s3.pardad-trading.com Open in urlscan Pro
2606:4700:3032::6815:492d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://s3.pardad-trading.com/
Submission: On February 16 via api (February 16th 2024, 11:53:50 pm UTC) from US — Scanned from US

Summary HTTP 234 Redirects Links 298 Behaviour Indicators

Summary

This website contacted 41 IPs in 1 countries across 25 domains to perform 234 HTTP transactions. The main IP is 2606:4700:3032::6815:492d, located in United States and belongs to CLOUDFLARENET, US. The main domain is s3.pardad-trading.com.
TLS certificate: Issued by GTS CA 1P5 on December 29th 2023. Valid for: 3 months.

This is the only time s3.pardad-trading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
59	2606:4700:303... 2606:4700:3032::6815:492d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
69	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
1	108.138.129.160 108.138.129.160	16509 (AMAZON-02) (AMAZON-02)
4	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
5	44.195.146.220 44.195.146.220	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:251... 2600:9000:2511:4000:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	108.138.115.149 108.138.115.149	16509 (AMAZON-02) (AMAZON-02)
1	2600:141b:1c0... 2600:141b:1c00:239e::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
1	18.173.132.21 18.173.132.21	16509 (AMAZON-02) (AMAZON-02)
4	18.164.92.122 18.164.92.122	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:991::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 4	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	54.152.40.140 54.152.40.140	14618 (AMAZON-AES) (AMAZON-AES)
5	2602:803:c002... 2602:803:c002:200::32	26667 (RUBICONPR...) (RUBICONPROJECT)
15	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
4 5	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:80b::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:210... 2600:9000:210b:9400:10:43f:4352:ad61	16509 (AMAZON-02) (AMAZON-02)
2	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1 1	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4000:1d::a	15169 (GOOGLE) (GOOGLE)
2	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1	104.126.112.26 104.126.112.26	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	18.215.133.183 18.215.133.183	14618 (AMAZON-AES) (AMAZON-AES)
2	18.238.55.30 18.238.55.30	16509 (AMAZON-02) (AMAZON-02)
1 2	108.139.47.50 108.139.47.50	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.40.230 142.251.40.230	() ()
1	2600:9000:24f... 2600:9000:24f1:1600:18:1fcd:353:c61	() ()
2	2606:4700:20:... 2606:4700:20::681a:d12	() ()
1	18.204.98.167 18.204.98.167	() ()
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	() ()
234	41

59 2606:4700:3032::6815:492d (United States)

ASN13335 (CLOUDFLARENET, US)

s3.pardad-trading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.129.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-129-160.jfk50.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.195.146.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-146-220.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2511:4000:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.115.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-115-149.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:239e::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-21.jfk52.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.164.92.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-92-122.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:991::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.26 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (San Francisco, United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.152.40.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-40-140.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.226 (Queens, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80b::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:210b:9400:10:43f:4352:ad61 (United States)

ASN16509 (AMAZON-02, US)

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4000:1d::a (United States)

ASN15169 (GOOGLE, US)

r5---sn-q4flrnss.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.112.26 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-26.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.82 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.22.214 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

nytimes-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.133.183 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-133-183.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.55.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-30.jfk52.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.139.47.50 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-50.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.230 (None, ) 1 redirects

ASN- ()

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:1600:18:1fcd:353:c61 (None, )

ASN- ()

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d12 (None, )

ASN- ()

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.204.98.167 (None, )

ASN- ()

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	nyt.com g1.nyt.com — Cisco Umbrella Rank: 8413 static01.nyt.com — Cisco Umbrella Rank: 5323 a1.nyt.com	1 MB
59	pardad-trading.com s3.pardad-trading.com	1 MB
22	googlesyndication.com be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158 ade.googlesyndication.com — Cisco Umbrella Rank: 307	195 KB
15	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 278 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 551 5290727.fls.doubleclick.net	215 KB
12	nytimes.com samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 5566 a.et.nytimes.com — Cisco Umbrella Rank: 5320 als-svc.nytimes.com Failed www.nytimes.com — Cisco Umbrella Rank: 3400 dd.nytimes.com — Cisco Umbrella Rank: 7466 purr.nytimes.com Failed a.nytimes.com Failed meter-svc.nytimes.com Failed	346 KB
10	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 328 gcdn.2mdn.net — Cisco Umbrella Rank: 1326 r5---sn-q4flrnss.c.2mdn.net — Cisco Umbrella Rank: 133578	817 KB
8	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 303 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 624 aax.amazon-adsystem.com — Cisco Umbrella Rank: 407	77 KB
7	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 484 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696 dsum.casalemedia.com — Cisco Umbrella Rank: 1560	4 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 538	4 KB
5	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 479 image8.pubmatic.com — Cisco Umbrella Rank: 676 image2.pubmatic.com — Cisco Umbrella Rank: 1105	1 KB
5	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 3109 gw.geoedge.be — Cisco Umbrella Rank: 4531	160 KB
4	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 623 eb2.3lift.com — Cisco Umbrella Rank: 458	2 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 272	4 KB
3	openx.net 1 redirects rtb.openx.net — Cisco Umbrella Rank: 670 nytimes-d.openx.net — Cisco Umbrella Rank: 13546	843 B
2	brandmetrics.com cdn.brandmetrics.com collector.brandmetrics.com Failed	18 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 192	703 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 389	714 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1234 cs.media.net — Cisco Umbrella Rank: 1318	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	187 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1581 c.go-mpulse.net — Cisco Umbrella Rank: 683	50 KB
1	google.com adservice.google.com	401 B
1	chartbeat.net pnytimes.chartbeat.net	201 B
1	chartbeat.com static.chartbeat.com	24 KB
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1794	559 B
1	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1628	49 KB
234	25

	Domain	Requested by
59	s3.pardad-trading.com	s3.pardad-trading.com rumcdn.geoedge.be www.datadoghq-browser-agent.com
41	static01.nyt.com	s3.pardad-trading.com
25	g1.nyt.com	s3.pardad-trading.com g1.nyt.com
13	pagead2.googlesyndication.com	rumcdn.geoedge.be pagead2.googlesyndication.com tpc.googlesyndication.com be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com s0.2mdn.net
8	s0.2mdn.net	rumcdn.geoedge.be s0.2mdn.net be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net s3.pardad-trading.com
5	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
5	tpc.googlesyndication.com	rumcdn.geoedge.be s0.2mdn.net
5	fastlane.rubiconproject.com	www.datadoghq-browser-agent.com
4	ib.adnxs.com	2 redirects www.datadoghq-browser-agent.com googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	rumcdn.geoedge.be www.datadoghq-browser-agent.com
4	aax.amazon-adsystem.com	www.datadoghq-browser-agent.com
4	a.et.nytimes.com	s3.pardad-trading.com
4	samizdat-graphql.nytimes.com	s3.pardad-trading.com www.datadoghq-browser-agent.com
3	eb2.3lift.com	2 redirects s3.pardad-trading.com
3	image8.pubmatic.com	2 redirects s3.pardad-trading.com
3	c.amazon-adsystem.com	s3.pardad-trading.com www.datadoghq-browser-agent.com
3	rumcdn.geoedge.be	s3.pardad-trading.com rumcdn.geoedge.be
2	cdn.brandmetrics.com	www.googletagmanager.com rumcdn.geoedge.be
2	a1.nyt.com	s3.pardad-trading.com www.googletagmanager.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	sb.scorecardresearch.com	1 redirects s3.pardad-trading.com
2	dd.nytimes.com	s3.pardad-trading.com www.datadoghq-browser-agent.com
2	nytimes-d.openx.net	1 redirects s3.pardad-trading.com
2	match.adsrvr.org	2 redirects
2	ade.googlesyndication.com	be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	rumcdn.geoedge.be
2	gw.geoedge.be	rumcdn.geoedge.be
2	googleads.g.doubleclick.net	rumcdn.geoedge.be
2	be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
2	www.googletagmanager.com	s3.pardad-trading.com www.googletagmanager.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	pnytimes.chartbeat.net	s3.pardad-trading.com
1	static.chartbeat.com	s3.pardad-trading.com
1	meter-svc.nytimes.com	www.datadoghq-browser-agent.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	dsum.casalemedia.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	cs.media.net	s3.pardad-trading.com
1	r5---sn-q4flrnss.c.2mdn.net	be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	tlx.3lift.com	www.datadoghq-browser-agent.com
1	rtb.openx.net	www.datadoghq-browser-agent.com
1	prebid.media.net	www.datadoghq-browser-agent.com
1	htlb.casalemedia.com	www.datadoghq-browser-agent.com
1	hbopenbid.pubmatic.com	www.datadoghq-browser-agent.com
1	c.go-mpulse.net	www.datadoghq-browser-agent.com
1	config.aps.amazon-adsystem.com	rumcdn.geoedge.be
1	s.go-mpulse.net	s3.pardad-trading.com
1	www.nytimes.com	s3.pardad-trading.com
1	www.datadoghq-browser-agent.com	s3.pardad-trading.com
0	collector.brandmetrics.com Failed	cdn.brandmetrics.com
0	a.nytimes.com Failed	www.datadoghq-browser-agent.com
0	purr.nytimes.com Failed	www.datadoghq-browser-agent.com
0	als-svc.nytimes.com Failed	s3.pardad-trading.com
234	55

This site contains links to these domains. Also see Links.

Domain
www.nytimes.com
cn.nytimes.com
cooking.nytimes.com
theathletic.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
pardad-trading.com GTS CA 1P5	`2023-12-29` - `2024-03-28`	3 months	crt.sh
nytimes.com Thawte RSA CA 2018	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2024-12-14`	a year	crt.sh
a.et.nytimes.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2024-01-19` - `2024-12-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-21` - `2024-12-21`	a year	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-08` - `2024-04-06`	a year	crt.sh
meter-svc.nytimes.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://s3.pardad-trading.com/
Frame ID: B6F57D4B457764B5157C57A832A2B37C
Requests: 186 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Frame ID: 1BA665F34DC718B13B6D7ECAD665B2EF
Requests: 1 HTTP requests in this frame

Frame: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 48A538F1563B6BCEDFA44E4DC8E939A8
Requests: 1 HTTP requests in this frame

Frame: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7FD0E85F8A236ECAE80AB22851299710
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhizwJn9ATAB&v=APEucNXl70OFElHnzFg6Fqx012QIIMUGJRgIf5I2UjIDEHyJq6eN8hL_FnwqBBPH48jk3w3SOf2EbHlBU2CkdT3KqVcMaROU8w
Frame ID: 7209E46CAE0831F0F6E0BAA38C20F14A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B68CD2486A67F8DDC61F6D2FD83AEEEB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250
Frame ID: E50EE866B6D1D90B81BD1260BD866AC7
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Frame ID: 571A32857A4DC3C086548BBF28526B61
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNqAz6SHsYQDFcC2AAAdHlED-w;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=352676510.1708127629;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=noapi;gtm=45He42e0v72703797za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs3.pardad-trading.com%2F
Frame ID: FFEA765F2C75F74EC16E5121924F74DF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The New York Times - Breaking News, US News, World News and Videos2024 Election

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

234
Requests

91 %
HTTPS

39 %
IPv6

25
Domains

55
Subdomains

41
IPs

1
Countries

4808 kB
Transfer

11769 kB
Size

37
Cookies

298 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nytimes.com/es/
Title: Español

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/todayspaper
Title: Today’s Paper

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/us
Title: U.S.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/nyregion
Title: New York

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/california-today
Title: California

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/education
Title: Education

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/obituaries
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/science
Title: Science

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/climate
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/sports
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/upshot
Title: The Upshot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/magazine
Title: The Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/2024-election
Title: 2024 Elections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-supreme-court
Title: Supreme Court

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/topic/organization/us-congress
Title: Congress

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/joe-biden
Title: Biden Administration

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/donald-trump-investigations
Title: Trump Investigations

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/immigration-us
Title: Immigration

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/abortion-news
Title: Abortion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/eric-adams-mayor-nyc
Title: The Eric Adams Administration

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing
Title: The MorningMake sense of the day’s news and ideas.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/upshot
Title: The UpshotAnalysis that explains politics, policy and everyday life.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters
Title: See all newsletters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-daily
Title: The DailyThe biggest stories of our time, in 20 minutes a day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/election-run-up-podcast
Title: The Run-UpOn the campaign trail with Astead Herndon.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/podcasts
Title: See all podcasts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/africa
Title: Africa

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/americas
Title: Americas

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/asia
Title: Asia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/australia
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/canada
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/europe
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/world/middleeast
Title: Middle East

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/israel-hamas-gaza
Title: Israel-Hamas War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/ukraine-russia
Title: Russia-Ukraine War

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/morning-briefing-europe
Title: Morning Briefing: EuropeGet what you need to know to start your day.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-interpreter
Title: The InterpreterOriginal analysis on the week’s biggest global stories.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/australia-letter
Title: Australia LetterNews, features and opinion for readers in the region.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/canada-letter
Title: Canada LetterBackstories and analysis from our Canadian correspondents.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/economy
Title: Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/media
Title: Media

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/markets-overview
Title: Finance and Markets

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/dealbook
Title: DealBook

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/technology/personaltech
Title: Personal Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/business/energy-environment
Title: Energy Transition

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/your-money
Title: Your Money

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/economy-business-us
Title: U.S. Economy

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/artificial-intelligence
Title: Artificial Intelligence

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/dealbook
Title: DealBookThe most crucial business and policy news you need to know.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/hard-fork
Title: Hard ForkOur tech journalists help you make sense of the rapidly changing tech world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts
Title: Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/books
Title: Books

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/books/best-sellers
Title: Best Sellers

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/dance
Title: Dance

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/movies
Title: Movies

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/music
Title: Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/television
Title: Television

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/theater
Title: Theater

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/pop-culture
Title: Pop Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/t-magazine
Title: T Magazine

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/arts/design
Title: Visual Arts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/best-of
Title: Best of 2023

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/news-event/awards-season
Title: Award Season

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/critics-picks
Title: Critic’s Picks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/books-to-read
Title: What to Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/what-to-watch
Title: What to Watch

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/playlist
Title: What to Listen To

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/10/27/arts/music/music-fivemins-collection.html
Title: 5 Minutes to Make You Love Music

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/read-like-the-wind
Title: Read Like the WindBook recommendations from our critics.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/watching
Title: WatchingStreaming TV and movie recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/book-review-podcast
Title: Book ReviewThe podcast that takes you inside the literary world.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/popcast-pop-music-podcast
Title: PopcastPop music news, new songs and albums, and artists of note.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/lifestyle
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well
Title: Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/travel
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/style
Title: Style

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/realestate
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/food
Title: Food

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion
Title: Fashion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/fashion/weddings
Title: Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love
Title: Modern Love

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-hunt
Title: The Hunt

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/social-qs
Title: Social Q’s

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-ethicist
Title: The Ethicist

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/eat
Title: Eat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/move
Title: Move

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/mind
Title: Mind

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/family
Title: Family

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/well/live
Title: Live

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ask-well
Title: Ask Well

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/open-thread-fashion
Title: Open ThreadThe latest news on what we wear, by our chief fashion critic.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/love-letter
Title: Love LetterReal stories of relationship highs, lows and woes.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/modern-love-podcast
Title: Modern LoveThe complicated love lives of real people.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion
Title: Opinion

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/contributors
Title: Guest Essays

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/editorials
Title: Editorials

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/op-docs
Title: Op-Docs

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/opinion-video
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/letters
Title: Letters

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/international-world
Title: World

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/business-economics
Title: Business

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/technology
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/environment
Title: Climate

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/health
Title: Health

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/section/opinion/culture
Title: Culture

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/charles-m-blow
Title: Charles M. Blow

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/jamelle-bouie
Title: Jamelle Bouie

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/david-brooks
Title: David Brooks

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/gail-collins
Title: Gail Collins

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/ross-douthat
Title: Ross Douthat

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/maureen-dowd
Title: Maureen Dowd

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/david-french
Title: David French

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/thomas-l-friedman
Title: Thomas L. Friedman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/michelle-goldberg
Title: Michelle Goldberg

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/ezra-klein
Title: Ezra Klein

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/nicholas-kristof
Title: Nicholas Kristof

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/paul-krugman
Title: Paul Krugman

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/carlos-lozada
Title: Carlos Lozada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/tressie-mcmillan-cottom
Title: Tressie McMillan Cottom

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/pamela-paul
Title: Pamela Paul

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/lydia-polgreen
Title: Lydia Polgreen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/bret-stephens
Title: Bret Stephens

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/by/zeynep-tufekci
Title: Zeynep Tufekci

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/matter-of-opinion
Title: Matter of OpinionThoughts, aloud. With Michelle Cottle, Ross Douthat, Carlos Lozada and Lydia Polgreen.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/ezra-klein-podcast
Title: The Ezra Klein ShowDiscussions of ideas that matter, plus book recommendations.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/audio/app
Title: Download the Audio app on iOS.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/column/the-headlines
Title: The Headlines

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/podcasts/serial-productions.html
Title: Serial Productions

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/reporter-reads
Title: Reporter Reads

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/the-sunday-read
Title: The Sunday Read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/10/19/podcasts/serial-kids-rutherford-county.html
Title: The Kids of Rutherford CountyA series about how one county illegally jailed children.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/audio
Title: AudioOur editors share their favorite listens from the New York Times Audio app.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription/all-access
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords
Title: Games

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/spelling-bee
Title: Spelling Bee

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/mini
Title: The Mini Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/wordle/index.html
Title: Wordle

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/crosswords/game/daily/
Title: The Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/vertex
Title: Vertex

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/games/connections
Title: Connections

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/sudoku
Title: Sudoku

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/letter-boxed
Title: Letter Boxed

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/puzzles/tiles
Title: Tiles

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/spelling-bee-forum
Title: Spelling Bee Forum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/daily-crossword-column
Title: Wordplay Column

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/wordle-review
Title: Wordle Review

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/article/submit-crossword-puzzles-the-new-york-times.html
Title: Submit a Crossword

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/puzzle-making
Title: Meet Our Crossword Constructors

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2022/09/19/crosswords/mini-to-maestro-part-1.html
Title: Mini to Maestro

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2022/upshot/wordle-bot.html
Title: Wordlebot

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/gameplay
Title: GameplayPuzzles, brain teasers, solving tips and more.

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-recipes
Title: Easy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/dinner-recipes
Title: Dinner

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/43843372-quick-recipes
Title: Quick

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/healthy-recipes
Title: Healthy

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/breakfast
Title: Breakfast

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegetarian
Title: Vegetarian

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/vegan-recipes
Title: Vegan

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-chicken-recipes
Title: Chicken

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/our-best-pasta-recipes
Title: Pasta

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/desserts
Title: Dessert

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/638891-best-soup-stew-recipes
Title: Soups and Stews

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/easy-weeknight
Title: Easy Weeknight

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/32998034-our-newest-recipes
Title: Newest Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/2370458-one-pot-dinner-recipes
Title: One-Pot Meals

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/68861692-nyt-cooking/950138-amazing-slow-cooker-recipes
Title: Slow Cooker Recipes

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/comfort-food
Title: Comfort Food

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/topics/entertaining
Title: Party Recipes

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/cooking
Title: The Cooking NewsletterCulinary inspiration from Sam Sifton and Melissa Clark.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-veggie
Title: The VeggieDelicious vegetarian recipes and tips from Tanya Sichynsky.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/five-weeknight-dishes
Title: Five Weeknight DishesDinner ideas for busy people from Emily Weinstein.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/
Title: Wirecutter

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter
Title: WirecutterReviews and recommendations for thousands of products.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/kitchen-dining/
Title: Kitchen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/electronics/
Title: Tech

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/sleep/
Title: Sleep

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/appliances/
Title: Appliances

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/home-garden/
Title: Home and Garden

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/make-a-plan/moving/
Title: Moving

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/travel/
Title: Travel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/gifts/
Title: Gifts

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/deals/
Title: Deals

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/baby-kid/
Title: Baby and Kid

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/health-fitness/
Title: Health and Fitness

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-air-purifier/
Title: Air Purifier

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-electric-toothbrush/
Title: Electric Toothbrush

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-pressure-washer/
Title: Pressure Washer

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-cordless-stick-vacuum/
Title: Cordless Stick Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-office-chair/
Title: Office Chair

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/wirecutter/reviews/best-robot-vacuum/
Title: Robot Vacuum

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/the-recommendation
Title: The RecommendationThe best independent reviews, expert advice and intensively researched deals.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/newsletters/clean-everything
Title: Clean EverythingStep-by-step advice on how to keep everything in your home squeaky clean.

Search URL Search Domain Scan URL

URL: https://theathletic.com/
Title: The Athletic

Search URL Search Domain Scan URL

URL: https://theathletic.com/nfl/
Title: NFL

Search URL Search Domain Scan URL

URL: https://theathletic.com/mlb/
Title: MLB

Search URL Search Domain Scan URL

URL: https://theathletic.com/nba/
Title: NBA

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/premier-league/
Title: Premier League

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-football/
Title: NCAAF

Search URL Search Domain Scan URL

URL: https://theathletic.com/college-basketball/
Title: NCAAM

Search URL Search Domain Scan URL

URL: https://theathletic.com/nhl/
Title: NHL

Search URL Search Domain Scan URL

URL: https://theathletic.com/womens-college-basketball/
Title: NCAAW

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/mls/
Title: MLS

Search URL Search Domain Scan URL

URL: https://theathletic.com/formula-1/
Title: Formula 1

Search URL Search Domain Scan URL

URL: https://theathletic.com/football/nwsl/
Title: NWSL

Search URL Search Domain Scan URL

URL: https://theathletic.com/golf/
Title: Golf

Search URL Search Domain Scan URL

URL: https://theathletic.com/tag/a1-must-read-stories/
Title: Must-Read Stories

Search URL Search Domain Scan URL

URL: https://theathletic.com/news/
Title: Today's News

Search URL Search Domain Scan URL

URL: https://theathletic.com/nfl/draft/
Title: 2024 NFL Draft

Search URL Search Domain Scan URL

URL: https://theathletic.com/5029170/2023/12/19/free-agents-mlb-list/
Title: MLB Free Agency

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-pulse
Title: The PulseDelivering the top stories in sports, Sunday to Friday.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-windup
Title: The WindupThe biggest stories in baseball, by Levi Weaver with Ken Rosenthal.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/the-bounce
Title: The BounceEssential NBA news from Zach Harper and Shams Charania.

