age: 382500
x-amz-server-side-encryption: AES256
x-amz-id-2: gpz12+TXPBlJw8i6CL9WMZo3Y5oJ3ZjyalKLF/Bq2w55kv/24Vq4AB29t0sNYEGYoVB+q1YStJs=
last-modified: Thu, 02 Nov 2023 19:28:52 GMT
server: cloudflare
etag: W/"a0edf9459ac39cd6a02228fbf64230be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwVQS026D5NMAxipDG%2FmQY49Ge%2BpWOONeomISHkaYGWgpd8t1NUKNR2tKnZFcWuZhR5T0Umnajj2Hk7MnmzIdQNB99PsU8dycFHl2pOZr3B0vnuR5TO69xrF06DmSnALPMau21c7IGYIk2J9POJwL8SnWAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 82234733baca4d94-FRA

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 300 B
543 B 108ms
108ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9f4056c68d0aad8f4ebd513e7593e36b00942fd7bfb4ad4ad665362231fd745

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Nov 2023 05:46:51 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g28VdNq6ASfi%2FnWTeqCJXdh30PsvzMZiplGMAE1NmXwQkNcThPwrPKtDB2lsdg2uKT1c5t4niSYVuCF5rddnLJDKcYePbadbp9Lx2IXQcKLJZY%2BAhMSHkKGddG43VwkF26k60mtRovXJXSs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 822347367bbb1970-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 402ms
112ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://securevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 82234735cafb1970-FRA
content-length: 0
date: Tue, 07 Nov 2023 05:46:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yda0aFHHCf%2FaSDTriKiQAFYrybkN%2BaF%2FTIzr6z29V%2BTbOImV4iwvju4rHqL7C5oo5BcQg0Y3y9cJiw9BmeBW7pMjTyPuyDcLpk2B6Yy2tcs0oPno18miSAD7LbpnHUGUmctrvcQjcHveOnc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 167ms
166ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Nov 2023 05:46:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCD0 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://securevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Nov 2023 22:04:52 GMT
expires: Tue, 05 Nov 2024 22:04:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6AC3 829 B
1 KB 39ms
18ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