Search URL Search Domain Scan URL

URL: https://theathletic.com/newsletters/full-time
Title: Full TimeThe biggest women's soccer stories, from Emily Olsen, Meg Linehan & Steph Yang

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2024/02/16/world/aleksei-navalny
Title: Aleksei NavalnyFeb. 16, 2024, 6:07 p.m. ET46m ago46m ago

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2024/02/16/us/trump-haley-biden-election
Title: U.S. Presidential RaceFeb. 16, 2024, 6:02 p.m. ET51m ago51m ago

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/nyregion/trump-civil-fraud-trial-ruling.html
Title: Trump Is Ordered to Pay $355 Million and Is Barred From New York BusinessThe ruling in Donald Trump’s civil fraud case could cost him all his available cash. It also bars him from running a business in the state for three years.The judge also barred the former president’s adult sons from serving in top roles at any New York company for two years.7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/nyregion/arthur-engoron-trump-judge.html
Title: The Judge Who Dealt a Huge Financial Blow to TrumpFor over three years, Justice Arthur Engoron has been ruling against Donald Trump. On Friday, he handed Mr. Trump a loss.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2024/02/16/nyregion/trump-fraud-engoron-decision-annotated.html
Title: Read the judge’s ruling in Donald Trump’s civil fraud case with annotations from The Times.

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/nyregion/trump-fraud-trial-ny-law.html
Title: Donald Trump’s harsh punishment was made possible by a little-known state law.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/world/europe/navalny-death-analysis-russia.html
Title: ANALYSISIn prison or out, Aleksei Navalny was the thorn in President Vladimir Putin’s side.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/world/europe/aleksei-navalny-dead-russia.html
Title: Aleksei Navalny, Russian Opposition Leader, Dies in Prison at 47The Kremlin’s fiercest critic, whose work brought arrests, attacks and a near-fatal poisoning in 2020, had spent months in isolation. Read our full obituary.8 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/us/politics/presidential-candidates-2024.html
Title: Who’s Running for President?

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2024/us/elections/republican-primary-calendar.html
Title: G.O.P. Delegate Tracker

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2023/08/18/us/politics/republican-candidates-2024-issues.html
Title: Candidates on the Issues

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/01/us/politics/super-tuesday-when-states.html
Title: A Guide to Super Tuesday

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/us/politics/trump-abortion-ban.html
Title: Trump Privately Expresses Support for a 16-Week Abortion BanDonald Trump appears to be trying to satisfy social conservatives who want to further restrict abortion access and voters who want more modest limits.6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/technology/ai-elections-defense.html
Title: In a year of major elections, A.I. companies are racing to prevent the technology from threatening democracies.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/us/politics/presidential-election-voters.html
Title: From On Politics: Are there any persuadable voters left?7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/article/fani-willis-georgia-trump.html
Title: What We Know

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/15/us/politics/trump-georgia-fani-willis-hearing.html
Title: Day 1 Takeaways

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2023/02/16/us/politics/fani-willis-trump-investigation.html
Title: Who Is Fani Willis?

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/15/us/politics/fani-willis-disqualified-trump.html
Title: What if She Is Disqualified?

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/us/politics/fani-willis-trump-georgia-hearing.html
Title: Takeaways From Day 2 of the Hearing in the Georgia Trump CaseDefense lawyers for Donald Trump failed to undercut assertions by the prosecutors whom they are trying to get disqualified from the election interference case.3 min read<img src="https://static01.nyt.com/images/2024/02/16/multimedia/16nat-trump-georgia-vcgw/16nat-trump-georgia-vcgw-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Fani Willis gestures with her hands on the witness stand. " class="css-122y91a"/>Pool photo by Alyssa Pointer

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/us/alabama-radio-tower-stolen.html
Title: Missing in Alabama: A Radio Tower, and ‘The Sound of Walker County’On Feb. 2, Brett Elmore was informed that his radio station’s 190-foot-tall tower had vanished. Now he wants answers, and hopes his station can hang on.6 min read<img src="https://static01.nyt.com/images/2024/02/16/multimedia/16nat-tower-stolen-02-wlck-HP/16nat-tower-stolen-02-wlck-HP-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A car is parked in front of a strip mall building that has a sign saying “WJLX/WJBE The Sound of Walker County” on its facade." class="css-122y91a"/>Wes Frazer for The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/article/kansas-city-parade-shooting.html
Title: What We Know

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/14/us/kc-shooting-victims-hospital.html
Title: The Victims

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/14/us/witnesses-kansas-city-shooting-parade.html
Title: Chaos at a Super Bowl Celebration

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/14/us/kansas-city-shooting-players-social-media.html
Title: Kansas City Players React

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/us/kansas-city-super-bowl-celebration-charges.html
Title: 2 Teenagers Are Charged in Connection to Kansas City ShootingThe authorities said the teenagers had been charged with resisting arrest and gun violations, and that additional charges are expected.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/business/sports-violence-kansas-city-shooting.html
Title: High-profile instances of violence have led to an unease among some that sporting events are becoming less safe.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/us/politics/biden-impeachment-republicans-informant.html
Title: AnalysisIndictment of Informant Undercuts G.O.P.’s Impeachment DriveThe effort by House Republicans to find wrongdoing on the part of President Biden took another big blow when a key source was charged with making up allegations.5 min read<img src="https://static01.nyt.com/images/2024/02/16/multimedia/16dc-impeach-01-jbmv/16dc-impeach-01-jbmv-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="President Biden in a blue suit, white shirt and blue striped tie. " class="css-122y91a"/>Pete Marovich for The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/your-money/scam-new-york-magazine-amazon-ftc-cia.html
Title: What Amazon, the F.T.C. and the C.I.A. Won’t Say if You’ve Been ScammedA columnist wrote about losing $50,000 to crooks pretending to be from Amazon and government agencies. We asked the company and agencies for comment.5 min read<img src="https://static01.nyt.com/images/2024/02/17/business/16money/16money-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A woman holding money facing a shark wearing a human mask." class="css-122y91a"/>Robert Neubecker

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/world/middleeast/iran-israel-attacks-gas-pipelines.html
Title: Israel Was Behind Attacks on Major Gas Pipelines in Iran, Officials SayThe sabotage, which analysts said marked an escalation in the shadow war between Israel and Iran, caused sweeping disruption in several provinces.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/world/middleeast/israel-gaza-nasser-hospital-hostages.html
Title: Israel Says It Will Not Force Gazans Into EgyptThe announcement from Israel’s defense minister came as Israeli forces combed the largest hospital in southern Gaza.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/world/middleeast/houthis-terror-group.html
Title: The U.S. designated the Yemen-based Houthis as a terrorist organization.2 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/arts/dance/review-alexei-ratmansky-solitude-new-york-city-ballet.html
Title: Alexei Ratmansky Unleashes the Pain of War at City BalletIn “Solitude,” New York City Ballet’s artist in residence brings a photograph to life, our critic writes.5 min read<img src="https://static01.nyt.com/images/2024/02/17/multimedia/16ratmansky-1-vwqh/16ratmansky-1-vwqh-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A dancer kneels next to the body of a boy. Next to them are two rows of other dancers, some lying on the floor and others above them with an arm outstretched." class="css-122y91a"/>Andrea Mohin/The New York Times

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/trump-civil-trial-losses.html
Title: Andrea BernsteinHow Trump Turns His Courtroom Losses Into Wins5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/aleksei-navalny-putin-russia.html
Title: <img src="https://static01.nyt.com/images/2024/02/16/multimedia/16kristof-jvwp/16kristof-jvwp-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="a photograph of Alexei Navalny standing outside amid a group of people." class="css-122y91a"/>Nicholas KristofWhat Feckless Americans Can Learn From Navalny’s Bravery5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2024/02/13/opinion/thepoint/trump-abortion-ban
Title: <img src="https://static01.nyt.com/images/2020/06/21/opinion/lauren-kelley-author/lauren-kelley-author-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Lauren Kelley" class="css-122y91a"/>Lauren KelleyTrump Is Picking a Number Out of a Hat2 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2024/02/13/opinion/thepoint/navalny-putin-death
Title: <img src="https://static01.nyt.com/images/2017/08/27/insider/bretstephens/bretstephens-thumbLarge-v6.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Bret Stephens" class="css-122y91a"/>Bret StephensPutin and His Enablers Should Be Held Responsible for Navalny’s Death2 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/washington-books-biden.html
Title: <img src="https://static01.nyt.com/images/2022/09/09/opinion/carlos-lozada-circle/carlos-lozada-circle-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Carlos Lozada" class="css-122y91a"/>Carlos LozadaI Read These Books So That You Don’t Have To10 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/creative-work-productivity-seasonality.html
Title: <img src="https://static01.nyt.com/images/2024/02/18/opinion/16lozada-image/16lozada-image-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration showing a person in various stages of relaxation and stretching in a circle resembling a clock." class="css-122y91a"/>Cal NewportTo Cure Burnout, Embrace Seasonality7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/trump-dobbs-abortion.html
Title: <img src="https://static01.nyt.com/images/2019/01/24/opinion/jamelle-bouie/jamelle-bouie-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Jamelle Bouie" class="css-122y91a"/>Jamelle BouieTrump Owns Dobbs and Everything That Comes With It5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/fossil-fuel-ban-climate.html
Title: <img src="https://static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/Peter_Coy_Final-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Peter Coy" class="css-122y91a"/>Peter CoyWhy Don’t We Just Ban Fossil Fuels?7 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/interactive/2024/02/16/opinion/sourdough-bread-starters-pandemic.html
Title: Lexie SmithWhat Sourdough Taught Me, in the Pandemic and Beyond

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/aleksei-navalny-russia.html
Title: Letters From Our ReadersAleksei Navalny, ‘Indomitable Spirit’5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/trump-biden-presidential-fitness.html
Title: Matter of OpinionAudioThe Presidential Fitness Test35 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/elizabeth-gloucester-black-history.html
Title: Brent StaplesThe Lost Story of New York’s Most Powerful Black Woman16 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/live/2024/02/13/opinion/thepoint/trump-criminal-trials
Title: Jesse WegmanThe Big Question Hovering Over Trump’s Criminal Trials2 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/opinion/ezra-klein-biden-audio-essay.html
Title: The Ezra Klein ShowAudioDemocrats Have a Better Option Than Biden25 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/15/opinion/democracy-good-evil.html
Title: David BrooksThe Cure for What Ails Our Democracy5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/15/opinion/trump-nato.html
Title: Paul KrugmanTrump Is at Odds With NATO — and Reality4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/14/business/economy/productivity-economy.html
Title: Can America Turn a Productivity Boomlet Into a Boom?

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/14/business/economy/lessons-job-market.html
Title: Three Lessons From a Surprisingly Resilient Job Market

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/podcasts/sydney-ai-perplexity.html
Title: <img src="https://static01.nyt.com/images/2024/02/16/podcasts/16Hard-Fork-episodic-cats/16Hard-Fork-episodic-cats-square640-v2.png?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Three cats tumbling through the air. " class="css-122y91a"/>Hard ForkAudioThe State of A.I., and Will Perplexity Beat Google or Destroy the Web?77 min listen

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/technology/openai-artificial-intelligence-deal-valuation.html
Title: OpenAI Completes Deal That Values the Company at $80 BillionThe A.I. start-up’s valuation tripled in less than 10 months, making it one of the world’s most valuable tech start-ups.2 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/nyregion/andrew-cuomo-lawsuit.html
Title: Next on Cuomo’s Rehabilitation Tour: Blowing Up a State Ethics PanelAndrew Cuomo’s lawyers were in court to press the former governor’s case that a New York ethics commission is unconstitutional and should be disbanded.5 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/business/epstein-advisers-lawsuit.html
Title: Two of Epstein’s Closest Advisers Are Sued by His VictimsJeffrey Epstein’s longtime accountant and his personal lawyer were accused of enabling the disgraced financier’s sex trafficking.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/16/us/politics/bali-bombing-case-torture.html
Title: <img src="https://static01.nyt.com/images/2021/08/31/us/politics/00dc-hambali/31dc-gitmo-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Pictures of three men side by side. All of them are wearing white skullcaps and long tunics." class="css-122y91a"/>Torture by U.S. Was Key Issue in Bali Bombing Plea DealHow prisoners were treated has complicated prosecutors’ efforts to hold trials in the Sept. 11 and the U.S.S. Cole bombing cases at Guantánamo.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/15/style/jaime-king-lights-out.html
Title: <img src="https://static01.nyt.com/images/2024/02/15/multimedia/15JAMIE-KING-01-vztb/15JAMIE-KING-01-vztb-threeByTwoMediumAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Jaime King lies belly down on a yellow sofa, wearing an orange-red top and lipstick. She looks straight into the camera." class="css-122y91a"/>Damien Maloney for The New York TimesJaime King Is on a JourneyThe actress and ’90s model formerly known as James is ready to talk about her future as well as her past.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/15/books/review/splinters-leslie-jamison.html
Title: <img src="https://static01.nyt.com/images/2024/02/20/books/review/20Jamison-review/20Jamison-review-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="This illustration shows the fragmented face of a young woman with brown hair, as though reflected in a mirror that has broken into a dozen shards." class="css-122y91a"/>BOOK REVIEWLeslie Jamison Is a Self in ‘Splinters’The author examines a life composed of conflicting identities.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/15/arts/television/review-the-vince-staples-show.html
Title: <img src="https://static01.nyt.com/images/2024/02/17/multimedia/14vincestaples-jtgc/14vincestaples-jtgc-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="A man in a green floral print shirt sits on a sofa looking at a man in clown makeup and a stocking cap reclining in a chair" class="css-122y91a"/>TV REVIEW‘The Vince Staples Show’ Is a Hip-Hop Head TripNetflix adds to the rap-comedy canon.3 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/15/arts/music/blind-injustice-ohio-innocence-project.html
Title: <img src="https://static01.nyt.com/images/2024/02/16/multimedia/16Injustice-Cover-bphl/16Injustice-Cover-bphl-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Three people, in street clothing, rehearse onstage. Two of them are looking at clipboards." class="css-122y91a"/>‘Blind Injustice’ Spotlights Wrongful ImprisonmentQuestions of prejudice, guilt and resilience run throughout the opera.4 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/2024/02/12/movies/gkids-the-boy-and-the-heron.html
Title: <img src="https://static01.nyt.com/images/2024/02/18/multimedia/18GKIDS-01-lzch/18GKIDS-01-lzch-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="Two wide-eyed animated figures with large heads crowd a frame. One is clad in gray, the other red. " class="css-122y91a"/>How GKids Became the A24 of AnimationThe small distributor handles Studio Ghibli films in the United States.6 min read

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/spotlight/connections-companion
Title: Connections CompanionIn case you need some puzzle help.<img src="https://static01.nyt.com/images/2023/10/19/crosswords/19connections-column-133/19connections-column-133-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale" alt="An illustration of a person giving a figure a thumbs up." class="css-122y91a"/>

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2024 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/cookie-policy#how-do-i-manage-trackers
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/privacy/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/ca/
Title: Canada

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/international/
Title: International

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/subscription?campaignId=37WXW
Title: Subscriptions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfTK54BOs4WejRFO8Ysxsk&google_cver=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc-1hdHM5EgAAA1lAAMsngAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfTK54BOs4WejRFO8Ysxsk&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIQ8Sm4TMd6lL789w7Z4fX4&google_cver=1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc3OTg1OTg1NzA4OTk0ODU1

Request Chain 162

https://gcdn.2mdn.net/videoplayback/id/107dcc151f57a8bf/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739663621/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/5962C9C5C024AB82FEB6F26C0BC7F46DA079A8BD.78A7FEFC6A2E7A1B84F22DEF97D32858F933E627/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/107dcc151f57a8bf/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739663621/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4A6E4157D84A37854E3B7EC38EDFF21338505067.85049171F417868AE09E807205C70534D1A6EE5D/key/cms1/cms_redirect/yes/mh/o8/mip/2001:550:1d05:1::3/mm/42/mn/sn-q4flrnss/ms/onc/mt/1708127335/mv/m/mvi/5/pl/48/file/file.mp4

Request Chain 172

https://image8.pubmatic.com/AdServer/ImgSync?p=163427 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=163427&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjdGQzAwMUItQjFBMC00MTQxLTlDMTktNjNCRkI0ODI4NUIy&gdpr=-1&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 173

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=da92c6fa-f3fb-4da8-a710-e66088258e8f&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 174

https://nytimes-d.openx.net/w/1.0/pd HTTP 302
https://nytimes-d.openx.net/w/1.0/pd?cc=1

Request Chain 175

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eff7afa8-5a7f-4bf0-9f23-5735c1b069e2&expiration=1739750024

Request Chain 181

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1708127624743&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fs3.pardad-trading.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1708127624743&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fs3.pardad-trading.com%2F&c9=

Request Chain 220

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=352676510.1708127629;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=noapi;gtm=45He42e0v72703797za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs3.pardad-trading.com%2F HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNqAz6SHsYQDFcC2AAAdHlED-w;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=352676510.1708127629;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=noapi;gtm=45He42e0v72703797za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs3.pardad-trading.com%2F

234 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
s3.pardad-trading.com/ 1 MB
173 KB 443ms
342ms Document
text/html 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7edead72d48e3c090460d631d9b26d325ebf5f05d7da28964d0fce385241199

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
age: 4
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=30,no-cache
cf-cache-status: DYNAMIC
cf-ray: 8569b6106aad74aa-MIA
content-encoding: br
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Fri, 16 Feb 2024 23:53:38 GMT
last-modified: Fri, 16 Feb 2024 23:53:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/
permissions-policy: browsing-topics=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xmesAoyp7hOHe5GcsmbIBjL0nksn94ue7Gyus8jswUcTmY7ssH34uojqK21G6kv7MkZPo4IcfNgPmqqo93%2BsdyjKxmfMIscMaxBnCWIupKDoTeFF54c40OvwrFuhHURBMLElh8g9NEXH%2FqBZWBLrV4cdTQo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 662b48922e664a8e9e8688678d1c0e12
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-content-type-options: nosniff
x-envoy-decorator-operation: vi.nyt.net:443/*
x-envoy-upstream-service-time: 324
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Fri, 16 Feb 2024 23:53:33 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-home-headers-map: allocation-id=rlwApB3ipCCse5AGF1CYfv
x-nyt-mktg-group: group4
x-nyt-route: homepage
x-origin-time: 2024-02-16 23:53:36 UTC
x-pagetype: vi-homepage
x-served-by: cache-lga21939-LGA, cache-fra-etou8220109-FRA
x-timer: S1708127619.873412,VS0,VE3
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 251ms
32ms Stylesheet
text/css 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:13 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2649369
x-guploader-uploadid: ADPycduGY6M3wNYHV6UpueyfnsXJLOxiOAQwp3106DL_EFazhtPLZl2SiGLw-MEdlW4L8uCNG3OcGvr0KYfUUjnOG146xEM6rVi6
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9868
x-served-by: cache-mia-kmia1760080-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1708127619.355722,VS0,VE0
etag: "b79308aee772cf8921761a4fdb884fe5"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1673991774978541
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 63271

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
s3.pardad-trading.com/vi-assets/static-assets/ 6 KB
3 KB 339ms
336ms Stylesheet
text/css 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ADPycduhiXPSjAmvTOeEvsL5W9Sbr8W7OBvGcSfktDgJf5GEO79r26XP4FcESqPvi5OclQTJokas6EvU5VsdkVwoNs_oVQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-17 01:48:46 UTC
x-served-by: cache-fra-eddf8230068-FRA
x-timer: S1708127619.377560,VS0,VE1
etag: W/"e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1692068681438560
content-type: text/css; charset=utf-8
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 12603
expires: Fri, 16 Aug 2024 01:48:46 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 17 Aug 2023 00:55:14 GMT
server: cloudflare
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AckOya6BTbLgBxgo%2BRXvlxNxQ7YhERMMZc4MV0y9jSsipArSmwlGlFvGqgRnnjuJVzyTQ4Rjj44txzmZyqD0T%2FvT39%2FS5%2BV02Gzl3ta50v0tk5OfR7jbwMm8npkbMeIe%2Be5g1li9umra22fABuNM0M%2B6vIw%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 5656
permissions-policy: browsing-topics=()
cf-ray: 8569b61398fb74aa-MIA

GET
H2 200 datadog-rum.js Show response
www.datadoghq-browser-agent.com/us1/v5/ 152 KB
49 KB 212ms
68ms Script
application/javascript 108.138.129.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.129.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-129-160.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4cd85fa783c1faa16a76e3d00b04db35bc35dc079dda367b8ee7956f1cea4fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:07 GMT
content-encoding: br
via: 1.1 41c6f8f93eca2f7c81a04a82e2d6ae92.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 14:28:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 33
x-amz-server-side-encryption: AES256
etag: W/"0581a66ec605a9a33cd79696c28170ec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=14400, s-maxage=60
timing-allow-origin: *
x-amz-cf-id: hzgfHvVHxkU7yw2w-dIkT0cZFr-rCYgpBVOjN5q_lLq3974OJdZEcw==

GET
H3 200 adslot-b4b9d2f20e2c7d673f63.js Show response
s3.pardad-trading.com/vi-assets/static-assets/ 24 KB
10 KB 400ms
392ms Script
application/javascript 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/adslot-b4b9d2f20e2c7d673f63.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

babddd6b42eb3aead6829b35241af5c8f275fec1dad7412d2a538a4d78652b4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-amz-meta-origin: main
content-encoding: br
x-amz-request-id: 4XA4J5FJEVSY8H3K
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-02-08 18:01:49 UTC
x-served-by: cache-fra-etou8220065-FRA
x-timer: S1708127620.763391,VS0,VE1
etag: W/"86439193ec200343129b0309c03bc8b0"
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-b4b9d2f20e2c7d673f63.js
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-amz-meta-last-modified: 1707414457
x-cache-hits: 1332
date: Fri, 16 Feb 2024 23:53:39 GMT
x-amz-version-id: uNgZHiJr3metavFUCw9FnjIpTQDS6y8_
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iCyS2XJWAHuDL5YN75MBmhHKRzboeokiOc+fDIzLJifo02X1RPkOGa2J0M6f6cEz2FNHUjek9zc=
last-modified: Thu, 08 Feb 2024 17:47:45 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zClboCBms8uAzD8Zxm3nSaCoGT%2BG0%2FQq8i0SlvqzXemhCOnhw24dy9gkZDhN5nIrjnvQQPlos4kdLjPBxT4ZkmDb3IucbvOiJECpOBt8sxBUSm%2BE1EbLTiISJ7GDCu1s2HfH3Gw%2BN1HrtBAH6MEsWMTY5Q%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
permissions-policy: browsing-topics=()
cf-ray: 8569b615dc59da77-MIA

GET
H2 200 icon-the-morning_144x144-b12a6923b6ad9102b766352261b1a847.webp
s3.pardad-trading.com/vi-assets/static-assets/ 2 KB
3 KB 1133ms
1132ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-morning_144x144-b12a6923b6ad9102b766352261b1a847.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e99cc00c52afca0a9c6a4bcbc440dec602e194e04eba329850b57c16283779e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPp7C5s092TqAMf1PdrXsBD2ZILDA5vx5QHjRrRPM60rkF49dnub6igy1JeKBlsfurX7Cg
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220124-FRA
x-timer: S1708127620.328595,VS0,VE1
etag: "1a850d4e08393437f3268ced083856bd"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219412775
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-morning_144x144-b12a6923b6ad9102b766352261b1a847.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 642
expires: Thu, 30 Jan 2025 15:00:13 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1974
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=nhpbwg==, md5=GoUNTgg5NDfzJoztCDhWvQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STBM%2FJo%2B9yhgWZcRGLS2BbuTIlUPMydHibaT1eT%2FGKa0f07BUrIqdzdal02vRcgsiL%2B6y2safpFoYb4MdOuQl59XRzY5brXVH%2BXITnyolsAbCMRwbF1lKyUGlm6B12Z%2BwpDwnWBkppZJUjAzJAxLQOVl4B4%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1974
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6149aa674aa-MIA

GET
H2 200 icon-the-upshot_144x144-0b1553ff703bbd07ac8fe73e6d215888.webp
s3.pardad-trading.com/vi-assets/static-assets/ 986 B
2 KB 334ms
333ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-upshot_144x144-0b1553ff703bbd07ac8fe73e6d215888.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

815e85139cc9a73d4233ca7620d3aea96bd46da73c96ef98f9f6217747252861

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrx4gu860HcxXCJ_HzPyxEP5bTTnmbQOhKEvxmHUrjFkYI0d4c29sy0F4czFBIe-Ha6iaBrqs8bKA
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230076-FRA
x-timer: S1708127620.528185,VS0,VE1
etag: "7619f36515a80c34616bb3f706438e35"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219415013
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-upshot_144x144-0b1553ff703bbd07ac8fe73e6d215888.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9398
expires: Thu, 30 Jan 2025 15:00:26 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 986
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=oIrD8w==, md5=dhnzZRWoDDRha7P3BkOONQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l41t3f0Nd5VYrwDdbwGBikSHiiG3E1zjfaJ8hXbNpHEW%2F34uA5wznbJk04PQKOudxzqpKVpN2GsfN%2BJSqgzLAX4NMONj0qOCtJI6BPa9whxqK7Wsg2%2BAcRIfOWMWX250RIwxiSdm9MuxbBzdilNGo6s5Xsc%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 986
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6149aa974aa-MIA

GET
H2 200 the-daily-album-art-mediumSquare149-v3.jpg
static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/ 2 KB
2 KB 63ms
37ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/the-daily-album-art-mediumSquare149-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5bcbb026b99cf9c89f233879e5ee670e4cebd4c46a64bbf2bb0e182d7de12a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 00:21:24 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010248
x-amz-meta-goog-reserved-file-mtime: 1508508914
age: 603134
x-guploader-uploadid: ABPtcPqjUqnvvoaw61EMRccaqqQH3ygwzVbxOgsxydS2jPO0Z1Wvacjbl5LMuka6jw8OSVGVz6w
x-cache: HIT, HIT
fastly-io-info: ifsz=4394 idim=149x149 ifmt=jpeg ofsz=1634 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 1634
x-served-by: cache-iad-kcgs7200106-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.518853,VS0,VE0
etag: "HPbirA0fWmyESk2gs9sQOpqwoCet79wESBgJtWfYxrg"
vary: Accept
x-goog-generation: 1688068262914090
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=BerQJg==, md5=eyHUiE9aT4aQVVtBSna3JA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 4394
x-amz-checksum-crc32c: BerQJg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 61, 13342

GET
H2 200 the-run-up-album-art-thumbLarge.jpg
static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/ 5 KB
6 KB 59ms
33ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/the-run-up-album-art-thumbLarge.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 04 Oct 2023 07:17:37 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300720
age: 587363
x-guploader-uploadid: ADPycdtHTcE6oJpJUyUJnS6FTqtIPAzmrvyHf2ozzBd7EyI2NabnUMlD_D4MBVpxerg89VPOoGGvALuUGSQuPelDzTjXtQ
x-cache: HIT, HIT
fastly-io-info: ifsz=13823 idim=150x150 ifmt=jpeg ofsz=5314 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 5314
x-served-by: cache-iad-kiad7000132-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.518371,VS0,VE0
etag: "hoyyH5q1+NTFT41vUc5DQY1n5mPXI75JtPWFn4Jaf4Q"
vary: Accept
x-goog-generation: 1688683994203172
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=10HhSg==, md5=VVlpmckmFDe4+jzoN3ttXQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 13823
x-amz-checksum-crc32c: 10HhSg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41, 19691

GET
H3 200 icon-europe-morning-briefing_144x144-f0a330cb12ba0c31f81f13e25f6d0d18.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 368ms
360ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-europe-morning-briefing_144x144-f0a330cb12ba0c31f81f13e25f6d0d18.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7184f94de6059eb2acabe5ca2b8d4dee7ce2817a5c69de917b8c987a38a58c60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqNPYBWDBUsTcRtprc2jqnABzUHRZuwo4lf5ywpdVWhEc3aIs58cZuyVVz60ViSTVROqCaCMSVg7g
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220099-FRA
x-timer: S1708127620.762369,VS0,VE1
etag: "7b359190695ab3ab692b459d08d6fc80"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219393647
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-europe-morning-briefing_144x144-f0a330cb12ba0c31f81f13e25f6d0d18.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 11
expires: Thu, 30 Jan 2025 15:01:05 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1346
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=SN0HNw==, md5=ezWRkGlas6tpK0WdCNb8gA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlWE9YSX1fjWRpS6rXMm3u3t7SA%2FW6o8kF5p6xsv5wIUpXtoiQYgfL47VZlXgXMJD8wnmY%2FUwkLAg90%2BgNEXkOlaGBKlTt7lSb51pYV%2FEc955SOMJUXt4UIIqtDxhcaVNv59wQDJzvSFLg1tcifvqa23gjI%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1346
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc57da77-MIA

GET
H3 200 icon-the-interpreter_144x144-b29b74b2ebedb8e74823f33b16fb8167.webp
s3.pardad-trading.com/vi-assets/static-assets/ 2 KB
4 KB 1363ms
1356ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-interpreter_144x144-b29b74b2ebedb8e74823f33b16fb8167.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1fd7964d738926046b207a7c8ac57250afdefabc84fe7efc836766f7bd5dbef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqFZ6xK3QYQOekPsJFvrnnOqSEqWlYv_kl01t1j5eDMgtdQOKAhTRZwMM4SnDRlHnD4Ff6Nt2xpeg
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230135-FRA
x-timer: S1708127621.758719,VS0,VE1
etag: "8b73b365ca326ed75a6fccc55f981049"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219425389
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-interpreter_144x144-b29b74b2ebedb8e74823f33b16fb8167.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1746
expires: Thu, 30 Jan 2025 15:00:22 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2540
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=fxGWyQ==, md5=i3OzZcoybtdab8zFX5gQSQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rhg%2B53A%2Bkykm7VoEvoV2lterCUZ2QAu2DAzjjF9zym0Gq2EfTravglcRrXoJkF5p1DTKhc8OcALLneCyjpov6ZqgCa3M8WHAXtjKkwjE40DZIoYDhKpbcT0hpk4Z2ZXdbEM2%2BFk1UzlwLlkm6xCuhFDn%2BMg%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2540
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc5dda77-MIA

GET
H3 200 icon-australia-letter_144x144-725c615ef3bd78aad9022371a0185fbf.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 401ms
393ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-australia-letter_144x144-725c615ef3bd78aad9022371a0185fbf.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27141b3b405cc996997629f3e4e561247b42b1bdbbb9e3a53b09c45bd5c5d135

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpADIYBILEa7y9tE7aLJGzBcJE3u0hK_VN0wl0aJjjyD3SxkG74WJRqI1yUFGRKaUEGt6rz-i0Bkw
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220088-FRA
x-timer: S1708127620.765821,VS0,VE1
etag: "c3a86945c78cf2a1f5a56cd6d85df60d"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219374278
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-australia-letter_144x144-725c615ef3bd78aad9022371a0185fbf.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 453
expires: Thu, 30 Jan 2025 15:00:26 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1488
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=/ahZ/A==, md5=w6hpRceM8qH1pWzW2F32DQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7FZ3HEW%2Fq4xKO41tJ7NEKjrihcIWoYtQmlDmImIkexxEEUcx23yDrSUU%2FcFtqP5sfaoOvKGbuCNEo%2BIPjfGFQ0%2B3dINMzzfukqUjVjecjNx3t1s%2B8H4fFl5p4VQ3iv3IaJQUbv9YLtomfYIrtsOfIPtvz4%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1488
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc5fda77-MIA

GET
H3 200 icon-canada-letter_144x144-65d899377edbcce9773d31fd03a77e8d.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 762ms
754ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-canada-letter_144x144-65d899377edbcce9773d31fd03a77e8d.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a97d7e2b2a744b06c4860981b48cf1a6f1a4046e48270bf825cf9a90b1f3636

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpKC6CwIbrJ8oehKVJSjbrPr_20NRnpBS5A5bGpCxJUcrzB5Hgx93xGdYP9ALue9RBhJODjiFdObQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220067-FRA
x-timer: S1708127620.157444,VS0,VE1
etag: "da33dcbb2e78aa9d454f3acf848bce37"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219386867
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-canada-letter_144x144-65d899377edbcce9773d31fd03a77e8d.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 649
expires: Thu, 30 Jan 2025 15:05:44 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1512
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=dxujdg==, md5=2jPcuy54qp1FTzrPhIvONw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUsIzY0f%2Fs1Ahskk%2FqmQSNxBGskwGxuwYR0fstHjdvgpNWc4vW1zbrpak7ow3n1j6Z0to0MjHnMbQcs2UgSEPwwWXvcUz7LZsPZPeXCCaVUq14juqxgFW4%2BExcTNzbGqaKsbNCWvEXd43e%2B6NGv1HjYi25k%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1512
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc61da77-MIA

GET
H3 200 icon-dealbook_144x144-28e8f71aafff426804c3a92b1b176e07.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 367ms
360ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-dealbook_144x144-28e8f71aafff426804c3a92b1b176e07.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922a4c224d2a5acba49effd511ac46c69297624b2ce0c0477530b9bb2d8487d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqmjFrFpZhZAP9veXXiftLhOeotuXGjxWokda6_9e9iXmvc69VeVNTPdpIdgE9aYbCYlCVItp_Sgw
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230115-FRA
x-timer: S1708127620.762718,VS0,VE1
etag: "1b37cfabd6ce4edd45d8158c64192651"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219388373
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-dealbook_144x144-28e8f71aafff426804c3a92b1b176e07.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2215
expires: Thu, 30 Jan 2025 15:00:38 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1094
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=4KdzEQ==, md5=GzfPq9bOTt1F2BWMZBkmUQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBYTZ2ZNm8BQhbBxmCOUYdPP3mfN78bqe6ZrUnMUV%2FulXJbTXB4lrxrjwjNDVXX%2B0fN98faTg8n0sMcHO9yo4YZUDlgQw%2BcOOp5455vTaTxir%2FnRDr0LBSvABGGnaoSrUDucl06VnDU4VCbIDs0dbAj8JGM%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1094
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc62da77-MIA

GET
H2 200 hard-fork-album-art-mediumSquare149-v2.png
static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/ 30 KB
30 KB 64ms
40ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/hard-fork-album-art-mediumSquare149-v2.png?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e4e53fef7b814459a9d88a90513e6df308bd0aec7f2c0d58f5813246783f23ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 12 Feb 2024 15:50:32 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010213
age: 374587
x-guploader-uploadid: ABPtcPpNqW101uJb8_OK1xZKG6QQeBE98sgKK-zIF3t7klKc0iY-jff3Gy1koWY1vsmdAf9XyX6y36oPQw
x-cache: HIT, HIT
fastly-io-info: ifsz=43690 idim=149x149 ifmt=png ofsz=30638 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 30638
x-served-by: cache-iad-kjyo7100157-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.519342,VS0,VE0
etag: "ee9TMhlTvfSQBJMIrc1b52i0j4ADRxPDfa0JeLNHHeU"
vary: Accept
x-goog-generation: 1666018564336971
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=WQ/L6A==, md5=65gTRO63WF+xxriJTWiBOA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 43690
x-amz-checksum-crc32c: WQ/L6A==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 55, 13683

GET
H3 200 icon-read-like-the-wind_144x144-5bcf9faf41d0b49df1df29e59a868b36.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 404ms
397ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-read-like-the-wind_144x144-5bcf9faf41d0b49df1df29e59a868b36.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f92d409454f07d130a17a8a40694683700fa7908f77519aa3fd6ed6bf08a43af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqQ_SyB3t2ui_Rh_oUhYEWkR8QYBsQuBUyV3ds5j9UZWvnaLKOZZtWS4rmSlgMoxFMycUl1DJi95A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220127-FRA
x-timer: S1708127620.763529,VS0,VE1
etag: "2f322bce46245172bb707708f4d9942b"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219402688
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-read-like-the-wind_144x144-5bcf9faf41d0b49df1df29e59a868b36.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 365
expires: Thu, 30 Jan 2025 15:00:32 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1310
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=Y1z48w==, md5=LzIrzkYkUXK7cHcI9NmUKw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylZBq%2FgjcW1xvaXVaYtBMX6AOpwUG2mMTZST1K4bEVFsoS%2B%2BG5JKmY1%2BOw2Rqo6IJ2iCeQrE%2BpJjTJ%2BPPueDWcYu5KxFMbeO%2FO64fRJuvCdt2FPjNL%2B5F0EwqCvidmPa0kV%2BbhCSAEMXr2GOXNLvoCkJoWg%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1310
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc63da77-MIA

GET
H3 200 icon-watching_144x144-631a1da177f9fda1a7f4614ad8e607bd.webp
s3.pardad-trading.com/vi-assets/static-assets/ 716 B
2 KB 432ms
425ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-watching_144x144-631a1da177f9fda1a7f4614ad8e607bd.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

095a2050fffeee67efcc5dffaa579dd76fe3916b3de4c384aa037acca45d9c9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqIJdKzyE3meHSjeIm52awAN_ELLMztq-8ilyW2oU99z1RZMEviRCGAaV3NJqvrZcrZGcYvDGo9yQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220031-FRA
x-timer: S1708127620.763517,VS0,VE1
etag: "ebf3822150dda45cdaae0820a0bc1e98"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219427731
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-watching_144x144-631a1da177f9fda1a7f4614ad8e607bd.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 337
expires: Thu, 30 Jan 2025 15:00:31 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 716
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=Eoq80Q==, md5=6/OCIVDdpFzargggoLwemA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VS4GoF%2Fh33qpBS0dHBHLVxnKLRFoSP19UZffC8mviGTH9SyF2y6eF%2FVRa9vtx8ZNnH446AlesneCnkCg5PEm1pVpJ6Yjlra1RE13Jtcfh%2B4foZF6GE7d11BQ75A7ug7aZIu3V3Wtsd8wSnQNFlhCuDIton8%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 716
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc64da77-MIA

GET
H2 200 book-review-album-art-v2-thumbLarge-v3.jpg
static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/ 3 KB
3 KB 58ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/book-review-album-art-v2-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 13:23:18 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 40772
x-guploader-uploadid: ADPycdvWAmkx95gCPu14IQ4q4BE3dphI347Cam23BbGkeCIoa-nNMMO9_VMy5Xo8Q1qd4tiwBGGtFt-VA9JTnOfOljAGxQ
x-cache: HIT, HIT
fastly-io-info: ifsz=10250 idim=150x150 ifmt=jpeg ofsz=2772 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 2772
x-served-by: cache-iad-kjyo7100097-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.518793,VS0,VE0
etag: "f6YZ2ZJovRqmFs0MIuaEVzpH2+CtkFFBiLmf31seml4"
vary: Accept
x-goog-generation: 1662891747534151
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=EsOybg==, md5=cjEwJ43bqRCDXcDgnJcMnA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10250
x-amz-checksum-crc32c: EsOybg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6337, 2456

GET
H2 200 music-popcast-thumbLarge-v3.jpg
static01.nyt.com/images/2011/05/20/multimedia/music-popcast/ 4 KB
4 KB 63ms
40ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2011/05/20/multimedia/music-popcast/music-popcast-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 10 Oct 2023 16:00:57 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300701
age: 387759
x-guploader-uploadid: ADPycdt8GLzOK2GA-IX_ZuZPrjYsWk_7iJzaF1bRZysGkxzR67iJrwH3T01KlbrUrDKZ87h5mxJ_z1U3NdBU81wR4hJ1lQ
x-cache: HIT, HIT
fastly-io-info: ifsz=24419 idim=150x150 ifmt=jpeg ofsz=3828 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3828
x-served-by: cache-iad-kiad7000117-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.519486,VS0,VE0
etag: "qr3LW0rNOUvnYKyDbm09gWnw94oFzi+G4wvyjqveNos"
vary: Accept
x-goog-generation: 1538741982829422
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=VUkWbw==, md5=jSTktUwT+uCRgjlqA0y9BQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 24419
x-amz-checksum-crc32c: VUkWbw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 70, 14216

GET
H3 200 icon-open-thread-fashion_144x144-8e1b4b3fd68c2f333faa63097da2249b.webp
s3.pardad-trading.com/vi-assets/static-assets/ 2 KB
4 KB 1371ms
1364ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-open-thread-fashion_144x144-8e1b4b3fd68c2f333faa63097da2249b.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aca80728030390ca27a845ca99c8e6bd9174aea22b4060971d1a0ea9a8e9454

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrU6SIs1dE-TZsXjxfgyVz5WanVN54pA2sSsg_FZsGJrQ-xPPMFaMqfeXlTDwZZEHA4sGdrh1_f7g
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220058-FRA
x-timer: S1708127621.766224,VS0,VE1
etag: "9234a6e50533c0f78cd1097f674d2c47"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219404066
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-open-thread-fashion_144x144-8e1b4b3fd68c2f333faa63097da2249b.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4404
expires: Thu, 30 Jan 2025 15:00:50 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2102
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=pc/b8Q==, md5=kjSm5QUzwPeM0Ql/Z00sRw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7oo8vWRlsmeYt421Bb25r6zvuN5xU8osSVy6r7wxBXONQV2a21cPJp9WVN6dwi5qCpZ0dhk96ruSfjuteJl3FvPmBQgxFYtFpAY72vdfqA0bfIxi3cPiYvXHPBYJ0kusjDoIbYhcCtrKZf4qTGx6MR%2BWbzk%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2102
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc65da77-MIA

GET
H3 200 icon-love-letter_144x144-ca0ec74f4bdd665895bfab2e923eca66.webp
s3.pardad-trading.com/vi-assets/static-assets/ 2 KB
4 KB 431ms
425ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-love-letter_144x144-ca0ec74f4bdd665895bfab2e923eca66.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

612414151e0b7f8ab5b7e572fe287acf1202084cda302adb8522397f462ba305

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqxjDKch02EiZu8JKUytgibq9AkCERo6D-i9xjA4scO_USTIQ6ZI9VbeLtU6Rs-81_5XQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230101-FRA
x-timer: S1708127620.781846,VS0,VE1
etag: "36b0ee5560fe3fad8cff0f177d747f87"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219396228
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-love-letter_144x144-ca0ec74f4bdd665895bfab2e923eca66.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9235
expires: Thu, 30 Jan 2025 15:08:31 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2162
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=Io8sdg==, md5=NrDuVWD+P62M/w8XfXR/hw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYWpTMxTLG6mJPudHpGPhjvwrRIF2AyKnr7d1p6cYvRsvMYhD%2FFET4jNbHdYfw5X3olvGH5JbroWYa4dA3E6pTl%2FasbvsCO4VJuLDtTelyiiipU3AYHw8%2BM20dugBgl9HZ47pX%2BOItoVtvZZYF2LY%2BsejSI%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2162
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc66da77-MIA