18333e5cde2c492e1707036249ac69995aee09fea80cbcb9c6fa99bc3d3d3ac1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O4ooUjRH2Aylj3GLUI-1GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://securevip.secureweb.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-O4ooUjRH2Aylj3GLUI-1GA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 07 Nov 2023 05:46:51 GMT
expires: Tue, 07 Nov 2023 05:46:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame CCD0 38 KB
15 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 06 Nov 2023 20:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 05 Nov 2024 20:13:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6AC3 0
0 41ms
41ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311020101&jk=1726969335339641&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CCD0 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C3ZDfw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 64 B
348 B 102ms
102ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTQ5Y2Y0YjVmNDI5YjAwMDFmNmRiNGUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjk5MzM2MDExfQ.qCj13awCiAIUP8k0xT7LeDtWnv8vGvrtblRFW6B5H78
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Nov 2023 05:46:51 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLVZePNpNnuIRN4aSgY%2Bon6Zrnr%2FSrKhl1o4sFJhD%2BFJP04yujsAW1Wb4zxSYiDafUWuZo8raJyF4F4sHNgCE4%2FG2OdnGFCBD2pQBaIt2WY5BOWcr8OqekvZmydrHj9lGjkLJ%2BzvHzIfqVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82234737dcfd1970-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 109ms
108ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://securevip.secureweb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 822347372c4f1970-FRA
content-length: 0
date: Tue, 07 Nov 2023 05:46:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BMKn2kgcoC0QIepW1ZBJVq2sTxUjyRU5sCYZzLKc5l64KDuTjnEguOmAD5JQ04ej%2FdZ06f1umoKXCOlQC0yQMJbU3bV056EliJIOsSH%2F9T8nUTaAyFrnkVyS7MsBkIuJILQ9Wslgvx5qx8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
41ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311020101&jk=1726969335339641&bg=!ZmWlZSrNAAb4oU7C2KE7ADQBe5WfOBPRoZ7gwD-iwyIiylSouGxZhdrxDsAxPmOJ0yg5jr3UtVII47LKOXFzz7PJG91MAgAAAENSAAAABWgBBwoAC9A1DoY8O-I8HzugmQMIIf78nTmqk_sBvubb1w_OBg4NnZ4mZWvaZ1aPUbwsh7xGhL0XTOOYl5SfVnQLCswcikZn-DukXr86fSzWovMkYXMfzxqF1Qfts7-uI6ryTcOQo0n-ZcUcA5zZLTISjjeYmzJxCi2z86NgjhvUyv-QKORn6D40ZvT3BSsFpScYi_eorZBlEULUrNzYSjukKhRA7Bg6ZshaD35K-quLI6l3C1quxrOwnqmTJIVc_a9l2RI-pmzhpwxd1Vzxhx3_XpyQH7K37vP7W-ETDHfl_zBaGfPTiLKXRgW8_qBsT03f62H6M2u9aHeXQ7i8lEdmaj8tG_FLBQJptL2w7osBoKprl6tr0rugNEPWx7aB-eB8bP-LC0wEcumwaES-4LzkLe1jP1SyAYUpjm01C-yfqPlkCOU-GHTcvQJ8uDI4-6IjRu0WSzpNlz7F7a_WdHYOWAbLp8XhBgBXB25qUo_cmcSrx-7ssDlKQesSem4P6PFpfsbVfSmw72KCaBwinr9eWY0Jn-eJ8v2uJx0DDjGldOe2atUwZg4QmlYQRUCBM2y6nTt42EIu_gmkYu1GSuLis1HKdDL4qFgapatHSx4X5EHk_Rj3YyoNDw-vcbG-rcuLFbOjRltwSsE1U-RPA49eTPK5-hE_DmY3vn8TVW3UJ7CUIsdg3KpMxVWNYxyIcUpK4HTDMOFJWeTEop-olRGLl9GWpJG9psks6MtASNNNJzcToAsCVqZuQ9KCtM7cQIO-3f_ERkB4K6pG60sDsQm4P5HzImZQtbULkWQnxwIUfVVSY6bfpXQ658jIodfk9BsAGInj1SP724WmTL_Jb1KU0K_9ZbHAzvj4bFB31ikZWBeK9mSxgBO8pLg58gNE4svZ8udMnDqz6EcjRoyu4ubzLRsFQHifqkHVasBp-Lge9H_D1WlmELUbuOfgXqj7y_DHXzNtlqQPU276m0AAhRAqvDHB-m-ZDWF1nV4x8keMMyEhCPypM2cWe_DjStowfOX0KbrcpqkIxvkABXzkI6NBPPhohl_2vAhQEFo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 79C5 42 B
174 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstyMzq5-TMBPcCWfgdf3op9wBf5aIzrFVEvbOrM3dhLWQncjnAupIRJl9XrLl2eEtvLL9n7j5dWhRBdUu1OICFeJj7HP8odgm-jFKuChjnJXomiYUItE4tBieJ7XGjQiJYZgObRVi5Oyg&sig=Cg0ArKJSzL0hbo_ytxP1EAE&id=lidar2&mcvt=1000&p=16,0,286,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231106&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=2496155832&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699336010483&rpt=172&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd
nytimes-d.openx.net/w/1.0/ 43 B
304 B 66ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nytimes-d.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Nov 2023 05:46:51 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cksync.php
cs.media.net/ 52 B
418 B 67ms
27ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-228-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Nov 2023 05:46:51 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 52
x-mnet-hl2: E
Expires: Tue, 07 Nov 2023 05:46:51 GMT

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 35ms
8ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://securevip.secureweb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 07 Nov 2023 05:46:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

POST
H2 200 track
a.et.nytimes.com/ 0
0 121ms
120ms Ping
text/plain 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: securevip.secureweb.top
URL: https://securevip.secureweb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-42-214.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://securevip.secureweb.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: als-svc.nytimes.com
URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: purr.nytimes.com
URL: https://purr.nytimes.com/v1/purr-cache

Domain: a.nytimes.com
URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1699336009127&referrer=&sourceApp=nyt-vi

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: meter-svc.nytimes.com
URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fsecurevip.secureweb.top%2F&referer=https%3A%2F%2Fsecurevip.secureweb.top%2F&pageviewID=aPrfDzr3aDWns9bNN1XJMUZa&MessageSelectionAPI=real

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-21 00:47:52	Name: nyt-a Value: Og-6IuLNhEJ5ZtrhLmodIgpc
.et.nytimes.com/	1970-01-20 16:02:17	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-21 00:47:52	Name: sessionIndex Value: 1\|1699336008269\|Og-6IuLNhEJ5ZtrhLmodIgpc\|1699336008269
.et.nytimes.com/	1970-01-20 16:03:42	Name: et-ppvid Value: https://securevip.secureweb.top/=aPrfDzr3aDWns9bNN1XJMUZa
.rubiconproject.com/	1970-01-21 00:47:52	Name: khaos Value: LONWS7VS-20-44D0
.rubiconproject.com/	1970-01-21 00:47:52	Name: audit Value: 1\|hLZGFuTafB0EkpU73+Sjcnjc0/aJelRdbjRFtGIHH0u0qxpngu+zMgRpSDwwZdvS8sBIRysg5BwkqmiyBmhk+EdXq+9jExrDJhsHlJbldDc0SwvsFymxLCKPLRELhl3xGLmP30iNJH4=
.secureweb.top/	1970-01-20 18:11:52	Name: _gcl_au Value: 1.1.2069427030.1699336010
.securevip.secureweb.top/	1970-01-21 00:47:52	Name: datadome Value: 7gQ6SR5GV6NIY8WIuw5MEh2eDTMk79rM0v4TSsdcxvfmbIJzNEkHPlgAbalxKTiE7SsdB5wDS0ajK7z3rpzW7XLaCpHsVsim~r9zIp5Bu3QAi89n0s08WndqJUHkWMlh
.secureweb.top/	1970-01-21 01:31:04	Name: _cb Value: C6XssQmZmpqCneMRM
.secureweb.top/	1970-01-21 01:31:04	Name: _chartbeat2 Value: .1699336010459.1699336010459.1.CZ4kKCaeFzCsKiwhQeB6cKJeug.1
.secureweb.top/	1970-01-20 16:02:17	Name: _cb_svref Value: null
.doubleclick.net/	1970-01-21 01:23:52	Name: IDE Value: AHWqTUnX53G8PBB0J22VOWNl3LfkXfc6fu4SrWpRwAGI4F1UTg6GcOEiM61KNLcPETc
.secureweb.top/	1970-01-21 01:23:52	Name: __gads Value: ID=aef22f015486f53d:T=1699336010:RT=1699336010:S=ALNI_MZBKpS9D05KY5Ovl6-sA0dr8UgdFg
.secureweb.top/	1970-01-21 01:23:52	Name: __gpi Value: UID=00000cb74be14ed2:T=1699336010:RT=1699336010:S=ALNI_MZ8alDJX0AIXYZsDg-9-fV8xTRWSw
.secureweb.top/	1970-01-21 01:38:16	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NTQ5Y2Y0YjVmNDI5YjAwMDFmNmRiNGUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjk5MzM2MDExfQ.qCj13awCiAIUP8k0xT7LeDtWnv8vGvrtblRFW6B5H78
securevip.secureweb.top/	1970-01-20 16:02:16	Name: _dd_s Value: rum=0&expire=1699336908256