GET
H2 200 modernlove-logo-thumbLarge-v3.jpg
static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/ 4 KB
5 KB 57ms
35ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/modernlove-logo-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 13 Sep 2023 08:39:00 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 39920
x-guploader-uploadid: ADPycdt0XxgLthW-lZusqwlATkcSRIv3_Foir_nooE-41Aj9CfXpw6sooNFUEKbC1E3nqdM3EF1EfkJPaAHLz0c5XCtAEBsey_xl
x-cache: HIT, HIT
fastly-io-info: ifsz=11068 idim=150x150 ifmt=jpeg ofsz=4084 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4084
x-served-by: cache-iad-kcgs7200165-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.518816,VS0,VE0
etag: "m/kFRv2O1tFCo0C85yLpe5fDFs//5pFoSBOWMgnJf9E"
vary: Accept
x-goog-generation: 1665608966820623
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=BQuLtQ==, md5=p/lR9gCKmtliQRSN6dd/dg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 11068
x-amz-checksum-crc32c: BQuLtQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15517, 2383

GET
H2 200 matter-of-opinion-album-art-thumbLarge-v2.jpg
static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/ 4 KB
5 KB 53ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/matter-of-opinion-album-art-thumbLarge-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 02 Oct 2023 15:32:50 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300710
age: 123748
x-guploader-uploadid: ADPycdt0TrNqndBEgkmC118TvA85g415qMWEAee92mC0Bcva_u9DBgWVzdZgq8SIX8GJuvMvlfmIJIZaC4IYtgW7H_q0ZA
x-cache: HIT, HIT
fastly-io-info: ifsz=12674 idim=150x150 ifmt=jpeg ofsz=4132 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4132
x-served-by: cache-iad-kiad7000079-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.588858,VS0,VE0
etag: "yoekWzapvzDgK5g1tJpvXR4Q3abo6OZMw027E8Ag3Fo"
vary: Accept
x-goog-generation: 1685027532007855
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=cBstdQ==, md5=af0IeRKwURQQpabIs66V1Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 12674
x-amz-checksum-crc32c: cBstdQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 74, 5333

GET
H2 200 ezra-klein-album-art-mediumSquare149-v2.jpg
static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ 3 KB
4 KB 47ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ezra-klein-album-art-mediumSquare149-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d1582496f5a3dfc8ea0f003dca762b94a11141461cd2df63f79cf685b7e6fac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 12 Feb 2024 15:57:26 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010228
age: 374172
x-guploader-uploadid: ABPtcPrs9CyClWH-VsaKJPy77xi-4tN9Oa2wjsqnDKA_qBJPk2f-if0V698eNvbh5vaM3DwwWJWRFQWBYQ
x-cache: HIT, HIT
fastly-io-info: ifsz=10841 idim=149x149 ifmt=jpeg ofsz=3540 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3540
x-served-by: cache-iad-kcgs7200024-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.588819,VS0,VE0
etag: "IQFtoe5YeilXT33ut7xeHw6hHGDp7IeEUhHfNkXmGrc"
vary: Accept
x-goog-generation: 1635784873959530
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=DuNwCg==, md5=wcM5yhv7TDG9Fmkzr/wwBg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10841
x-amz-checksum-crc32c: DuNwCg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 54, 13282

GET
H2 200 headlines-albumartwork-audioapp-2-thumbLarge.png
static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/ 13 KB
13 KB 49ms
35ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/headlines-albumartwork-audioapp-2-thumbLarge.png?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 14:00:23 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 389091
x-guploader-uploadid: ADPycdvcZw_RvVMFlkZc-xVGK9Qm1jixjRMOF1OZQTuJz-ns8UHD7U3fmD1ap8dkm3WKHbSW9KRYqouno2vTFey4_12ZycrQY02c
x-cache: HIT, HIT
fastly-io-info: ifsz=20844 idim=150x150 ifmt=png ofsz=12952 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 12952
x-served-by: cache-iad-kcgs7200036-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.588804,VS0,VE0
etag: "LbFwq71cDcti1tLA50q2p9CsL0R7Xg7ULZY6QK7bdcY"
vary: Accept
x-goog-generation: 1680812038156789
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5MfQCw==, md5=qqLRi3ewu5a5crO4pskKzg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 20844
x-amz-checksum-crc32c: 5MfQCw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28, 14647

GET
H3 200 icon-tkorc_144x144-912ab7502129bc56d0c809d1d33396f8.webp
s3.pardad-trading.com/vi-assets/static-assets/ 5 KB
6 KB 431ms
426ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-tkorc_144x144-912ab7502129bc56d0c809d1d33396f8.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c3bb445a65f00a954fc1e0d957690acc408f2e9904ef44d033e87f65e7160fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqD4b0ixVfeGQ_1FxHKSQUESH0KP_7U1kUWK94vjvyfuJPJMWCaKx0dXZch6tclmLWT3_yCijeHdw
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220127-FRA
x-timer: S1708127620.764660,VS0,VE1
etag: "6035f0817e77088d891d178c2174de76"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706642253834301
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-tkorc_144x144-912ab7502129bc56d0c809d1d33396f8.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 382
expires: Thu, 30 Jan 2025 15:18:00 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 4630
last-modified: Wed, 31 Jan 2024 15:11:56 GMT
server: cloudflare
x-goog-hash: crc32c=hCF/7A==, md5=YDXwgX53CI2JHReMIXTedg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjMleGmTDKrudZscxG5IuefeajBIPtgewVG5ccPn2SUsgUtgYaXU%2BEbqgfspDjZd4IkoyMTcPDwri%2Fx7Mkp8UXxiOCCT0wHXOeD5tU11%2Bbk5Hu2XErfB2GbTPdMMOXyRbJ1%2B1uOSeOmanrB5sMG15uX1xcw%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 4630
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc68da77-MIA

GET
H3 200 icon-reporter-reads_144x144-f63cbc9989c9a468682611ad1f6f5d63.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 432ms
427ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-reporter-reads_144x144-f63cbc9989c9a468682611ad1f6f5d63.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49a5061864b4b935b6055a17db8704dfb40f092ab777c9e2d578f195fc7c38c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqO-JQblNS1hm-VkUCM2F7ojhpLNGYMX6KLqMPuUMY-4A0rWf_O4x5qD7-BfSIeL6a1nncKc_ua3A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220074-FRA
x-timer: S1708127620.763382,VS0,VE1
etag: "46ff016e8e7d9fb709ee54c06a6e9a7c"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219425034
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-reporter-reads_144x144-f63cbc9989c9a468682611ad1f6f5d63.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2381
expires: Thu, 30 Jan 2025 15:00:50 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1196
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=AwRITw==, md5=Rv8Bbo59n7cJ7lTAam6afA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCdufktQpksR%2FUEpqLneucXkpD4nE7w%2F%2FYILMsU44XFLY5Xb2777Z%2Bgw%2BPIGd0vXp9b0Flse9kw59sptGOq9f%2BcxoVkNNEEz2kBr0GQpEwVbDuax15WcmLYLAG60ReZx0Z6cENhkVJCSwhyBLB9u1JKfwCE%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1196
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc6ada77-MIA

GET
H3 200 icon-audio_144x144-dc00c6581be29065cbd19ec7a83a3767.webp
s3.pardad-trading.com/vi-assets/static-assets/ 550 B
2 KB 432ms
427ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-audio_144x144-dc00c6581be29065cbd19ec7a83a3767.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c11193952e3a7f5c5887a688239ba863628181c0a55f8bc3ab687ff755c1a33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPq4G42pte_Kh3OfcraAIh9KJK4vL1DeRN04TYy_NYX1Fqt4i5v0yFAJ2soTSe9AgNIwfVGmDYhI9A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220037-FRA
x-timer: S1708127620.782618,VS0,VE1
etag: "24ce98a477c7ea5c0a87f86f39e41af7"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219368868
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-audio_144x144-dc00c6581be29065cbd19ec7a83a3767.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4584
expires: Thu, 30 Jan 2025 15:05:16 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 550
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=vX1hzg==, md5=JM6YpHfH6lwKh/hvOeQa9w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=di83uxoISJPKd3Th20LG4LPRZ9H3qOzGbS7hgEgN1nLNs0BriMeixtS%2FBhVpei%2BruAxI7Hr4fEoynPkmArTa%2FcgU3kQmEgGcAQ0PAFc7pMtZ88IAZMajnIlgAZJuyThLrncOiRrS9o8RNqxL%2Fb1uhKkqTUo%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 550
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc6bda77-MIA

GET
H3 200 icon-gameplay_144x144-b6cc5e2a7cc27a43096274a02921329c.webp
s3.pardad-trading.com/vi-assets/static-assets/ 678 B
2 KB 740ms
735ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-gameplay_144x144-b6cc5e2a7cc27a43096274a02921329c.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

264062387185aeac238d90328f12342a4dac123baa47d7981dc2797a43dd39ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpd_8jklT4IIuRUBm7WnEn3G3TnMMZT63pjnBpQII7-kKE3UO6g6bojfxDIeLtSwIIhwWTP0c70TA
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230069-FRA
x-timer: S1708127620.140267,VS0,VE1
etag: "02f62939409fc27f9897a8cca610d9eb"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219393688
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-gameplay_144x144-b6cc5e2a7cc27a43096274a02921329c.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9571
expires: Thu, 30 Jan 2025 15:01:04 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 678
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=2mq0ow==, md5=AvYpOUCfwn+Yl6jMphDZ6w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTpunSlum%2BOUmpustdnVLbPDI7hTDj2H2UDHWnvlOQwtX1%2FTyTw0s9f9DdUGPUgld7hAuRG2aQuMUvIoDuxraydSstDF47YQe6k73NR4oe0P%2FotJsj2CBqtyQplI6I3rKwzX3VQzyxh3LpJ2o%2BfpMn9hbIg%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 678
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc6cda77-MIA

GET
H3 200 icon-cooking_144x144-5a8be1ef711d4ba5e66b0be7a2ca8bfe.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 433ms
428ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-cooking_144x144-5a8be1ef711d4ba5e66b0be7a2ca8bfe.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a6bd1e9706f15358fb636bb52f69b755d936a79adc1e5056c439cd59cbb41ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqG3jEtmAx30KJ5pQSZpuaoe9x6I1poPg5bGCkHXRC3bDg1pKM4Yc0fGKAjuXOXF0LD5A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220101-FRA
x-timer: S1708127620.763211,VS0,VE1
etag: "52dc1622da9acdd8e9d6425b778018a2"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219379295
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-cooking_144x144-5a8be1ef711d4ba5e66b0be7a2ca8bfe.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6500
expires: Thu, 30 Jan 2025 15:03:37 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1304
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=Y3AEUw==, md5=UtwWItqazdjp1kJbd4AYog==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcuHiJW7jtTCFWBd%2FK%2Bl6sBKcZkO8oEyz63zna8KhgR2QXQ5UECZWYFPRbanb6SYNYgcC5K2a%2FgVj18hGzpECphXd5lqGxgtx65VaczldNzPpRyN1p8OHLmMpEUfTm7IJobIsvTH2lYhcLSgJUrh9UeB9Nk%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1304
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc6eda77-MIA

GET
H3 200 icon-the-veggie_144x144-f99606e1ca100f88cdfd8d763bf442c5.webp
s3.pardad-trading.com/vi-assets/static-assets/ 4 KB
5 KB 432ms
428ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-veggie_144x144-f99606e1ca100f88cdfd8d763bf442c5.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac3c156a0e6cc290e315b2cf97ce75c4ce23417e33628e964196ea3fcd2cfffb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqBK5TrArJMyneF5hZk0wz2_MklugjG66I8Im9C6UdCPBUT1P0Mo3gdL-i6uN49xeRI_uITzF1P7g
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220033-FRA
x-timer: S1708127620.763074,VS0,VE1
etag: "a3eac57b118046245537a040ece53296"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219410188
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-veggie_144x144-f99606e1ca100f88cdfd8d763bf442c5.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 3975
expires: Thu, 30 Jan 2025 15:03:38 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3846
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=5bXk5w==, md5=o+rFexGARiRVN6BA7OUylg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ah6yOlLV%2Bqs4LsRtyXM9dH2B21Ga%2F%2Fqu6USnBYsWBlKGFhAXKPGdWE93JtidyZoTVDuCOqVIaWbz4PV0Bute3dayhRVHSb5hyS8fZ%2FLCToBZqm4YxIAohkTi%2BadACoo7qQbVOjI5Z8Btm4%2FJ6%2BWGrmZjnXs%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3846
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc6fda77-MIA

GET
H3 200 icon-five-weeknight-dishes_144x144-97d51c5d4ba98233667b4057e3d852ab.webp
s3.pardad-trading.com/vi-assets/static-assets/ 3 KB
5 KB 432ms
429ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-five-weeknight-dishes_144x144-97d51c5d4ba98233667b4057e3d852ab.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3e01a24e357418c6b81f191cdc6fedf29f78d0b8002725c1f9b3e2d4d9233cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPo_dj85Z6Ct3dFaUljBJqBX15GjXEetNnyWsM4HHYB4HmX06wYrJWwi1GS0iFaRGAViyur6-gC0LQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230122-FRA
x-timer: S1708127620.772502,VS0,VE1
etag: "91e51718c8fbf5057e408865d634eefa"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219397430
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-five-weeknight-dishes_144x144-97d51c5d4ba98233667b4057e3d852ab.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 10051
expires: Thu, 30 Jan 2025 15:00:52 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3322
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=xEsd0w==, md5=keUXGMj79QV+QIhl1jTu+g==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFw6PSbkh6%2BpLd5sKjyIj2HsqPiCYH0ZizyvyLMvneO3wwF6by6Bb%2BzTXPdLAIPXpXBevg9L3pin3KqpDFC%2B5XRnKo%2FYeVKqXgxX0RHzK1NUeT%2F1s%2Bqa%2BYFy5UEj81g9OmIecgtWPcjBBUFCsDk84Wy4PPs%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3322
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc70da77-MIA

GET
H3 200 icon-the-recommendation_144x144-3e66bd6cc82013bd511c31a8f04d4ff7.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 451ms
447ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-recommendation_144x144-3e66bd6cc82013bd511c31a8f04d4ff7.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

161376c4f90d4e97682e18c3363465dd9dffd7c346a24961b1b563862f59bd09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPocWgDEC2FhpiXi_GRA4jJuG6-5CsIwykkpmZWSysixz3I4AheKIh-9kHE33G1evV00bwBUCIvH6w
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220105-FRA
x-timer: S1708127620.762676,VS0,VE1
etag: "c902f5d2af0f2e13ef1e29ce7a3d4350"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219423484
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-recommendation_144x144-3e66bd6cc82013bd511c31a8f04d4ff7.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 735
expires: Thu, 30 Jan 2025 15:00:28 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1058
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=sYXh8w==, md5=yQL10q8PLhPvHinOej1DUA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geQXBFLtOp5GLunQVMobmkGW4sQXhUdHfHHWDA9BvzDvLDk9omH0YqRqXilZAEMPZ%2F%2FpLbipFfb1e%2BIxJMcbvWJb%2BOUa0xrKq8vQwlNoBst34%2FF1YrGBvmU1KGYtef0f7Kay%2B4e%2BmXuqa3lRYNlJ9f4dnLk%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1058
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc71da77-MIA

GET
H3 200 icon-clean-everything_144x144-97312e349d7284039a2153cb541b7fda.webp
s3.pardad-trading.com/vi-assets/static-assets/ 2 KB
4 KB 457ms
453ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-clean-everything_144x144-97312e349d7284039a2153cb541b7fda.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

299d2fa755a26bd5007a26fdf65958b73598c74456b1d81cd72244e54b8a6dcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqvbAmMvYFNaGizaqJEQkDWcQjUcpO3HK48YKjyM1qVrg1hde7lFnQf-nCAhzs6Hi48qa_MjmvqUQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220103-FRA
x-timer: S1708127620.763301,VS0,VE1
etag: "d75bf842483274a9d6c4274aa6367e1c"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219381472
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-clean-everything_144x144-97312e349d7284039a2153cb541b7fda.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 469
expires: Thu, 30 Jan 2025 15:00:30 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2380
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=fboKBw==, md5=11v4QkgydKnWxCdKpjZ+HA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7A%2F7ifwhtVeYIZS6drRJURq9p%2FNLWWfbLwOsgysALpmqmhnqr1SaIPFDrmdZXGbWR2%2FIhEULXoFFzplXZhwzPh6FwhPlExt6aFaNMOaQwV8QWqabi%2FxgW%2Fe2VgWi%2BKDiUgALmfFekDDbSwz2UeMhOUndLr4%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2380
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc73da77-MIA

GET
H3 200 icon-athletic-pulse_144x144-393cbda91e2678278456723b62a9b21f.webp
s3.pardad-trading.com/vi-assets/static-assets/ 3 KB
4 KB 459ms
456ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-athletic-pulse_144x144-393cbda91e2678278456723b62a9b21f.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06276214001978a8f3382e91ec5fadf2bd507f174f950e8cdeca4a0e91f170a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPok2_F39R_UAV4nsHv7xPDRIkKHz4LLWD8YtJPA9PpxujlSIK61LuGy8KPB6rEkTDSNy9Tir3aiQA
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220110-FRA
x-timer: S1708127620.762687,VS0,VE1
etag: "cba067c899fc1935a8adb9c03c5e9ae2"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219349623
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-pulse_144x144-393cbda91e2678278456723b62a9b21f.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1477
expires: Thu, 30 Jan 2025 15:00:29 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2720
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=ou6wHg==, md5=y6BnyJn8GTWorbnAPF6a4g==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJYKuWAoe4v6s%2FiKDizcmgIAPgHgFePsmNgZ5yN5kbLQIFX5okb00NiTE4CcwaoTcXAabg2hEZ6B8jhmS2iNODyb%2BTkzBpabL14rrVfRtcVRzvxPnTr7VVOcOpwPp7VeOqHHzZc0mZw3%2BTK3oLb37T3gA4c%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2720
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc74da77-MIA

GET
H3 200 icon-athletic-windup_144x144-c03f2bf7ebd88f1c239ba4a6b2228679.webp
s3.pardad-trading.com/vi-assets/static-assets/ 3 KB
5 KB 460ms
456ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-athletic-windup_144x144-c03f2bf7ebd88f1c239ba4a6b2228679.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04247f45e4298b818db5d6161620f2b9ee1d782aa4560a45f5765c41c672d6a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqZLSbP24QNjcIDo06C5JTC8zpF2e5FHP-E7VZ-3gI7d9kc6_M7E7i1xrZfzVzUkJfyAg
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220046-FRA
x-timer: S1708127620.763136,VS0,VE1
etag: "eb2a6b7e7581fba3e997ac6f6d138d16"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219349590
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-windup_144x144-c03f2bf7ebd88f1c239ba4a6b2228679.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5720
expires: Thu, 30 Jan 2025 15:00:19 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3280
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=TJQMEw==, md5=6yprfnWB+6Ppl6xvbRONFg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEOBHdlY24RLiPb12NEvtT%2BjDbQu12oNRYk34ajfM%2FaYq2eiByKUOxAiwCtjAnaSj1Cd%2FcjPq%2B%2Bg7ibl02VHgb8S3tOFfSZ4PLn2SyQQf3XJsBAyCBmq8kgqVMpgpgdIXBROT5Q%2FddkQwzoP5EGDDhGuneY%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3280
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc75da77-MIA

GET
H3 200 icon-athletic-bounce_144x144-d34328790b2997ede21ed0cda6dc98db.webp
s3.pardad-trading.com/vi-assets/static-assets/ 4 KB
5 KB 741ms
738ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-athletic-bounce_144x144-d34328790b2997ede21ed0cda6dc98db.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9598017c8fd717e1850704f5ecc3acce7888e24b9a152ed5557dad1003efa2ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrERyJFZf1coztwrXX7AmGMGK2i3uvV1byhE4e1Z8C400fQAmEzozOw9k8Ct59Gzd88TVBHxgM-1A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230113-FRA
x-timer: S1708127620.142019,VS0,VE1
etag: "db8438537a93662fea1f15cecbd8a5fe"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219332880
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-bounce_144x144-d34328790b2997ede21ed0cda6dc98db.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9499
expires: Thu, 30 Jan 2025 15:00:29 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3770
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=UsuYAw==, md5=24Q4U3qTZi/qHxXOy9il/g==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXdLhjgRAubxqgluNjjwGOxEaWKezqB%2BN1psfQ0IlQjUPFrDcLrPiSV4i2exmc4t%2FUsFgzdHAl7dVbZIL5Y2aqnJ6C37QRYScKGKQzACC9lGBBVWjNZ%2Fl59QjyFAW7qXnDcdK3DDy%2BYTyrb7GabChZkhGJY%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3770
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc76da77-MIA

GET
H3 200 icon-athletic-full-time_144x144-1d24f18a01b35a9ebac2e0374a200691.webp
s3.pardad-trading.com/vi-assets/static-assets/ 3 KB
5 KB 360ms
357ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-athletic-full-time_144x144-1d24f18a01b35a9ebac2e0374a200691.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94d8b663df54b8d00643cb8a84823af0a5bd93c3e491e227b7996246e1677373

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPp-kLAcwogrzcohkC33qT5y7dVx_4eY4BF_P_iFODQod5bxz1AnipZLCa_cHGO_sZnMVyafYnSbJg
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220113-FRA
x-timer: S1708127620.762454,VS0,VE1
etag: "98388ee1b5a6af6d242c84f110a437eb"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219353830
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-full-time_144x144-1d24f18a01b35a9ebac2e0374a200691.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6773
expires: Thu, 30 Jan 2025 15:00:30 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3008
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=iqFNpA==, md5=mDiO4bWmr20kLITxEKQ36w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehwRCqH7h3v7iw72jp2xPDbQ0PP5FaQznswGOjtE6jSh%2FT6u%2BAiWjd3hOcEopRvIiHiNtYjbJgTiZcX%2FTlyvpCgWkw3kFSGRRCP51YjYR36WPz1Rhxdtx%2FB2%2F1g2uHosQyEB61Bz8MpE7Fwwu41PpA16hWM%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3008
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b615dc77da77-MIA