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://securevip.secureweb.top/(Line 251) Message: Access to XMLHttpRequest at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://securevip.secureweb.top' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://securevip.secureweb.top/ Message: Access to XMLHttpRequest at 'https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web' from origin 'https://securevip.secureweb.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://securevip.secureweb.top/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://securevip.secureweb.top' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://securevip.secureweb.top/ Message: Access to fetch at 'https://purr.nytimes.com/v1/purr-cache' from origin 'https://securevip.secureweb.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://purr.nytimes.com/v1/purr-cache Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://securevip.secureweb.top/ Message: Access to fetch at 'https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1699336009127&referrer=&sourceApp=nyt-vi' from origin 'https://securevip.secureweb.top' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1699336009127&referrer=&sourceApp=nyt-vi Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://securevip.secureweb.top/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://securevip.secureweb.top' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://securevip.secureweb.top/ Message: Access to fetch at 'https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fsecurevip.secureweb.top%2F&referer=https%3A%2F%2Fsecurevip.secureweb.top%2F&pageviewID=aPrfDzr3aDWns9bNN1XJMUZa&MessageSelectionAPI=real' from origin 'https://securevip.secureweb.top' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fsecurevip.secureweb.top%2F&referer=https%3A%2F%2Fsecurevip.secureweb.top%2F&pageviewID=aPrfDzr3aDWns9bNN1XJMUZa&MessageSelectionAPI=real Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
aax.amazon-adsystem.com
adservice.google.com
adservice.google.de
als-svc.nytimes.com
c.amazon-adsystem.com
cdn.brandmetrics.com
collector.brandmetrics.com
config.aps.amazon-adsystem.com
cs.media.net
d62db337163e05adaf51db6c382bb40f.safeframe.googlesyndication.com
dd.nytimes.com
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g1.nyt.com
ib.adnxs.com
iteratehq.com
meter-svc.nytimes.com
nyt-dti-prd-staticjs.storage.googleapis.com
nytimes-d.openx.net
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
prebid.media.net
purr.nytimes.com
rtb.openx.net
rumcdn.geoedge.be
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
securevip.secureweb.top
static.chartbeat.com
static01.nyt.com
static01.nytimes.com
tlx.3lift.com
tpc.googlesyndication.com
www.datadoghq-browser-agent.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
a.nytimes.com
als-svc.nytimes.com
meter-svc.nytimes.com
purr.nytimes.com
samizdat-graphql.nytimes.com
108.138.1.25
13.225.83.103
13.248.245.213
13.32.99.90
142.250.185.198
151.101.1.164
151.101.129.164
18.66.112.4
18.66.138.185
18.66.97.36
185.89.210.90
20.50.2.28
23.23.164.244
23.35.228.23
2600:9000:2491:1200:4:b37b:9440:93a1
2600:9000:2646:400:18:1fcd:353:c61
2602:803:c004:200::140
2606:4700:20::681a:7e5
2606:4700:20::ac43:4842
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::201b
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
34.120.63.153
35.156.170.234
35.186.253.211
35.244.159.8
44.211.112.71
52.3.42.214
94.131.110.93
007070e6f905e2aefbfcc7568cdf61c38a422d933c9c8166a6ba2f6223dd9ec5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
0b75f1263c2e4a65318c576d3de943c8792d344b061a366548a1bb93ff8942aa
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0f168400f35726c05050a7361b4bdffa89148cf119cc412ebfc3193d71159805
11cad19b226383c7e859031e5cd320644ad1a33d12abc2689a4d3bdbc8253ab7
15bb3ffc59f462f8200d11db9a59ac35b5ed9b197e6d20596fc68fa16e73de69
17615132642880808e44f8f5b54edef8ee37a514e003b6faf98014ecca401194
18333e5cde2c492e1707036249ac69995aee09fea80cbcb9c6fa99bc3d3d3ac1
1b212ea12e667d35e7127d3c59788897d07d32a661336ccf122b02af12fab96d
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9
1fbbb0b7c2a704c88a0856a46eb53d57c02e37c6a21e24dac7954f05287c37ad
20a1e05cca983d2c838b5637de79857db90bd69705e38126260f9dca7fc29186
228ea886501a1a755910d1be32d8c64723e008474f93e5789d18a5591f9f64a7
284a7852619478bd6307816e0d27a41ec476718e6ffb7c7c0d2d028a59f31a27
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
2d153e1c7bf7bbb2310000deae56a055fd9343db54be3614b0b898e1953da621
2db2cfa6273e20e55276f9e79223a43ac226bd4abcdc7db55a2764b9417ee3b8
2f35eb84078ea2b334a083a090ec8069a537525bd6bd1e7d6e484f876e5f39c6
34b6815440fe059ee3b784821e98111ebe23f37762092fcfafb3397a3cdaff82
352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d
39cb04ebdef1112f9cfd08ab486e0c2f94692d63e04eaa079512f8a14cf910e6
3cf9d55fffe8603f5953f97b9bb0c0328d40ed1b150fe876345f0dd58e74ca5f
3f91fa3c8c68bf9155006b179e21c46ef9abf71d6b5a4e11a74a40e5b176da65
41d61937d6f1b2b8887f735949cb30f7be1f3027a5d495621672f0d8fd3f9d14
4501bb0294daf1a98751db74fe0917f9134d90ab743318c3e8a7d9722efbae41
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46db5b462e063bcd60edfb6a6efa82969e1d1fbb8812259bc70b337afe026755
49d4ccb431e000c9ac0a811610499ce551fa8ef43a4e217444e1152f7417afdf
4af9b52b5cf0f6a694ec51e283ccabc662be7881a3ecefecccf5441a687a894a
4ba9c62e2d791768ee9cf91a2257b631d3d3d3e4d0039b2d60affb962b562219
4c7e66d672ad01d9a4b945bb09097d6776e2c05383c48f6c64aba44cc24fe96a
4caf6c7af5ea1580e3aa315c7e5375aa7d6aec929faca9b0fe0687113cb83e20
4d3928e5b934069fa3b78d716121fd1838737cb5b1aecd98b82e62982435ada6
4db26d30e230d70262a092bff4eaf8c9e77098fb7715d1f08093579d9a7d926d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
51810745d3e4e28eec27857037693434619b5a9487d389a2243a555d6830f66b
52dc9d8c27d10f6478e371f82bd0e12f56758f4c40337149c3bfd0df8318a5b2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560da19036ef76b946ad5c59d440af5a1a327a3e84160a2e83d14019073001a9
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
56e6f324b5c96993959adc6f720bfb789bdf4a9db9e2ef5ba1e78ff0ab712225
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5d7824c56fadbab811bb6be7b48d8eec8fd4269877246eeed5b9b33d1a953292
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e58c4c90b85eda4055a5b30fe55ef60cbcf6ea093311f2ff38861c7b4fe448a
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5fc82b7959be4071b0751538cf86e7d74d936e841a851d60ba223fcb62d946dd
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cd01bf8a87ddc8a07e6491ea1ab7bb28613587cfddd7c9664dda47f71dcda3
644159a517427813378bf283fb86f497ef2fd81c8656225b3e209972f0e4ccbb
66debd0db62a3f53e72503a053f862b586a886e6a399fd8243b5e0180d304dec
67bf55d8e7d53873f69e41415e5e491a6581f9f09cf8b2ebc0f37e96fc5f8c0c
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
6a67d82954e869f63863c01de1404e74d89722d7774b105176d253292b75b6aa
6a7cc369b7799fe4a3442e72d5d5e06b438dc2d350535b3cb6edc194f2804c79
6b6437fab9bc6490c08e4a4870c4eb33f626518d918a7fa299eef27bb3c33022
6cc3281cee537a9c05efa58b1f4b9df336d2ad10f511eb6af0b620e65b45ed6b
6e2ebe67009b7cfad70167fc977f56844eae0683b216f8fb12fa6e9bdd7dac29
71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a
73bd4d0f8a3ec1a6b0ec41f111a2b46ba4c242d4dc7bdf0817c4af97a6dfa48e
75f781a1bc9a89ae2f3814dfb5e3dab712c6edd2b35a10e43a646daa338b2f5f
777f63a4a78068e2ff01c9666e6319f4a139367bc584d5fd3d5a94d58eb9b5e2
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c65354f69fbaf3704fa399fb2755f8f1e12a4febd45037a125f17de050fca7c
7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47
7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1
7e9b1bcc8b7f6c40a146c67b1ae4d804d1a00f9374ebd5ce5b4f2de65ff69cc6
832c2e84f40e3512fc4a9326e54e6c3a8e8b91d691dd601e5716ab8b4cd01f32
868fa0aee4b3170445519391c249b544438425cdb392aba77b9dae9b5ea7e27f
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8b44657fba4a5f7f7217acab9b1bf55d71aad13f4d482ff67df1e73d46147d1f
8bafef9de45070f320e6d34730a285286b7b00ae2fbc1757ef49b1ff21d80c24