GET
H2 200 16HP-Trump-ruling-SUB-tgvl-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2024/02/16/multimedia/16HP-Trump-ruling-SUB-tgvl/ 23 KB
24 KB 49ms
36ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/16/multimedia/16HP-Trump-ruling-SUB-tgvl/16HP-Trump-ruling-SUB-tgvl-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5e1b9e32d9e81e71e32708dbcceac353d76dede97da2f2e172e0f4d6f3f025a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 20:58:04 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010210
age: 10534
x-guploader-uploadid: ABPtcPrZq7ToT-PcfRsYv8ePzvoXwKSsXlSqBeLlmlYKWbLs_TAaHYZNL9wODiayUk2lLex6tggYi1OA_A
x-cache: HIT, HIT
fastly-io-info: ifsz=51889 idim=600x400 ifmt=jpeg ofsz=23756 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 23756
x-served-by: cache-iad-kcgs7200137-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.589209,VS0,VE0
etag: "SsK5cSn0p49SEFDEsTRwJGYvGLg/GxaRwyftSM34FCw"
vary: Accept
x-goog-generation: 1708116872766921
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=tuAjzQ==, md5=C7xiNdB7NSpYCGZxg2VtIQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 51889
x-amz-checksum-crc32c: tuAjzQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12, 2

GET
H2 200 author-marie-solis-thumbStandard.png
static01.nyt.com/images/2023/06/09/reader-center/author-marie-solis/ 5 KB
5 KB 41ms
35ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/06/09/reader-center/author-marie-solis/author-marie-solis-thumbStandard.png?quality=75&auto=webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

51197621ba8ef63f68344b123f60747feb5c165843fa811b22be90ccc5e65270

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 07 Aug 2023 11:17:09 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 285354
x-guploader-uploadid: ADPycdsvokLaEvbH_pqwCIYCkL0BwS2OiDb6dwfr0s6luGVYgJyWotkrePbGaWbucdJyNbA0HhpVZgW5OpDaLqf7YpWP
x-cache: HIT, HIT
fastly-io-info: ifsz=9913 idim=75x75 ifmt=png ofsz=4954 odim=75x75 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4954
x-served-by: cache-iad-kcgs7200144-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.593715,VS0,VE0
etag: "f0j6r3+QxCJL+JejvCyQf66dO2gOKgovyM7sDH922oc"
vary: Accept
x-goog-generation: 1686333370432834
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=qjxWQw==, md5=2pPmqfXXzbRRZFCqixY3sQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 9913
x-amz-checksum-crc32c: qjxWQw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20730, 370

GET
H2 200 13productivity-01-pblc-mediumSquare149.jpg
static01.nyt.com/images/2024/02/13/multimedia/13productivity-01-pblc/ 4 KB
5 KB 41ms
35ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/13/multimedia/13productivity-01-pblc/13productivity-01-pblc-mediumSquare149.jpg?quality=75&auto=webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

060781fa94ff26d6e15c96edb5c7a7575c6429a8a1611e41d6b2b6fc6e193c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 16:41:43 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010226
age: 25916
x-guploader-uploadid: ABPtcPpCHxlgWE95VpVNNoAHIqpSN_6Y78nV-_umJehL8zhU2zs663AfRN-MB7eWQJE4FgcjcblKOMNnvw
x-cache: HIT, HIT
fastly-io-info: ifsz=11751 idim=149x149 ifmt=jpeg ofsz=4446 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4446
x-served-by: cache-iad-kiad7000075-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.593704,VS0,VE0
etag: "xj9mr5fS4jFWQYYsAPBz101GnEdTfUKBu7WJTY/BDa0"
vary: Accept
x-goog-generation: 1707904809427743
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=acHksQ==, md5=J3jj6zi9su9mMbw2LQeHbw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 11751
x-amz-checksum-crc32c: acHksQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 359

GET
H2 200 00econ-lessons-mediumSquare149.jpg
static01.nyt.com/images/2024/02/14/business/00econ-lessons/ 3 KB
4 KB 33ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/14/business/00econ-lessons/00econ-lessons-mediumSquare149.jpg?quality=75&auto=webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9d3d35030623ff78afd1dc13072790a8ed2f9f8c0151aa1217a72e9640e0d811

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 16:41:44 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010215
age: 25916
x-guploader-uploadid: ABPtcPrBUB7PtKeEsB4z9nsNNi6BOZGWzRcRp_NcHU4m6h02NZ-nxxcN4Y0wStzqyRUH16ds4rDaGcdgHQ
x-cache: HIT, HIT
fastly-io-info: ifsz=10395 idim=149x149 ifmt=jpeg ofsz=3466 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3466
x-served-by: cache-iad-kcgs7200097-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.622964,VS0,VE0
etag: "/i7UcZnW5upK099elPJu6Vlr8PHvPBdSJOe1sDzwz8I"
vary: Accept
x-goog-generation: 1708050486394128
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=vS88Lg==, md5=W/QL1azyWn6C8lOYa3zHyw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10395
x-amz-checksum-crc32c: vS88Lg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 361

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 188ms
81ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-news-tenure,x-nyt-programming-abtest,x-nyt-targeting-dimensions-map
Access-Control-Request-Method: POST
Origin: https://s3.pardad-trading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-news-tenure,x-nyt-programming-abtest,x-nyt-targeting-dimensions-map
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset,x-nyt-geoip-map
access-control-max-age: 300
age: 0
content-length: 0
date: Fri, 16 Feb 2024 23:53:39 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 21
x-nyt-audience-target-flat: NA:PM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: MISS
x-nyt-meridiem: PM
x-nyt-region: NY
x-samizdat-query-exe-id: 9c14bb7f0563b4b2
x-samizdat-query-field-errors: 0
x-served-by: cache-mia-kmia1760097-MIA
x-timer: S1708127620.592892,VS0,VE48

POST
H2 200 track
a.et.nytimes.com/ 0
0 223ms
78ms Ping
text/plain 44.195.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-146-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET als
als-svc.nytimes.com/ 0
0

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 16 KB
6 KB 237ms
67ms Script
application/javascript 2600:9000:2511:4000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:4000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:35:28 GMT
x-amz-version-id: nWzCMaBTdG.LJzQd7eqTJCaATWEfreW8
content-encoding: br
last-modified: Mon, 18 Dec 2023 12:16:19 GMT
server: AmazonS3
via: 1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
etag: W/"229a75f6b428e87e913ddfb377e45f31"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 1092
x-amz-cf-id: VLrYyfVhlfkYks0t5jtyFo1ezQfA50MqAYy4X6iV43nr7uBbhN0deA==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 287 KB
71 KB 210ms
82ms Script
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7daf755b623cb0003b375d09763a1ba0ef903621de9b28dbc95ced9d53c3fdc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:19 GMT
content-encoding: gzip
via: 1.1 98e30e5953336545df428a8f5923a288.cloudfront.net (CloudFront), 1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 20:28:17 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 21
x-amz-server-side-encryption: AES256
etag: W/"e35db9e01c8bbaeaf0056483266eecd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 8qrdSKPfqZMJ5P01C3NKPBQ3dsztb0qEhYQIS7e5Cye3wWaqsySf4Q==

GET
H2 200 prebid8.25.0.js Show response
www.nytimes.com/ads/ 315 KB
318 KB 845ms
820ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/prebid8.25.0.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrqvD_V-XZmU2GVMLsh4n89MQD_UK1E7-ZHt3kKeAkgeS3j-Gaw1qirDHcDA-qk4BqNKQNMouxYMw
x-nyt-mktg-group: group1
x-goog-stored-content-encoding: identity
x-origin-time: 2024-02-16 23:53:40 UTC
x-served-by: cache-mia-kmia1760080-MIA
x-timer: S1708127620.649390,VS0,VE786
etag: "78c86859abaee40f233a9a8c96540124"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1701363099682984
content-type: text/javascript
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.25.0.js
access-control-expose-headers: X-Nyt-Mktg-Group
x-nyt-route: ads-static-assets
cache-control: private, max-age=0
x-nyt-app-webview: 0
x-nyt-edge-cache: MISS
x-amz-checksum-crc32c: b1VVOA==
x-cache-hits: 0
expires: Fri, 16 Feb 2024 23:53:40 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: MISS
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
content-length: 322837
last-modified: Thu, 30 Nov 2023 16:51:39 GMT
server: UploadServer
x-goog-hash: crc32c=b1VVOA==, md5=eMhoWauu5A8jOpqMllQBJA==
x-gdpr: 0
x-goog-stored-content-length: 322837
permissions-policy: browsing-topics=()
accept-ranges: bytes

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 105ms
32ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:14 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2641877
x-guploader-uploadid: ADPycdvQ2tsmGwZia24nvWakIeZnee2wv1rzUt2BXERCh59TPYCEAO8j_YhUC7Tm9O6g4YhfpMMJc6RN-GAWsVjQQ9iUrw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127620.594316,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991776265363
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 77627

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 105ms
32ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:14 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6273557
x-guploader-uploadid: ADPycdu6oPoB1lrm4nrC4uTUUYNY-TofJyZlB9vtnbOiIBPE-fi_s2qGLKfRMBlk6qzPidfKWIlELGLSh8aAJjFiZPkf-A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127620.594296,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991776231570
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 79139

GET icon-the-morning_144x144-b12a6923b6ad9102b766352261b1a847.webp
s3.pardad-trading.com/vi-assets/static-assets/ 0
0

GET
H3 200 icon-the-upshot_144x144-0b1553ff703bbd07ac8fe73e6d215888.webp
s3.pardad-trading.com/vi-assets/static-assets/ 986 B
3 KB 1338ms
1336ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-upshot_144x144-0b1553ff703bbd07ac8fe73e6d215888.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

815e85139cc9a73d4233ca7620d3aea96bd46da73c96ef98f9f6217747252861

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrx4gu860HcxXCJ_HzPyxEP5bTTnmbQOhKEvxmHUrjFkYI0d4c29sy0F4czFBIe-Ha6iaBrqs8bKA
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220119-FRA
x-timer: S1708127621.788325,VS0,VE1
etag: "7619f36515a80c34616bb3f706438e35"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219415013
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-upshot_144x144-0b1553ff703bbd07ac8fe73e6d215888.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 668
expires: Thu, 30 Jan 2025 15:00:26 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 986
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=oIrD8w==, md5=dhnzZRWoDDRha7P3BkOONQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUyIcAUJHDkaFk2nMmpnpeOejI%2Fo0pFcvv1sxGcYQYfyQ6wp2D4AMckFPsoPu8ARFeAnYIz0h5Nwg18TSel3Njr0tAui%2FJMqepWYCj5%2B4%2Fv9JK9pPWIKINfCHAso2nvx4vrQzImhh9m%2FF0CtjuLOVS3eUZ0%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 986
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6162ce4da77-MIA

GET
H2 200 the-daily-album-art-mediumSquare149-v3.jpg
static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/ 2 KB
2 KB 34ms
33ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/the-daily-album-art-mediumSquare149-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5bcbb026b99cf9c89f233879e5ee670e4cebd4c46a64bbf2bb0e182d7de12a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Sat, 10 Feb 2024 00:21:24 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010248
x-amz-meta-goog-reserved-file-mtime: 1508508914
age: 603135
x-guploader-uploadid: ABPtcPqjUqnvvoaw61EMRccaqqQH3ygwzVbxOgsxydS2jPO0Z1Wvacjbl5LMuka6jw8OSVGVz6w
x-cache: HIT, HIT
fastly-io-info: ifsz=4394 idim=149x149 ifmt=jpeg ofsz=1634 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 1634
x-served-by: cache-iad-kcgs7200106-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.628668,VS0,VE0
etag: "HPbirA0fWmyESk2gs9sQOpqwoCet79wESBgJtWfYxrg"
vary: Accept
x-goog-generation: 1688068262914090
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=BerQJg==, md5=eyHUiE9aT4aQVVtBSna3JA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 4394
x-amz-checksum-crc32c: BerQJg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 61, 13343

GET
H2 200 the-run-up-album-art-thumbLarge.jpg
static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/ 5 KB
6 KB 33ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/the-run-up-album-art-thumbLarge.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 04 Oct 2023 07:17:37 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300720
age: 587363
x-guploader-uploadid: ADPycdtHTcE6oJpJUyUJnS6FTqtIPAzmrvyHf2ozzBd7EyI2NabnUMlD_D4MBVpxerg89VPOoGGvALuUGSQuPelDzTjXtQ
x-cache: HIT, HIT
fastly-io-info: ifsz=13823 idim=150x150 ifmt=jpeg ofsz=5314 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 5314
x-served-by: cache-iad-kiad7000132-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.628638,VS0,VE0
etag: "hoyyH5q1+NTFT41vUc5DQY1n5mPXI75JtPWFn4Jaf4Q"
vary: Accept
x-goog-generation: 1688683994203172
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=10HhSg==, md5=VVlpmckmFDe4+jzoN3ttXQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 13823
x-amz-checksum-crc32c: 10HhSg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 41, 19692

GET
H3 200 icon-europe-morning-briefing_144x144-f0a330cb12ba0c31f81f13e25f6d0d18.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 761ms
760ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-europe-morning-briefing_144x144-f0a330cb12ba0c31f81f13e25f6d0d18.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7184f94de6059eb2acabe5ca2b8d4dee7ce2817a5c69de917b8c987a38a58c60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqNPYBWDBUsTcRtprc2jqnABzUHRZuwo4lf5ywpdVWhEc3aIs58cZuyVVz60ViSTVROqCaCMSVg7g
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1708127620.208388,VS0,VE1
etag: "7b359190695ab3ab692b459d08d6fc80"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219393647
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-europe-morning-briefing_144x144-f0a330cb12ba0c31f81f13e25f6d0d18.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9452
expires: Thu, 30 Jan 2025 15:01:05 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1346
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=SN0HNw==, md5=ezWRkGlas6tpK0WdCNb8gA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JEHAx5OUVwj4Vt4kZuWJCmYmvHQQEqnQELtBrKdeAMB6OWaXJfI1uFCMA%2Bz9P08SaV2VZf65hKwvb2Qtx2bnqTlyxSeZgWAZDkCaLdXeGetyxP%2BaCRTPRd3dgu2PtRisTuK0FeMI0WHzIcjGLZxaTN6t3U%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1346
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6162ce5da77-MIA

GET
H3 200 icon-the-interpreter_144x144-b29b74b2ebedb8e74823f33b16fb8167.webp
s3.pardad-trading.com/vi-assets/static-assets/ 2 KB
4 KB 2141ms
2140ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-interpreter_144x144-b29b74b2ebedb8e74823f33b16fb8167.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1fd7964d738926046b207a7c8ac57250afdefabc84fe7efc836766f7bd5dbef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqFZ6xK3QYQOekPsJFvrnnOqSEqWlYv_kl01t1j5eDMgtdQOKAhTRZwMM4SnDRlHnD4Ff6Nt2xpeg
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220120-FRA
x-timer: S1708127622.591184,VS0,VE1
etag: "8b73b365ca326ed75a6fccc55f981049"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219425389
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-interpreter_144x144-b29b74b2ebedb8e74823f33b16fb8167.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 691
expires: Thu, 30 Jan 2025 15:00:22 GMT
date: Fri, 16 Feb 2024 23:53:41 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2540
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=fxGWyQ==, md5=i3OzZcoybtdab8zFX5gQSQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkZFZNBU35QWsaxEuMhE3qXnLDv8KicrHQNgu8IaaLm0JDCWiS95zW9pV%2FTsfOXT%2BRlq1hcY3YP7jJ1PpeNOdhOPbP4u1LpJBI2EhAwxwU3ig2jYGUebmgnEYCdd39rGhdU7Ph2vIRRqw8xjGPOiRhrptUw%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2540
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6162ce7da77-MIA

GET
H3 200 icon-australia-letter_144x144-725c615ef3bd78aad9022371a0185fbf.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 747ms
746ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-australia-letter_144x144-725c615ef3bd78aad9022371a0185fbf.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27141b3b405cc996997629f3e4e561247b42b1bdbbb9e3a53b09c45bd5c5d135

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpADIYBILEa7y9tE7aLJGzBcJE3u0hK_VN0wl0aJjjyD3SxkG74WJRqI1yUFGRKaUEGt6rz-i0Bkw
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220101-FRA
x-timer: S1708127620.197027,VS0,VE1
etag: "c3a86945c78cf2a1f5a56cd6d85df60d"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219374278
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-australia-letter_144x144-725c615ef3bd78aad9022371a0185fbf.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6419
expires: Thu, 30 Jan 2025 15:00:26 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1488
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=/ahZ/A==, md5=w6hpRceM8qH1pWzW2F32DQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qoiISut1HFQ6l7uDRcFTYXqXXAuyoSZTGU3HjWYQfo9UQMjyWkkkjiJCMgPEQR%2FfEHrjApgovYF09zgldjaVWLk6QYSWd%2BHi%2FFXNxLaKUiBYzZdYHG0QdG7J4XEoqew3RAE%2BN%2FelDrCUY6a6NKqRM743Qg%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1488
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6162cecda77-MIA

GET
H3 200 icon-canada-letter_144x144-65d899377edbcce9773d31fd03a77e8d.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 1264ms
1248ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-canada-letter_144x144-65d899377edbcce9773d31fd03a77e8d.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a97d7e2b2a744b06c4860981b48cf1a6f1a4046e48270bf825cf9a90b1f3636

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpKC6CwIbrJ8oehKVJSjbrPr_20NRnpBS5A5bGpCxJUcrzB5Hgx93xGdYP9ALue9RBhJODjiFdObQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230031-FRA
x-timer: S1708127621.702785,VS0,VE1
etag: "da33dcbb2e78aa9d454f3acf848bce37"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219386867
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-canada-letter_144x144-65d899377edbcce9773d31fd03a77e8d.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1298
expires: Thu, 30 Jan 2025 15:05:44 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1512
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=dxujdg==, md5=2jPcuy54qp1FTzrPhIvONw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xg%2BqUI5NNiqf3OT8LJdbgJ7YzX85MNKACD2qhNlDZP2VaQ6%2F9mZpHQ0zgisMlLGg%2B%2B3%2BkeZOHtY9HaXwz6Pk%2BZ2%2F1uxbnPTs2JBB6lkYmmkaPK91FsODoaSrTQdymbsXe1oi97Doh%2FZ1hLEm22pDaFlAMHY%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1512
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6164d24da77-MIA

GET
H3 200 icon-dealbook_144x144-28e8f71aafff426804c3a92b1b176e07.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 786ms
770ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-dealbook_144x144-28e8f71aafff426804c3a92b1b176e07.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

922a4c224d2a5acba49effd511ac46c69297624b2ce0c0477530b9bb2d8487d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqmjFrFpZhZAP9veXXiftLhOeotuXGjxWokda6_9e9iXmvc69VeVNTPdpIdgE9aYbCYlCVItp_Sgw
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220091-FRA
x-timer: S1708127620.235786,VS0,VE1
etag: "1b37cfabd6ce4edd45d8158c64192651"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219388373
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-dealbook_144x144-28e8f71aafff426804c3a92b1b176e07.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 642
expires: Thu, 30 Jan 2025 15:00:38 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1094
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=4KdzEQ==, md5=GzfPq9bOTt1F2BWMZBkmUQ==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBWLvwaUQS2JpDWzb7E2qUFk3QOLudU1Z%2F8pfFZkjNtstSJdCDIUsPhOioh9vUvexg2DDmW%2FJxa7DwnQ33ifHlY5MgHPNbnvrD5%2BsO6CrrMDQ3pRffeRS%2BMeSl3YMX%2FgwxN5jzUstl8yclfpYxuVYSoyoCQ%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1094
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6164d26da77-MIA

GET
H2 200 hard-fork-album-art-mediumSquare149-v2.png
static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/ 30 KB
30 KB 34ms
33ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/hard-fork-album-art-mediumSquare149-v2.png?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e4e53fef7b814459a9d88a90513e6df308bd0aec7f2c0d58f5813246783f23ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 12 Feb 2024 15:50:32 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010213
age: 374588
x-guploader-uploadid: ABPtcPpNqW101uJb8_OK1xZKG6QQeBE98sgKK-zIF3t7klKc0iY-jff3Gy1koWY1vsmdAf9XyX6y36oPQw
x-cache: HIT, HIT
fastly-io-info: ifsz=43690 idim=149x149 ifmt=png ofsz=30638 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 30638
x-served-by: cache-iad-kjyo7100157-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.632256,VS0,VE0
etag: "ee9TMhlTvfSQBJMIrc1b52i0j4ADRxPDfa0JeLNHHeU"
vary: Accept
x-goog-generation: 1666018564336971
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=WQ/L6A==, md5=65gTRO63WF+xxriJTWiBOA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 43690
x-amz-checksum-crc32c: WQ/L6A==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 55, 13684

GET
H3 200 icon-read-like-the-wind_144x144-5bcf9faf41d0b49df1df29e59a868b36.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 793ms
777ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-read-like-the-wind_144x144-5bcf9faf41d0b49df1df29e59a868b36.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f92d409454f07d130a17a8a40694683700fa7908f77519aa3fd6ed6bf08a43af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqQ_SyB3t2ui_Rh_oUhYEWkR8QYBsQuBUyV3ds5j9UZWvnaLKOZZtWS4rmSlgMoxFMycUl1DJi95A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230127-FRA
x-timer: S1708127620.238802,VS0,VE1
etag: "2f322bce46245172bb707708f4d9942b"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219402688
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-read-like-the-wind_144x144-5bcf9faf41d0b49df1df29e59a868b36.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1750
expires: Thu, 30 Jan 2025 15:00:32 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1310
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=Y1z48w==, md5=LzIrzkYkUXK7cHcI9NmUKw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USYXQMGQedw%2Fj6TDVepLQ%2BcGSsOY8X21Ue3UZJH0pTgSXRXGk%2F%2BbjxsPh%2B8zNpNh510RvpRIk57IIlwIpar38feNsF1Yz80ghmVOjaQ9ZcQmsaJtP9hof3rdNlQBHYKIW76wx%2BnbN9MSRyr7rAyV7LFeW%2Fg%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1310
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6164d29da77-MIA

GET
H3 200 icon-watching_144x144-631a1da177f9fda1a7f4614ad8e607bd.webp
s3.pardad-trading.com/vi-assets/static-assets/ 716 B
2 KB 766ms
749ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-watching_144x144-631a1da177f9fda1a7f4614ad8e607bd.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

095a2050fffeee67efcc5dffaa579dd76fe3916b3de4c384aa037acca45d9c9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqIJdKzyE3meHSjeIm52awAN_ELLMztq-8ilyW2oU99z1RZMEviRCGAaV3NJqvrZcrZGcYvDGo9yQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220128-FRA
x-timer: S1708127620.217379,VS0,VE1
etag: "ebf3822150dda45cdaae0820a0bc1e98"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219427731
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-watching_144x144-631a1da177f9fda1a7f4614ad8e607bd.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 725
expires: Thu, 30 Jan 2025 15:00:31 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 716
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=Eoq80Q==, md5=6/OCIVDdpFzargggoLwemA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdW305eZkh4lfUbrg7nNMGmkcf49yWtapkLBtM6aShTY0DRMENsCnPj2Uoh8qdojN6NcncKT4ZbH3bofQIZ7shGsB61v4slBIecHggEAtdzkUaRnIpFZQ0hKftQvjr%2BQKruEz558DsAa5rKjMEwli37nuzo%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 716
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6164d2cda77-MIA

GET
H2 200 book-review-album-art-v2-thumbLarge-v3.jpg
static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/ 3 KB
3 KB 34ms
33ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/book-review-album-art-v2-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 13:23:18 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300718
age: 40772
x-guploader-uploadid: ADPycdvWAmkx95gCPu14IQ4q4BE3dphI347Cam23BbGkeCIoa-nNMMO9_VMy5Xo8Q1qd4tiwBGGtFt-VA9JTnOfOljAGxQ
x-cache: HIT, HIT
fastly-io-info: ifsz=10250 idim=150x150 ifmt=jpeg ofsz=2772 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 2772
x-served-by: cache-iad-kjyo7100097-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.632262,VS0,VE0
etag: "f6YZ2ZJovRqmFs0MIuaEVzpH2+CtkFFBiLmf31seml4"
vary: Accept
x-goog-generation: 1662891747534151
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=EsOybg==, md5=cjEwJ43bqRCDXcDgnJcMnA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10250
x-amz-checksum-crc32c: EsOybg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6337, 2457

GET
H2 200 music-popcast-thumbLarge-v3.jpg
static01.nyt.com/images/2011/05/20/multimedia/music-popcast/ 4 KB
4 KB 32ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2011/05/20/multimedia/music-popcast/music-popcast-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 10 Oct 2023 16:00:57 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300701
age: 387759
x-guploader-uploadid: ADPycdt8GLzOK2GA-IX_ZuZPrjYsWk_7iJzaF1bRZysGkxzR67iJrwH3T01KlbrUrDKZ87h5mxJ_z1U3NdBU81wR4hJ1lQ
x-cache: HIT, HIT
fastly-io-info: ifsz=24419 idim=150x150 ifmt=jpeg ofsz=3828 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3828
x-served-by: cache-iad-kiad7000117-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.655670,VS0,VE0
etag: "qr3LW0rNOUvnYKyDbm09gWnw94oFzi+G4wvyjqveNos"
vary: Accept
x-goog-generation: 1538741982829422
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=VUkWbw==, md5=jSTktUwT+uCRgjlqA0y9BQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 24419
x-amz-checksum-crc32c: VUkWbw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 70, 14217

GET
H3 200 icon-open-thread-fashion_144x144-8e1b4b3fd68c2f333faa63097da2249b.webp
s3.pardad-trading.com/vi-assets/static-assets/ 2 KB
4 KB 2581ms
2561ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-open-thread-fashion_144x144-8e1b4b3fd68c2f333faa63097da2249b.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aca80728030390ca27a845ca99c8e6bd9174aea22b4060971d1a0ea9a8e9454

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrU6SIs1dE-TZsXjxfgyVz5WanVN54pA2sSsg_FZsGJrQ-xPPMFaMqfeXlTDwZZEHA4sGdrh1_f7g
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220060-FRA
x-timer: S1708127622.021929,VS0,VE1
etag: "9234a6e50533c0f78cd1097f674d2c47"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219404066
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-open-thread-fashion_144x144-8e1b4b3fd68c2f333faa63097da2249b.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2300
expires: Thu, 30 Jan 2025 15:00:50 GMT
date: Fri, 16 Feb 2024 23:53:42 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2102
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=pc/b8Q==, md5=kjSm5QUzwPeM0Ql/Z00sRw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bL1fZW36f5e%2BjuOkEBrJFlJiY6qCXtZj30Wn42P%2B1PeaZF193yfMXPjSFT5aT5aW6%2BRJewITBcCNAhzBVhvAj1yf4MFbCdVGVGYbZuxr8p5AzKpKXHhnlQEx5aREGFDpEhvodCFr%2Fw%2FYB9fhh3qP8mEPAoQ%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2102
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6165d40da77-MIA

GET
H3 200 icon-love-letter_144x144-ca0ec74f4bdd665895bfab2e923eca66.webp
s3.pardad-trading.com/vi-assets/static-assets/ 2 KB
4 KB 792ms
772ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-love-letter_144x144-ca0ec74f4bdd665895bfab2e923eca66.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

612414151e0b7f8ab5b7e572fe287acf1202084cda302adb8522397f462ba305

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqxjDKch02EiZu8JKUytgibq9AkCERo6D-i9xjA4scO_USTIQ6ZI9VbeLtU6Rs-81_5XQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220069-FRA
x-timer: S1708127620.236871,VS0,VE1
etag: "36b0ee5560fe3fad8cff0f177d747f87"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219396228
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-love-letter_144x144-ca0ec74f4bdd665895bfab2e923eca66.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6393
expires: Thu, 30 Jan 2025 15:08:31 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2162
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=Io8sdg==, md5=NrDuVWD+P62M/w8XfXR/hw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FR%2BVdJmfphCe0VTGAzwGiP7BmX8eCTswM5dF7n%2Bc6aKyFHtVcYvetHTfScVkJan4v89O%2BaIh8sPPZRULkhgoWPbRnyN%2BRWdWfDrviHW1coNa5SQUwfKwg%2BDlZSDKaJPnY4RfUmA%2B5Gx4zbXKxsWObosfDE%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2162
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6165d44da77-MIA

GET
H2 200 modernlove-logo-thumbLarge-v3.jpg
static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/ 4 KB
5 KB 32ms
31ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/modernlove-logo-thumbLarge-v3.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 13 Sep 2023 08:39:00 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 39921
x-guploader-uploadid: ADPycdt0XxgLthW-lZusqwlATkcSRIv3_Foir_nooE-41Aj9CfXpw6sooNFUEKbC1E3nqdM3EF1EfkJPaAHLz0c5XCtAEBsey_xl
x-cache: HIT, HIT
fastly-io-info: ifsz=11068 idim=150x150 ifmt=jpeg ofsz=4084 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4084
x-served-by: cache-iad-kcgs7200165-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.662336,VS0,VE0
etag: "m/kFRv2O1tFCo0C85yLpe5fDFs//5pFoSBOWMgnJf9E"
vary: Accept
x-goog-generation: 1665608966820623
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=BQuLtQ==, md5=p/lR9gCKmtliQRSN6dd/dg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 11068
x-amz-checksum-crc32c: BQuLtQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15517, 2384

GET
H2 200 matter-of-opinion-album-art-thumbLarge-v2.jpg
static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/ 4 KB
5 KB 33ms
33ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/matter-of-opinion-album-art-thumbLarge-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 02 Oct 2023 15:32:50 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300710
age: 123748
x-guploader-uploadid: ADPycdt0TrNqndBEgkmC118TvA85g415qMWEAee92mC0Bcva_u9DBgWVzdZgq8SIX8GJuvMvlfmIJIZaC4IYtgW7H_q0ZA
x-cache: HIT, HIT
fastly-io-info: ifsz=12674 idim=150x150 ifmt=jpeg ofsz=4132 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4132
x-served-by: cache-iad-kiad7000079-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.662467,VS0,VE0
etag: "yoekWzapvzDgK5g1tJpvXR4Q3abo6OZMw027E8Ag3Fo"
vary: Accept
x-goog-generation: 1685027532007855
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=cBstdQ==, md5=af0IeRKwURQQpabIs66V1Q==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 12674
x-amz-checksum-crc32c: cBstdQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 74, 5334

GET
H2 200 ezra-klein-album-art-mediumSquare149-v2.jpg
static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ 3 KB
4 KB 36ms
35ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ezra-klein-album-art-mediumSquare149-v2.jpg?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d1582496f5a3dfc8ea0f003dca762b94a11141461cd2df63f79cf685b7e6fac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 12 Feb 2024 15:57:26 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010228
age: 374173
x-guploader-uploadid: ABPtcPrs9CyClWH-VsaKJPy77xi-4tN9Oa2wjsqnDKA_qBJPk2f-if0V698eNvbh5vaM3DwwWJWRFQWBYQ
x-cache: HIT, HIT
fastly-io-info: ifsz=10841 idim=149x149 ifmt=jpeg ofsz=3540 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3540
x-served-by: cache-iad-kcgs7200024-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.669716,VS0,VE0
etag: "IQFtoe5YeilXT33ut7xeHw6hHGDp7IeEUhHfNkXmGrc"
vary: Accept
x-goog-generation: 1635784873959530
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=DuNwCg==, md5=wcM5yhv7TDG9Fmkzr/wwBg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10841
x-amz-checksum-crc32c: DuNwCg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 54, 13283

GET
H2 200 headlines-albumartwork-audioapp-2-thumbLarge.png
static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/ 13 KB
13 KB 35ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/10/12/podcasts/headlines-albumartwork-audioapp-2/headlines-albumartwork-audioapp-2-thumbLarge.png?quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 20 Oct 2023 14:00:23 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300707
age: 389091
x-guploader-uploadid: ADPycdvcZw_RvVMFlkZc-xVGK9Qm1jixjRMOF1OZQTuJz-ns8UHD7U3fmD1ap8dkm3WKHbSW9KRYqouno2vTFey4_12ZycrQY02c
x-cache: HIT, HIT
fastly-io-info: ifsz=20844 idim=150x150 ifmt=png ofsz=12952 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 12952
x-served-by: cache-iad-kcgs7200036-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127620.669744,VS0,VE0
etag: "LbFwq71cDcti1tLA50q2p9CsL0R7Xg7ULZY6QK7bdcY"
vary: Accept
x-goog-generation: 1680812038156789
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5MfQCw==, md5=qqLRi3ewu5a5crO4pskKzg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 20844
x-amz-checksum-crc32c: 5MfQCw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28, 14648

GET
H3 200 icon-tkorc_144x144-912ab7502129bc56d0c809d1d33396f8.webp
s3.pardad-trading.com/vi-assets/static-assets/ 5 KB
6 KB 404ms
384ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-tkorc_144x144-912ab7502129bc56d0c809d1d33396f8.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c3bb445a65f00a954fc1e0d957690acc408f2e9904ef44d033e87f65e7160fa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqD4b0ixVfeGQ_1FxHKSQUESH0KP_7U1kUWK94vjvyfuJPJMWCaKx0dXZch6tclmLWT3_yCijeHdw
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230047-FRA
x-timer: S1708127620.805117,VS0,VE1
etag: "6035f0817e77088d891d178c2174de76"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706642253834301
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-tkorc_144x144-912ab7502129bc56d0c809d1d33396f8.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1659
expires: Thu, 30 Jan 2025 15:18:00 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 4630
last-modified: Wed, 31 Jan 2024 15:11:56 GMT
server: cloudflare
x-goog-hash: crc32c=hCF/7A==, md5=YDXwgX53CI2JHReMIXTedg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FW3huHP6PL8hPomvAdBCO7F4OqKqIWCoyrtO3XIP2lCFIwKnWilBQKy8rgSpCInt355Sxt6SEGEpBLcq6UKA37KBeFgBgzAOtCSePwE4lkijN8gg3tMpKob0h0QiaujbtgUs3OXV5r3WiYPNHMHmiDU7tyc%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 4630
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6165d4fda77-MIA

GET
H3 200 icon-reporter-reads_144x144-f63cbc9989c9a468682611ad1f6f5d63.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 766ms
745ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-reporter-reads_144x144-f63cbc9989c9a468682611ad1f6f5d63.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49a5061864b4b935b6055a17db8704dfb40f092ab777c9e2d578f195fc7c38c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqO-JQblNS1hm-VkUCM2F7ojhpLNGYMX6KLqMPuUMY-4A0rWf_O4x5qD7-BfSIeL6a1nncKc_ua3A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230111-FRA
x-timer: S1708127620.221302,VS0,VE1
etag: "46ff016e8e7d9fb709ee54c06a6e9a7c"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219425034
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-reporter-reads_144x144-f63cbc9989c9a468682611ad1f6f5d63.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1702
expires: Thu, 30 Jan 2025 15:00:50 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1196
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=AwRITw==, md5=Rv8Bbo59n7cJ7lTAam6afA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWfMOPH8ICWwPDT2IIaMXGs0K%2Bqd%2FSOwG31IrRk42kK2y4a7IxwVHFIDIDzR8rMIoiBikWOGsuGoFnDqsJycquBgFMe9cPeXtzBWU8QjlPWty%2BEwjc%2FKFptAdjFdzRdrs2GQigbjZ3cw%2B%2Fh3rJf467SFWWg%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1196
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6165d57da77-MIA

GET
H3 200 icon-audio_144x144-dc00c6581be29065cbd19ec7a83a3767.webp
s3.pardad-trading.com/vi-assets/static-assets/ 550 B
2 KB 790ms
767ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-audio_144x144-dc00c6581be29065cbd19ec7a83a3767.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c11193952e3a7f5c5887a688239ba863628181c0a55f8bc3ab687ff755c1a33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPq4G42pte_Kh3OfcraAIh9KJK4vL1DeRN04TYy_NYX1Fqt4i5v0yFAJ2soTSe9AgNIwfVGmDYhI9A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220041-FRA
x-timer: S1708127620.244654,VS0,VE1
etag: "24ce98a477c7ea5c0a87f86f39e41af7"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219368868
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-audio_144x144-dc00c6581be29065cbd19ec7a83a3767.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 6308
expires: Thu, 30 Jan 2025 15:05:16 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 550
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=vX1hzg==, md5=JM6YpHfH6lwKh/hvOeQa9w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TI5EnYRA4P0UsJpELcx5elf%2FkyyHaTgC%2FuqKscBlG%2BqYAMdxkDW6jxw%2BqaZ8GCCoM2Xr0Iu0VtST9C13q4o6kamaQ%2F%2F%2Bmwhxd2IHjdquzrvQ0c8Kh1wrhOMEKU8D75%2BSxYI%2FnaqWjDFACsSy8ebIYz%2FoodM%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 550
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6165d5eda77-MIA

GET
H3 200 icon-gameplay_144x144-b6cc5e2a7cc27a43096274a02921329c.webp
s3.pardad-trading.com/vi-assets/static-assets/ 678 B
2 KB 1266ms
1244ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-gameplay_144x144-b6cc5e2a7cc27a43096274a02921329c.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

264062387185aeac238d90328f12342a4dac123baa47d7981dc2797a43dd39ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPpd_8jklT4IIuRUBm7WnEn3G3TnMMZT63pjnBpQII7-kKE3UO6g6bojfxDIeLtSwIIhwWTP0c70TA
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220061-FRA
x-timer: S1708127621.727905,VS0,VE1
etag: "02f62939409fc27f9897a8cca610d9eb"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219393688
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-gameplay_144x144-b6cc5e2a7cc27a43096274a02921329c.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 741
expires: Thu, 30 Jan 2025 15:01:04 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 678
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=2mq0ow==, md5=AvYpOUCfwn+Yl6jMphDZ6w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwT6VvWqKmvcmuN3jJclQCDzVQTa6UV21ABthzaufDBqWTXusGb6ughTXLskMrLgSCqHuh%2BLJ3JO3eRRk7OHFn7Q%2BoIwQ8lJI%2FPFZsmBxL1n1Jfm9lD6pkEvPS1po0bZvjGHL1zla5Zef2m%2FF0RASt53LAg%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 678
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d65da77-MIA

GET
H3 200 icon-cooking_144x144-5a8be1ef711d4ba5e66b0be7a2ca8bfe.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 762ms
739ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-cooking_144x144-5a8be1ef711d4ba5e66b0be7a2ca8bfe.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a6bd1e9706f15358fb636bb52f69b755d936a79adc1e5056c439cd59cbb41ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqG3jEtmAx30KJ5pQSZpuaoe9x6I1poPg5bGCkHXRC3bDg1pKM4Yc0fGKAjuXOXF0LD5A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220128-FRA
x-timer: S1708127620.222218,VS0,VE1
etag: "52dc1622da9acdd8e9d6425b778018a2"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219379295
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-cooking_144x144-5a8be1ef711d4ba5e66b0be7a2ca8bfe.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 719
expires: Thu, 30 Jan 2025 15:03:37 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1304
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=Y3AEUw==, md5=UtwWItqazdjp1kJbd4AYog==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3dWmNFmBu%2B0kAILUHTp6678PTpBnrK8JxZVQCPEt%2BGghl6S1nlzkjrnhEtvYDQYZpRW1tt%2B5XxpdyaMC9GEF%2F62tGdZaEe7c3h7UBaFbkqbgAmgRf8FR5sxYZ2eP9K5IAF7SOnJwLavtfIIdd1%2FNgDbBvs%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1304
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d68da77-MIA

GET
H3 200 icon-the-veggie_144x144-f99606e1ca100f88cdfd8d763bf442c5.webp
s3.pardad-trading.com/vi-assets/static-assets/ 4 KB
5 KB 787ms
765ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-veggie_144x144-f99606e1ca100f88cdfd8d763bf442c5.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac3c156a0e6cc290e315b2cf97ce75c4ce23417e33628e964196ea3fcd2cfffb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqBK5TrArJMyneF5hZk0wz2_MklugjG66I8Im9C6UdCPBUT1P0Mo3gdL-i6uN49xeRI_uITzF1P7g
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230062-FRA
x-timer: S1708127620.234825,VS0,VE1
etag: "a3eac57b118046245537a040ece53296"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219410188
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-veggie_144x144-f99606e1ca100f88cdfd8d763bf442c5.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 10183
expires: Thu, 30 Jan 2025 15:03:38 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3846
last-modified: Wed, 31 Jan 2024 15:02:47 GMT
server: cloudflare
x-goog-hash: crc32c=5bXk5w==, md5=o+rFexGARiRVN6BA7OUylg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqhX5LRnVA4%2FQ%2Fahg9WXAMfzKIqJaF9LlBIjDZmO4fYPWDxqwstWmbl8DJpNHDLycIHqUNrPnQfvCn3AhO9smlXbyvkrHksqfdejC1LnFEb5nXQX9SJSNecTBH%2Fi9N459vIVQHh51cPsLXMQFkb5zfyMAew%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3846
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d69da77-MIA

GET
H3 200 icon-five-weeknight-dishes_144x144-97d51c5d4ba98233667b4057e3d852ab.webp
s3.pardad-trading.com/vi-assets/static-assets/ 3 KB
5 KB 803ms
780ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-five-weeknight-dishes_144x144-97d51c5d4ba98233667b4057e3d852ab.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3e01a24e357418c6b81f191cdc6fedf29f78d0b8002725c1f9b3e2d4d9233cf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPo_dj85Z6Ct3dFaUljBJqBX15GjXEetNnyWsM4HHYB4HmX06wYrJWwi1GS0iFaRGAViyur6-gC0LQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230091-FRA
x-timer: S1708127620.257968,VS0,VE1
etag: "91e51718c8fbf5057e408865d634eefa"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219397430
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-five-weeknight-dishes_144x144-97d51c5d4ba98233667b4057e3d852ab.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2146
expires: Thu, 30 Jan 2025 15:00:52 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3322
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=xEsd0w==, md5=keUXGMj79QV+QIhl1jTu+g==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbwZv0IalaRyrCmiRBZCNcHTKbzEODe7QkdPZSiJXSwXsYcIjUZT8rPlsnCnmicu8wM91f6Cldzj%2B7mm92PSQYk5mZxA4S1VnkGKqPimrgowdv1MCJvTItCtwk4%2F%2BNeaBP7NtbN4ujjIZ%2BQuzPvyVhvzCP0%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3322
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d6bda77-MIA

GET
H3 200 icon-the-recommendation_144x144-3e66bd6cc82013bd511c31a8f04d4ff7.webp
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
3 KB 804ms
781ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-recommendation_144x144-3e66bd6cc82013bd511c31a8f04d4ff7.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

161376c4f90d4e97682e18c3363465dd9dffd7c346a24961b1b563862f59bd09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPocWgDEC2FhpiXi_GRA4jJuG6-5CsIwykkpmZWSysixz3I4AheKIh-9kHE33G1evV00bwBUCIvH6w
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220099-FRA
x-timer: S1708127620.257812,VS0,VE1
etag: "c902f5d2af0f2e13ef1e29ce7a3d4350"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219423484
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-the-recommendation_144x144-3e66bd6cc82013bd511c31a8f04d4ff7.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9
expires: Thu, 30 Jan 2025 15:00:28 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 1058
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=sYXh8w==, md5=yQL10q8PLhPvHinOej1DUA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myKKgYp4j5E1VsQ7svlDRO6PDg0ZE75EGxjzDkBOlcQCCW5oyMnxCRUW8JyiFwZhJoloyHR1PbsV6b8lqmAsM2yp0lj4jXq0fAZ%2F5By8xIi4NvKK%2FCOzraa%2FKECL034Ad9SaaE0ApFplgOXsDwdVFXsOwWc%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1058
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d6dda77-MIA