8ea98f2e24222234229cb836e4616568812b330adcc25f911b3cc613a3604de2
8efe1572be12f6646d54cfb294c79d31a010fa99cf4948e168582234b0464f11
9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294
93a03220d2cacc03b0b40e69976cfd06201970c1febb108ac4ace5747dc114b2
94c464b2072b7a6619fe76f9f58a7d45af1dd42970652c74b1259337c3d168b6
94df5d2926f84023b53a7b88d959ec0a24857fccc905c82b5bee2869845eb4c4
99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e
99c47f89457c9ad74212dcf0d7c3b0d893212fb17f0473dd592fdb1bf8611d7b
9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47
9af4850b6a455d58d5809a26a3c9128bd769ae3d282cb75dc037c09e52dcf487
9ec978213051509467672fa65a939d16cadd988e81d53c81bf6fd5b81e90151f
9fd1e8da45cc479046e68a609cadd9bdb7b4e177687de4bdd890c7cb78b6e6f6
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a418bfa6d61a018eaef6c4b4e33d4eff4486edd4b52d7ef0636edc8047cc46b4
a500afc866062030e5a0314da72313ab8fbda561df3571d832a56576d6e1da46
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a735cfe2082129c24e5f70a1af3babc3e3ca95eda947000df39c1f504c6df1ff
aaddd14677151784462e32b52a7eb07bc581b8421b3e6bd0ab05f2e677fb9748
abb3e9b4b429be28947890a3c281f600604d4e27492624a3290bfa735e57e570
ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b
ad8c049e5502d1edef72f170ae6ab4165cdde116031ae55dac0ff17e0254bb7b
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b5e94ebb81ec1660e6760f8d7f4a451ac434a9b8d404eccdae6ea653b3fb50d2
b62c920ab03d3341e126fa542864d12aa6156f16ab0e1512bacf006fe0aa6cb5
baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8
be9dcda7136b10664180d9376d56acf52cb27126082e1dd1fda47ca67316de55
c01bb7101c3b034d4e913bdc36280e1a3034d84ab1f8ab674e0d43e75f20e229
c4fd486c427aff4879822fc8e342979aa0110d283582bbee589cb941de95f39f
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca7a118dd01892b5a9302e22b61a8e96c6c006f2ca642a8e24ad256ada052f5c
cb554020ec10b151dcccf7f5eae72f7807d392f2324582f4ae45168ccf9b007e
cb9b31ff535e2b76cf704d03beeeb2b2a60e6a6206b9759040430cc7774ba72e
cbd72c9f40a8903d4eb22dd875d21dcb4e604b01c9b57c5847cd9c5ee1ee6af9
cceac7ac0d2450faea3f70111cdd13df45e3c976deb8cb3e989da68e145651eb
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1afec1ae97e85059d8bc36b774818c924a47040f9a956870e719e7ce231dc0d
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d398b90b592b327e99a6d915c3a8b2896d03a3c6b617bb5cbbf555fa57ee9725
d8db0a985f1dfef50600401525dc34633f424298720239ba90888b0089ec1f06
dc288edaf30d3566c6a43f7db44c69243ef51481f3ae50a4b35868d6ac11706a
de417027b3c04d64f0f0e42493e0cb5a6936609eb56f6f0440580a191d6d6b2c
e0a4baa6061d4b9e293346882f8a3aa7d799ccf955c18d275f2ee30626f80bf2
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e7f4ae3d77496807413afb4a0d56451b31667200c0293d3e89df130190e1f10b
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
eb66d19d76b2a591f290eb9cbefa2faf0a2c8f90b124cb937270ab4b8adee08e
ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f256b1151bcdcb1156ec95c6e40a56f17a91ef8b6668bcd9d113779d98cebf42
f2e4eb2e6499e7805732b936694778a0547e32010bca773807743cfcd8e4b049
f9619e7a1dc4ec09dc3d6c5df8aa6eada684c79482d283459eac511852d5bb3c
f9f4056c68d0aad8f4ebd513e7593e36b00942fd7bfb4ad4ad665362231fd745
fb177985ebe75561e65bcb91d425186017f2017e70c5c7f8cf8915ef7e403181
fcb0ab4f6d3a4da0916061428974c4e222922d127a1da82f2e79173fa2fea1ac
fd9575fce53dce99b77257d894927fa4f5bfe59d1a2b6d793d8b3d01bf15cd6e
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

securevip.secureweb.top Open in urlscan Pro 94.131.110.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

182 Requests

96 %HTTPS

45 %IPv6

24 Domains

46 Subdomains

39 IPs

3 Countries

4060 kBTransfer

9237 kBSize

16 Cookies

285 Outgoing links

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

securevip.secureweb.top Open in urlscan Pro
94.131.110.93 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

96 %
HTTPS

45 %
IPv6

24
Domains

46
Subdomains

39
IPs

3
Countries

4060 kB
Transfer

9237 kB
Size

16
Cookies

182 HTTP transactions
4 data transactions