GET
H3 200 icon-clean-everything_144x144-97312e349d7284039a2153cb541b7fda.webp
s3.pardad-trading.com/vi-assets/static-assets/ 2 KB
4 KB 795ms
772ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-clean-everything_144x144-97312e349d7284039a2153cb541b7fda.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

299d2fa755a26bd5007a26fdf65958b73598c74456b1d81cd72244e54b8a6dcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqvbAmMvYFNaGizaqJEQkDWcQjUcpO3HK48YKjyM1qVrg1hde7lFnQf-nCAhzs6Hi48qa_MjmvqUQ
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220132-FRA
x-timer: S1708127620.236329,VS0,VE1
etag: "d75bf842483274a9d6c4274aa6367e1c"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219381472
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-clean-everything_144x144-97312e349d7284039a2153cb541b7fda.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 746
expires: Thu, 30 Jan 2025 15:00:30 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2380
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=fboKBw==, md5=11v4QkgydKnWxCdKpjZ+HA==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUdV0kHHIptFcesruFf1mqGIJxgDwSypZrT2tAI86bzO%2FOuJ3hKXgXZRMgq8lpT6nmmUQEy%2BJRildGDFku2vITywiQoS0%2FXiwGf1olHoPieCoCODtdu5puLBz%2FBex6bksgUcZmr5eRMCco9D%2F%2Fqe%2BMAX46M%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2380
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d6fda77-MIA

GET
H3 200 icon-athletic-pulse_144x144-393cbda91e2678278456723b62a9b21f.webp
s3.pardad-trading.com/vi-assets/static-assets/ 3 KB
4 KB 763ms
740ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-athletic-pulse_144x144-393cbda91e2678278456723b62a9b21f.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06276214001978a8f3382e91ec5fadf2bd507f174f950e8cdeca4a0e91f170a9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPok2_F39R_UAV4nsHv7xPDRIkKHz4LLWD8YtJPA9PpxujlSIK61LuGy8KPB6rEkTDSNy9Tir3aiQA
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220137-FRA
x-timer: S1708127620.225670,VS0,VE1
etag: "cba067c899fc1935a8adb9c03c5e9ae2"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219349623
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-pulse_144x144-393cbda91e2678278456723b62a9b21f.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 717
expires: Thu, 30 Jan 2025 15:00:29 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 2720
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=ou6wHg==, md5=y6BnyJn8GTWorbnAPF6a4g==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VP1JN1dEzG3RXLB86dO%2BO2M2YjskYjLQ4AmOdLdErWNfvsr6YJykvQG8SsP4XCcNnaS61vorv1zCLs1Or06vhn%2FodLXvfwdAiNOMvykB5yUKfpCSKHeQyCRdmB73sQADTDov5HtaaSarAI%2FKAWQrTNgBTyo%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 2720
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d71da77-MIA

GET
H3 200 icon-athletic-windup_144x144-c03f2bf7ebd88f1c239ba4a6b2228679.webp
s3.pardad-trading.com/vi-assets/static-assets/ 3 KB
5 KB 769ms
745ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-athletic-windup_144x144-c03f2bf7ebd88f1c239ba4a6b2228679.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04247f45e4298b818db5d6161620f2b9ee1d782aa4560a45f5765c41c672d6a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPqZLSbP24QNjcIDo06C5JTC8zpF2e5FHP-E7VZ-3gI7d9kc6_M7E7i1xrZfzVzUkJfyAg
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230030-FRA
x-timer: S1708127620.228851,VS0,VE1
etag: "eb2a6b7e7581fba3e997ac6f6d138d16"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219349590
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-windup_144x144-c03f2bf7ebd88f1c239ba4a6b2228679.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9572
expires: Thu, 30 Jan 2025 15:00:19 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3280
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=TJQMEw==, md5=6yprfnWB+6Ppl6xvbRONFg==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZiApK1FmgtN2t0LAim4RuWnuNgV7CHv5yFB7NsPvK3W9GvnmRc7JHyzBra5yt8QXobiPsBsJ3tTxKKdXoEtLu7DaHJyZ4BFMmyGC7U%2Bfa2JVbFPvqdVX2BAyN5dnt%2FrAFLeQmAkTPQ2uhUaGflaUDwMCfU%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3280
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d73da77-MIA

GET
H3 200 icon-athletic-bounce_144x144-d34328790b2997ede21ed0cda6dc98db.webp
s3.pardad-trading.com/vi-assets/static-assets/ 4 KB
5 KB 1256ms
1233ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-athletic-bounce_144x144-d34328790b2997ede21ed0cda6dc98db.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9598017c8fd717e1850704f5ecc3acce7888e24b9a152ed5557dad1003efa2ba

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPrERyJFZf1coztwrXX7AmGMGK2i3uvV1byhE4e1Z8C400fQAmEzozOw9k8Ct59Gzd88TVBHxgM-1A
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220094-FRA
x-timer: S1708127621.720583,VS0,VE1
etag: "db8438537a93662fea1f15cecbd8a5fe"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219332880
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-bounce_144x144-d34328790b2997ede21ed0cda6dc98db.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2844
expires: Thu, 30 Jan 2025 15:00:29 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3770
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=UsuYAw==, md5=24Q4U3qTZi/qHxXOy9il/g==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mni3C6wfR%2FMDZ9P72XToYCaEVdqhcDaq57zPT7Q3sISczfnMUxI7Ptv0BgoB3dKv52SXuMdjtWvSITGt%2BeVpl%2BrSZoyV%2Fv%2BeY7%2Fj7CQM0T59zcv4wg0uqFW5qwe6VvoCIMkqyQ%2F9Ji%2FfIFkHI1v6e15L8oc%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3770
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d75da77-MIA

GET
H3 200 icon-athletic-full-time_144x144-1d24f18a01b35a9ebac2e0374a200691.webp
s3.pardad-trading.com/vi-assets/static-assets/ 3 KB
5 KB 765ms
743ms Image
image/webp 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/icon-athletic-full-time_144x144-1d24f18a01b35a9ebac2e0374a200691.webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94d8b663df54b8d00643cb8a84823af0a5bd93c3e491e227b7996246e1677373

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid: ABPtcPp-kLAcwogrzcohkC33qT5y7dVx_4eY4BF_P_iFODQod5bxz1AnipZLCa_cHGO_sZnMVyafYnSbJg
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-eddf8230090-FRA
x-timer: S1708127620.230778,VS0,VE1
etag: "98388ee1b5a6af6d242c84f110a437eb"
vary: Fastly-SSL, Accept-Encoding
x-goog-generation: 1706216219353830
content-type: image/webp
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-full-time_144x144-1d24f18a01b35a9ebac2e0374a200691.webp
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 5109
expires: Thu, 30 Jan 2025 15:00:30 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
content-length: 3008
last-modified: Wed, 31 Jan 2024 14:58:41 GMT
server: cloudflare
x-goog-hash: crc32c=iqFNpA==, md5=mDiO4bWmr20kLITxEKQ36w==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOfEfk1eS2iy8m7%2Fj%2BAjoRsMiRP54p7l5tRQjyu11R8R%2BNCxXxIrgXjGxBCPaGGXP4rUTUIQ3iIP8zEUoJ45LGX40%2BalGq1MEq0JJ9sIC7MgNWpsB61GJ0RfG0D%2Fs1Mc0jX7foE2GToOA4yv1eVMyggYEEI%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 3008
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 8569b6166d78da77-MIA

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 101ms
69ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 03 Oct 2024 08:24:02 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 271794
x-guploader-uploadid: ADPycdva8AHR4BTfjQqdqbkHDdRGYIW8JutzIwxFNawN5LAKJSrECXu6os5oVpCFjekkXIWfgvW677baXump3BlQLLKe
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127620.594625,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
x-goog-generation: 1673991776325560
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24184
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 597

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 63ms
32ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:53 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3331897
x-guploader-uploadid: ADPycdtYKTELTTIh77YD3fVMYiGUBupyK_NkrG4lYnCw0wQqa4_H6rVJ7m3RLALvZPh-Yva1xXdGVfFVTfCTU4XxIQwFR_B0gEOD
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28276
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1708127620.594318,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991775200429
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 46142

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 99ms
68ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:14 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3769655
x-guploader-uploadid: ADPycdsRwda_EOB5LpJhdwDZj2vpvKyH11TDWKhKDAem_9p0RfOsFUxnQkm3TV4Hwsv6-apktrq3fDaEj6u5WFfP3HOeppLc9Dco
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127620.594627,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991776736810
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 74883

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 99ms
69ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:46:16 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3849996
x-guploader-uploadid: ADPycdvhYDoz4CAgqaPW7V_EFM1kOolEePcwJ1MZR-PtG7CvKOZ32JG2ChchRGkWmBq0U2uiZF-WL627Pe8oBB8DrluK59v92au9
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127620.594630,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991776257702
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20196
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 62223

GET
DATA 200
OK truncated
/ 130 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b84ebfbd15694400df12827c578baf3e0d64b86b13222a7d27a536e236dcb6c

Request headers

Referer
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
24 KB 65ms
64ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 22 Aug 2024 08:30:28 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 782785
x-guploader-uploadid: ADPycdsyshPkeRmOGh_NS9yQLHXNgFsfYarqxQyLS-0WCbAfQ2Nbkr24KsoKaoetRraDfY14MbdX6s89AJNPiPlOD2RPIEEXkUfz
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23704
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1708127620.631775,VS0,VE0
etag: "1a0b316424cdebd18086b8dbbc768eef"
x-goog-generation: 1673991775396405
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=FTq84Q==, md5=GgsxZCTN69GAhrjbvHaO7w==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23704
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1633

GET
H2 200 cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
g1.nyt.com/fonts/family/cheltenham-text-cond/ 28 KB
29 KB 70ms
69ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-text-cond/cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 12 Sep 2024 06:18:25 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3254342
x-guploader-uploadid: ADPycdtoCio9JMn3hDbytfVU5zpWgyM7ettw_xzX2NdPQO3lppWa8yoGXTIuncvlQeGG01jX50cgpkwIbZevNBdybQ1Elw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28868
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1708127620.632239,VS0,VE0
etag: "7e78f9e7e6c2e02d82592c4466929fa3"
x-goog-generation: 1673991775506403
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=UQFt6w==, md5=fnj55+bC4C2CWSxEZpKfow==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2054

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 70ms
69ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:47:22 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6365423
x-guploader-uploadid: ADPycdu4c4MWmdPulaQvfgpBwjELQD34rn_rz1254cwvDOflCe-Zn4gJCHKKFSxJuYKzmLuaP870av6pKIwKMISVzUsx
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1708127620.632223,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991775007595
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 62286

GET
H2 200 cheltenham-normal-700.woff
g1.nyt.com/fonts/family/cheltenham/ 36 KB
37 KB 71ms
70ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a67ec15e20b12efff4c0dab67f909e2c7e08f8f7cc348d5c072e5e179b0f7290

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 08:54:36 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2009942
x-guploader-uploadid: ADPycdunTMVi16zsVA5g3dD27nSUgGJ_2nS-IGTwqRS6NAQm-n3g1TVgFOvau-SvAl9XbUFqtfWRz9ckENbYId_fZltBGQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 37340
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1708127620.632189,VS0,VE0
etag: "738608727fc7c5797889e17788508b26"
x-goog-generation: 1673991775275250
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Zk8RaA==, md5=c4YIcn/HxXl4ieF3iFCLJg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 37340
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 65

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba57e9fe37374aae1060174b2a0150a2fca11878eef5c4f3e1d964ec10b345c9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2
g1.nyt.com/fonts/family/karnak/ 23 KB
23 KB 33ms
32ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/karnak/karnak-normal-700.4a0c7e79ac2f009f12f9106482c961c4.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 12 Sep 2024 05:38:19 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 3333510
x-guploader-uploadid: ADPycdu1kOzCyMGTF8GGlw7yD_5jrYhreg02len-GgCK2dyByd4YxDkXNtMFBOijsy4-Fiybwb4w8Yhy_zfFphK1JAaNOg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 23400
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:57 GMT
server: UploadServer
x-timer: S1708127620.754591,VS0,VE0
etag: "4a0c7e79ac2f009f12f9106482c961c4"
x-goog-generation: 1673991777120718
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=a9fAaA==, md5=Sgx+eawvAJ8S+RBkgslhxA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 23400
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7155

GET
H2 200 cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 23 KB
24 KB 32ms
32ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 19 Sep 2024 06:06:50 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2740884
x-guploader-uploadid: ADPycdvjnwFyC6eFnuYkkFRW2_rpd7GuACwTEOioJersnwSLwJo_yZ4wCC6UtvarizDgS7m0jOQPItKuq7cE9p4_C6hzXNnuG_YO
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24028
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1708127620.754593,VS0,VE0
etag: "cdfa0ec29cca8c2d2f54c79d898e15c1"
x-goog-generation: 1673991775386814
x-goog-hash: crc32c=2JQyuQ==, md5=zfoOwpzKjC0vVMediY4VwQ==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 24028
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 34ms
34ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 02 Feb 2024 05:47:22 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 6358496
x-guploader-uploadid: ADPycdv8Ik7vrwmNdrfGdni3kuP3esm32D1DaJUv25B1nNrhXW_Ftx0T_Te11gGs6sAjJvMjvx2HBxVSXvR-iZa3jOuPKw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1708127620.754717,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1673991775015704
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26448
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 42761

GET
H2 200 franklin-normal-700.woff
g1.nyt.com/fonts/family/franklin/ 26 KB
27 KB 36ms
34ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

640a9138e66deb5b745997e8dbe0be6e4c32d82da5710f9cea8afb0bee2f3bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 28 Aug 2024 06:12:30 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2033680
x-guploader-uploadid: ADPycdub6POGF5SG8XBhowhvNuKg_G7Jck60Kezu2NVEsEa9gbbijPzyCmm-QQqtrHghDuEybLlo17iV-tl8wYESpm70qg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27032
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127620.756562,VS0,VE0
etag: "ab057a3b069a4ecbde7c3ea74411284e"
x-goog-generation: 1673991776263300
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Rh/wYQ==, md5=qwV6OwaaTsvefD6nRBEoTg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27032
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 85

GET
H2 200 franklin-normal-400.woff
g1.nyt.com/fonts/family/franklin/ 35 KB
35 KB 43ms
41ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-400.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a742a2af7c3bd1cab7c1cd0bddb1026dba2abb8c0b80f14c881a034854db962b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 08 Aug 2024 07:58:37 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1526948
x-guploader-uploadid: ADPycdteUSW9N3sRD7ZaX1_vGDcKA0WD9keLAV93a0FkTap06UzDdEyQeDCvOj4F1D8DoAVZGLHHC1donm7W8KNFR4sw8xP_LUN2
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35764
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1708127620.757016,VS0,VE0
etag: "a4bfea3a5c7e7e577c2bcdcd61321eaa"
x-goog-generation: 1650460180560561
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=STMqMg==, md5=pL/qOlx+fld8K83NYTIeqg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 35764
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 80

GET
H2 200 imperial-normal-400.woff
g1.nyt.com/fonts/family/imperial/ 33 KB
33 KB 37ms
36ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2ded6ccf52893dda8d7ff261b54805bf7a6d9a225d44ceca138c4295c57d742d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 22 Aug 2024 08:06:30 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 361052
x-guploader-uploadid: ADPycdvwrgTtQdiWA_zJ7qjHxLzJIrq3ychUF6sksSHFf2jbVi50FitgwWzb4lZVLZO73K6cEGRQ4XcPLc12WO-HfdQKLiFTvd0M
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 33744
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127620.757019,VS0,VE0
etag: "910963d6a159124b2f1ba07ad3f87e00"
x-goog-generation: 1673991776747903
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ieCt7A==, md5=kQlj1qFZEksvG6B60/h+AA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 33744
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 68

GET
H2 200 imperial-normal-700.woff
g1.nyt.com/fonts/family/imperial/ 32 KB
32 KB 41ms
40ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a79b0d41335a1e325af898d3d59f0a69cc6e2098b8aa73ed1b185865c8c31914

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 16 Oct 2024 11:30:22 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2743748
x-guploader-uploadid: ABPtcPpXkrRWkatXWw8db5mYHCeH-Hg4PPPJjaCA65Mf8jLBZEP6SJAJPKsdDw7cGL1OrEkEghXAvyHEfOwRDcLpsoBCWjvoJxFj
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 32652
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127620.757016,VS0,VE0
etag: "53b85cb8b3e80c7a993ba8021fe74a51"
x-goog-generation: 1673991776807707
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=IVcNLg==, md5=U7hcuLPoDHqZO6gCH+dKUQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 32652
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 70

GET
H2 200 franklin-normal-300.woff
g1.nyt.com/fonts/family/franklin/ 26 KB
27 KB 36ms
35ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

985aac7d49c194276a9409a009e38ec2c82f3f607c26b9358b23d48ed004c284

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 17 Jul 2024 09:44:03 GMT
date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2137039
x-guploader-uploadid: ADPycdtCx5zJDnR2wYZLsFwWmbWmygF4GoWWqeyAkvr1x0-wxLU_hWZGNijd5UplndWVRrHOfc9XpC2cIR_HPQvUBMFXbIrMklQY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26864
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127620.756966,VS0,VE0
etag: "fe2bd94ddc6ab147c15e7a4f748b4a9e"
x-goog-generation: 1673991776219559
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=0YQkag==, md5=/ivZTdxqsUfBXnpPdItKng==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26864
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 64

GET
H3 200 vendor-e8b61fe9fc86398d03f4.js Show response
s3.pardad-trading.com/vi-assets/static-assets/ 258 KB
74 KB 538ms
537ms Script
application/javascript 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/vendor-e8b61fe9fc86398d03f4.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dca6cb4eddb8011fd900ed609b91b1a4f372aa00201c2e97bfd4474564371478

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPrzgAXkHT3NGDcZh_ZL0JGJBD_mDoQqIjmG1605bk-Jy33hC4j5BXVGm2e7DspPfpiTPKlBqQuCIA
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-01-31 15:26:44 UTC
x-served-by: cache-fra-etou8220045-FRA
x-timer: S1708127620.055493,VS0,VE1
etag: W/"bf562f579e3343e355a3995d9d36597b"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1706293006175656
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-e8b61fe9fc86398d03f4.js
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 18368
expires: Thu, 30 Jan 2025 14:37:28 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Jan 2024 14:35:16 GMT
server: cloudflare
x-goog-hash: crc32c=Nlyosw==, md5=v1YvV54zQ+NVo5ldnTZZew==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FPwBUKKfKgR5r5B%2BjyFQJyaLhjvRwx%2B1VRo6ee3NKrlVDZGN0mXhTkZw5oU%2BAwDvqNJN0LUW4sgdXMLOwR9CjFAJxNhVLLKODP6epqrjTRSxQDmydeNBAd6xyPKXEzNkOVY17H8CMM%2F8ZugILyYPpQnvZo%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 264259
permissions-policy: browsing-topics=()
cf-ray: 8569b617dfc1da77-MIA

GET
H3 200 home-b932474fff5d9c2aea8d.js Show response
s3.pardad-trading.com/vi-assets/static-assets/ 1 MB
277 KB 539ms
537ms Script
application/javascript 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/home-b932474fff5d9c2aea8d.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de7410d31f6225b3e8b4bc2a303909303618b23683740fcb2bc847c910cd3e79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-amz-request-id: N64R9YGB6S7DBN1E
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-02-16 17:30:05 UTC
x-served-by: cache-lga21936-LGA, cache-fra-etou8220131-FRA
x-timer: S1708127620.054109,VS0,VE2
etag: W/"548ad236dec32bbb4e094bc5f8dde2d4"
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/home-b932474fff5d9c2aea8d.js
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 9, 1
date: Fri, 16 Feb 2024 23:53:40 GMT
x-amz-version-id: MKh6B7P9.xfTvYEs24mCuEfnGzcTVsaW
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-F-X
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-amz-id-2: fXv3vx1DLgHRTVAYosUQbLrJZTlKpJStTL5AEtzQU+1mqu1rLuLpjrM2C0z5JyOOtu/upxBFimQ=
last-modified: Fri, 16 Feb 2024 17:27:51 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMps%2FWnMNfL6G3BC3mPoBPSLhbOFobwbknKQ6FR%2BLrtWn%2F5YkatPtn0nhDyop2ODcdeYiWaUa4w63wE3wUl6BbA5RTyE91rUdiIxp%2Blz48VlrVYiNsHWMG2d5%2FxlV%2FHsANdX70DMk2OLC4QG69UjFhKeg7w%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
permissions-policy: browsing-topics=()
cf-ray: 8569b617dfc5da77-MIA

GET
H3 200 desktopLogoNav-6f959d5094ea4b8c806e.js Show response
s3.pardad-trading.com/vi-assets/static-assets/ 1 KB
2 KB 331ms
329ms Script
application/javascript 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/desktopLogoNav-6f959d5094ea4b8c806e.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de9e0de16743ce5453503ea556a0a9d39b834ff4b765aa1161621e840cdf4715

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-guploader-uploadid: ABPtcPrVDWoA2qNeXph20noHnUFO1LF_AvOJovQx_l8GWZjI8qT57t110fQ02MYyW-9mbOO9Gw
x-nyt-mktg-group: group4
x-goog-stored-content-encoding: identity
x-origin-time: 2024-02-12 20:45:24 UTC
x-served-by: cache-lga21973-LGA, cache-fra-etou8220041-FRA
x-timer: S1708127620.052077,VS0,VE1
etag: W/"dff6296bdf9c53e7f90337d6ea2c7957"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1706198649924839
content-type: application/javascript
x-frame-options: DENY
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/desktopLogoNav-6f959d5094ea4b8c806e.js
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 19612, 615
expires: Thu, 30 Jan 2025 15:18:01 GMT
date: Fri, 16 Feb 2024 23:53:40 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-F-X
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 31 Jan 2024 15:11:56 GMT
server: cloudflare
x-goog-hash: crc32c=mfyctQ==, md5=3/Ypa9+cU+f5AzfW6ix5Vw==
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ac9rcO7D9pC%2B5b4JMwf1abU%2B77ZbTHTq02IX2v5kwbDHYOb2e96tlaXOB7v9pXuB%2BA86iAGqHNZdGKSJ0WpLOebxPLgBx8CYKrcg2e6q3I%2FriobyNYjEznZdTimGizDV4X46qm%2BnMk3A3qhI6wZVNX52ZHw%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
x-goog-stored-content-length: 1488
permissions-policy: browsing-topics=()
cf-ray: 8569b617dfc8da77-MIA

GET
H3 200 nestedNav-5a7615d75a81d56c4d78.js Show response
s3.pardad-trading.com/vi-assets/static-assets/ 101 KB
13 KB 491ms
489ms Script
application/javascript 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/nestedNav-5a7615d75a81d56c4d78.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

866dec1b8c54b367961beada053c99d6f73e4d030dee6d2defd4f60fc0bf548e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-amz-request-id: ZYYQEM8SAVPSD9H6
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-02-15 20:51:55 UTC
x-served-by: cache-lga21945-LGA, cache-fra-etou8220129-FRA
x-timer: S1708127620.057389,VS0,VE1
etag: W/"076cacbc8efa8d6396f3edb82af981d2"
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/nestedNav-5a7615d75a81d56c4d78.js
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 18, 637
date: Fri, 16 Feb 2024 23:53:40 GMT
x-amz-version-id: HxbaJR9OiQTSGEv0DIc.yDW14pIo5S5a
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-F-X
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IViwHcH24Wsw2F8sZnsvHtUA2qapo4cwR+S2tffzIyxoX3qK9CT9hvB4pK0WM3+hXna6rO5p3Lc=
last-modified: Thu, 15 Feb 2024 20:45:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GU%2BRP3%2Fm7SUVw8ad%2BzcmFBRrbeOGo7HxIzQpuOF7B5HE91SypEu2qtmnJqXysx3HIdjMEb0XF5VwX2SIbBEx1dCm%2BtQiLHPUawHZ%2FFHCIC4Zh1OT%2B%2F3FCist3pHvRrnPf3GeKZPfCSFmoP0leLPGhnBEzp0%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
permissions-policy: browsing-topics=()
cf-ray: 8569b617dfcada77-MIA

GET
H3 200 main-1ae925d873842dc05e23.js Show response
s3.pardad-trading.com/vi-assets/static-assets/ 2 MB
551 KB 4001ms
4000ms Script
application/javascript 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/main-1ae925d873842dc05e23.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

582271ab44e600ff98c4864b742cc59b58bd4d05ff973d437aa7676c967e709f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-amz-request-id: Y3CMB8JP4SFXZ41Z
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-02-15 22:11:35 UTC
x-served-by: cache-lga21948-LGA, cache-fra-etou8220057-FRA
x-timer: S1708127624.536858,VS0,VE2
etag: W/"7918d07d333fc7ca0eef83baad71f054"
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-1ae925d873842dc05e23.js
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 5, 1
date: Fri, 16 Feb 2024 23:53:43 GMT
x-amz-version-id: idPz5gd3N3PWGYf56HXuL0WIkdrDYJ.d
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-F-X
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-amz-id-2: FstEj8PVKpQ26Z6iz2Nu1iCUfs/AXlBqiVer4Le1zVIBXs70c4OMr2r0auPORX3RdvKNotAqIEa9/2VMRZmH+Q==
last-modified: Thu, 15 Feb 2024 22:05:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMfQos1jOlt%2FM8QeuaZYQFwPthxAPaLegmeiN0DiYZ4Dpmve0dNGne%2BAwSaXke4wXSC5glMEXu00t8hsfn3CemSHoccerChM4FAgQW%2BpNGIYrR8IALqGdmHA6ZTKVfrVAXp89RrzOrQgnZ3k8QrPRV6AjBc%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
permissions-policy: browsing-topics=()
cf-ray: 8569b617dfcbda77-MIA

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 225ms
76ms Script
application/javascript 2600:141b:1c00:239e::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:1c00:239e::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:39 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Sat, 06 Jan 2024 04:25:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 451 KB
123 KB 225ms
82ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c08bc6659261089e2775d7b93bbe0c826b9c8403bbbb9e45a8a4c0e514f99ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125871
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame 1BA6 238 KB
77 KB 78ms
74ms Script
text/javascript 2600:9000:2511:4000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:4000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 566e55891061ccfbd69982d4ee1d498867708ffc198fe7ca24ccc99d58684cb7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:35:27 GMT
x-amz-version-id: 86XYE9VZWTE0BmnCq77pRKxjDFCFElpM
content-encoding: br
via: 1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 1093
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 16 Feb 2024 23:23:19 GMT
server: AmazonS3
etag: W/"0d95a716028a2d18d070aec2bca022f3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: bq0iknf4ZXVRVns_1EOQ4WU_l7EPQIHK7vT0s2qPxis5SRFd3h-T9Q==

GET
H2 200 3030 Show response
config.aps.amazon-adsystem.com/configs/ 532 B
799 B 201ms
59ms Script
application/javascript 18.173.132.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3030
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-21.jfk52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 577daca611b9ae7cc68fd26e230bd20d1f5659998cf988fccab9eb17bf7bd1fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:50:53 GMT
via: 1.1 0bec03027031f991ae9cc48b95f1b35c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK52-P2
age: 167
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 532
x-amz-cf-id: 3zkxF18yR4uuAKWzmY0swxfoxJyCQI3sNvVj-0rsLyWzXQWSCtXxYg==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 76ms
75ms XHR
text/plain 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fs3.pardad-trading.com
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: PBoyB8OjiqHn1L97lIW_BzoiqIQDY5AU0RlCTvnYj_2EhE3FUVXMFA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 204ms
83ms XHR
application/javascript 108.138.115.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.115.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-115-149.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:41 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 410372c9ac35ccad4a4fd5dbf80c9f38.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: k-70URKvNaLYizesm1Km1QAZAS1joG-B6YkM8NgfOEWWQtG6DyreRg==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
402 B 200ms
76ms XHR
text/javascript 18.164.92.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fs3.pardad-trading.com%2F&pid=blFwUoe1I05TU&cb=0&ws=1600x1200&v=24.206.2351&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&sm=52397c47-6ab8-405f-9236-740bf16799ca&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.92.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-92-122.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:39 GMT
via: 1.1 5af2699243b550d789ef9dce0b522ed2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://s3.pardad-trading.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: aNlzY5Kjoj-CajYq9RINW6W48YqeOmArx1VB1T7H4x2qj7QIiwsSHg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 231ms
96ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5c7cddb6992e0cf8ad0d1ee0816b9ddf4052766a4117a28a3960f529d22cd86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29175
x-xss-protection: 0
server: cafe
etag: 751 / 19769 / 31081208 / config-hash: 11148296534494914191
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 23:53:40 GMT

GET
H/1.1 403
Forbidden config.json Show response
c.go-mpulse.net/api/ 114 B
393 B 234ms
89ms XHR
application/json 2600:141b:1c00:991::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=s3.pardad-trading.com&t=5693759&v=1.720.0&sl=0&si=898e5dd4-22a8-4c60-8280-cd414bb83b36-s8z3pf&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:1c00:991::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7a905d4591de7626a94a888326be987c8e7cd2f6fa1214ada8ac083a4b862a98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 16 Feb 2024 23:53:40 GMT
Cache-Control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 114
Content-Type: application/json

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/ 428 KB
135 KB 73ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081208

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb5e8eef5efe4f00b4a4bb3df651d1418ecf8072ec98393dd773454f814f477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 693
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137909
x-xss-protection: 0
server: cafe
etag: 11310070000413636408
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 15 Feb 2025 23:42:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 66 B
79 B 211ms
84ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=s3.pardad-trading.com

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8757f6bdce85810dccd86c70096aa15e596386c246a7819e3182346b253241b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55
x-xss-protection: 0
expires: Fri, 16 Feb 2024 23:53:40 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 484ms
483ms XHR
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3299966581632958&correlator=637173629035547&eid=31079957%2C31081226%2C31079240%2C31081208&output=ldjh&gdfp_req=1&vrg=202402140101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708127620516&lmt=1708127613&adxs=0&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fs3.pardad-trading.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1462517200.1708127621&ga_sid=1708127621&ga_hid=1948220387&ga_fc=false&dlt=1708127619117&idt=1356&prev_scp=div%3Ddfp-ad-top%26pos%3Dtop%26amznbid%3D2%26amznp%3D2%26request_time%3D1547&cust_params=als_test_clientside%3Dreqfailed_reqfailed_reqfailed_20240216135339%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3D%26sov%3D2%26page_view_id%3DOiyYUgBY_6wQCgNJRtdSgojt%26vp%3Dlarge%26uap%3Dbrowser&adks=2496155832&frm=20

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dde90ebdfc76ccb5ecccc016ad9e5bc96114e32fc6339dc231fbe44bb3a38c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9874
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48A5 6 KB
3 KB 220ms
77ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402140101/pubads_impl.js?cb=31081208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s3.pardad-trading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:53:40 GMT
expires: Sat, 15 Feb 2025 23:53:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 226ms
89ms Fetch 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://s3.pardad-trading.com
date: Fri, 16 Feb 2024 23:53:41 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
712 B 218ms
70ms Fetch
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
an-x-request-uuid: 04c39245-5f50-4bae-8ee5-7c27cb30c75f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.74; 38.132.118.74; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
670 B 162ms
91ms Fetch
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=995821
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12a926c240c96cbacb470bee74292212b03a1c43ceee77aeefbbc5ae579c0e0a

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIh5pNv5Kd%2FjiEQ9NB8AoEiKQvSypsFTT6fzpUpIhpRAGpWWm1ee0RsQugUb2VYjTRhn8ng8jwX7xTbHiBGM5pY353QHHhqy%2FnJL40ZhSZDSGalbyE2VXyJrEZ2aNk170nbgcTPt"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 8569b61f7efd09d6-MIA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 334 B
648 B 167ms
98ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 21f3ae79c2fc30acb895a1b39fc7bdef8f6c2a426221181949f04fca836ab8c6

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:40 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 50
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Feb 2024 23:53:41 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
344 B 158ms
87ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 8b3353c94bbef2e39f1553d70d7bfef002992de5611f1d6cdca16b0f6b8256a4

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 16 Feb 2024 23:53:41 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://s3.pardad-trading.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
668 B 193ms
58ms Fetch
application/json 54.152.40.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.25.0&referrer=https%3A%2F%2Fs3.pardad-trading.com%2F&tmax=10000

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.152.40.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-152-40-140.compute-1.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
accept-ch: sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model
x-auction-status: 3, 3, 3, 3, 3
content-type: application/json; charset=utf-8
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
receive-cookie-deprecation: 1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 448 B
798 B 218ms
64ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fs3.pardad-trading.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=s3.pardad-trading.com&tg_i.page=https%3A%2F%2Fs3.pardad-trading.com%2F&tg_i.invCode=nyt_home_top&tg_i.pbadslot=%2F29390238%2Fnyt%2Fhomepage&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=38abf5f3be1fbf8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F29390238%2Fnyt%2Fhomepage&m_ch_mobile=%3F0&slots=1&rand=0.6197170531206027
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2a8518a77b008a6c0a9e16b7736058745205557a04b8301f24437b9dc6f3d63d

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 448
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 432 B
960 B 216ms
62ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fs3.pardad-trading.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=s3.pardad-trading.com&tg_i.page=https%3A%2F%2Fs3.pardad-trading.com%2F&tg_i.invCode=nyt_home_mid1&tg_i.pbadslot=dfp-ad-mid1&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=3992880aefc3826&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.908437704212927
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a3024aade119b2b7ba1a34ca5bec9c6c51b7fbeebd92d50627692a7ca6ce155a

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 432
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 432 B
782 B 216ms
68ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fs3.pardad-trading.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=s3.pardad-trading.com&tg_i.page=https%3A%2F%2Fs3.pardad-trading.com%2F&tg_i.invCode=nyt_home_mid2&tg_i.pbadslot=dfp-ad-mid2&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=407a87c887f45a9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.7030960050555841
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a4a061d70f2bd491690c7747089ed0ec49b8cd9a06cff94f9f31658214a5547e

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 432
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 432 B
783 B 213ms
65ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fs3.pardad-trading.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=s3.pardad-trading.com&tg_i.page=https%3A%2F%2Fs3.pardad-trading.com%2F&tg_i.invCode=nyt_home_mid3&tg_i.pbadslot=dfp-ad-mid3&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=414e7fbf4ce0127&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.06592837514794136
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3fb755d89de8cad5b50e4838f2291dbc0c472cbe037bb68b19b19b6825af404b

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 432
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 436 B
786 B 231ms
83ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088374&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fs3.pardad-trading.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=s3.pardad-trading.com&tg_i.page=https%3A%2F%2Fs3.pardad-trading.com%2F&tg_i.invCode=nyt_home_bottom&tg_i.pbadslot=dfp-ad-bottom&tk_flint=pbjs_lite_v8.25.0&l_pb_bid_id=42bd2c9713a9f56&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&m_ch_mobile=%3F0&slots=1&rand=0.5088601267676638
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 15f958de8a4e7d9ad46450991efe4d0248f5f2e865e4956b8ff14b6e907bbe9c

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://s3.pardad-trading.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 436
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 container.html Show response
be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7FD0 6 KB
3 KB 66ms
63ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s3.pardad-trading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:53:40 GMT
expires: Sat, 15 Feb 2025 23:53:40 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame 7FD0 238 KB
77 KB 71ms
71ms Script
text/javascript 2600:9000:2511:4000:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:4000:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 566e55891061ccfbd69982d4ee1d498867708ffc198fe7ca24ccc99d58684cb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:35:27 GMT
x-amz-version-id: 86XYE9VZWTE0BmnCq77pRKxjDFCFElpM
content-encoding: br
via: 1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 1095
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 16 Feb 2024 23:23:19 GMT
server: AmazonS3
etag: W/"0d95a716028a2d18d070aec2bca022f3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin: *
x-amz-cf-id: VOaIl9Ka0f2it5ZGHKEyNYrQl_SztYnkvdiMF7GOUGQlNhu_z-xkDw==

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7209 624 B
826 B 225ms
91ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhizwJn9ATAB&v=APEucNXl70OFElHnzFg6Fqx012QIIMUGJRgIf5I2UjIDEHyJq6eN8hL_FnwqBBPH48jk3w3SOf2EbHlBU2CkdT3KqVcMaROU8w

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:53:41 GMT
expires: Fri, 16 Feb 2024 23:53:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7FD0 93 KB
33 KB 305ms
170ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 23:53:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7FD0 3 KB
1 KB 204ms
69ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 7FD0 20 KB
8 KB 196ms
61ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 17:11:49 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7FD0 204 KB
62 KB 195ms
61ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:17:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Feb 2024 00:17:03 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FD0 42 B
173 B 303ms
170ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cd2ocnlhNrE56mO6E3_008M50abxU80-pTMN6KVA09p1FbTMeAMSLXoB0djbfCGE7MjuWs7BkS4XqypQ_RIQvy_qk_tqnOfkgTcXXmdnbEEfoqFLI

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7209
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfTK54BOs4WejRFO8Ysxsk&google_cver=1

43 B
769 B

77ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfTK54BOs4WejRFO8Ysxsk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhizwJn9ATAB&v=APEucNXl70OFElHnzFg6Fqx012QIIMUGJRgIf5I2UjIDEHyJq6eN8hL_FnwqBBPH48jk3w3SOf2EbHlBU2CkdT3KqVcMaROU8w
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxUZFqODid2Y0MJ19c9gzKHgYP%2F2i8y9YR79%2Bd8p9VYnatSRDUJzL2n4PxWKpNNB8kDFo77dFv2hE9O8QGOoCHzA3EcdR4C6ptLcHMkxoMcH3w81b%2BNmOjrVFcSJX3fVoS%2BId6XsnLQJiw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8569b624cba709ce-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfTK54BOs4WejRFO8Ysxsk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7209
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zc-1hdHM5EgAAA1lAAMsngAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfTK54BOs4WejRFO8Ysxsk&google_cver=1

43 B
734 B

91ms
90ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfTK54BOs4WejRFO8Ysxsk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhizwJn9ATAB&v=APEucNXl70OFElHnzFg6Fqx012QIIMUGJRgIf5I2UjIDEHyJq6eN8hL_FnwqBBPH48jk3w3SOf2EbHlBU2CkdT3KqVcMaROU8w
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPF5PiT9cHtsWmwYgctIqnehMzHAsAr%2FpuWCwYLMwlGQBmhLokUWwFcg78v7bR65qQSZgPRiVt3DzaCn70%2FGLTO26Sdk2NzwhdLx%2Fj9FHECS4ONEB42Jm%2BiEOAUie%2BekoRkvk3ClpH8YAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8569b624cba409ce-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfTK54BOs4WejRFO8Ysxsk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7209
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIQ8Sm4TMd6lL789w7Z4fX4&google_cver=1

43 B
1 KB

84ms
81ms

Image
image/gif

68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIQ8Sm4TMd6lL789w7Z4fX4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhizwJn9ATAB&v=APEucNXl70OFElHnzFg6Fqx012QIIMUGJRgIf5I2UjIDEHyJq6eN8hL_FnwqBBPH48jk3w3SOf2EbHlBU2CkdT3KqVcMaROU8w

Protocol

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
an-x-request-uuid: 71173b01-0938-4ef1-9c89-3d99dee1019e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.74; 38.132.118.74; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIQ8Sm4TMd6lL789w7Z4fX4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7209
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc3OTg1OTg1NzA4OTk0ODU1

170 B
243 B

188ms
77ms

Image
image/png

142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc3OTg1OTg1NzA4OTk0ODU1

Requested by

Protocol

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
an-x-request-uuid: e2f740f4-4cd4-4c2a-9597-fa9f137c6fec
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc3OTg1OTg1NzA4OTk0ODU1
x-proxy-origin: 38.132.118.74; 38.132.118.74; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FD0 0
58 B 94ms
94ms Ping
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2989959039868&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FD0 0
56 B 93ms
93ms Ping
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2989959039868&version=m202401290101&ct=119&x=1&cor=12213947020176814000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7FD0 93 KB
39 KB 111ms
107ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNIzkP6LCqfQ10OotHQHpuXhbTRBJXJ3udLTDxUWQE66y9fno4TC1mvBY891WI815yM0rty2mxdCLBbo0ybvP8sn3kfkf_Q2ozAdNY9vBDGvGWVDRJ4EuZdvC01vdPgANxHDtCkc2A5cQCmX-Yb6DnsNgAGi7qxjDfSuQrNkYs-wE5Zbxb2OuaxKB4YYdGBAF_2yQM&cry=1&dbm_d=AKAmf-DzeBndj10pftO3RrY-l-UdNN4YQ3C0ktUyRniH5_HnC-dc-NpU9Dta_s3fhYLPnNaFsmCw91XmeoNFuI55OeIX3KgZ2nEQKvOxcNsg77i3Vk9RZ759OQVewlGYYYS_4ardw6FoJ7meBny8tH5jVoYtAQfMhr645y3Uau0MiqOVsGILeLGXbGkjgWGxQnR-fAenVaAFzrq2HYv9Gxyije2VL7gCkNIThekK93geaBue2fz0L7WsXAadNGVXjlOzXR5ai1xXjAxmwX0YgLPncRQp_KZEt6uWWypkXPafSrjQvBeLwcYPpzdtGK6pxJJ5dZS7OovnzQPnAD_XUZh4t0pctd0lSpO-3AAM9NcX6hxrm9nrn2qyEgnOhqytzRmnUjvI9PcszxP3ACynDI7ZDB0vnnBHItftMY4Q3kXANmPEfkJvd2jX-R7BafIVqo5_FcYUs0CuXrS1s3jHTCPsb0iKoXxQ7ppCMFZ2J0dyz7ywgkdmeJ0kmBGI3bx_rioK3PjQ62N9YJ3LAVToyJZJ8qrktn4ZuFK9v7uGHhx0VnmZNdPv2bW8fh0_VYNbVj76mXN9j_wPN9itlamMgncsQ0uwbYkB6Ur2j74O5Y0-UsRPyUGcJqHm2-nKCWLnj0JLvOtGY-Xf2TLjv5jXXC4udxieqPtFAhNgQ_MAtiLmJbBANnd3gKFt3x-uwtvHyfYtnveMXUp25RYZAmVNSihC7NrCCQPven6_gVMItArP1KchyNRaUockZ4vMndQqawM2z8CT6hfCYDwUEh1XpEpWPmlpIKagfiEGHCf7Uh8DB4TyTvM3jBQFvcPWVtg5SOTKmDKiouZVVCNb1X3ED5EX-bkev4AUJPChK81RWQH4BNL7a3HpaZ8HwhYQfhxoe4PK1JT6FOctJIFxgeOncy2KKxA1viHWetEIvRzXouSGjzvlHdlXxbzA6DEwvY4PL5C7qbAp839-tX3spxjEGpJZw_bhYDOXJlf3wCexh_TElbYT1ELGWari9GfmhzRzz0x7WbQON8SYjoZJgyeAnJRxNJkSNO2HwMdsfzB8r0RXcB0kvNq_wKqApyCY0RRqQN_OF_CjK5MY9eFcqsR70pHgftdoL9trmZbH1JLteu7UrISuhYmF5UsTMztxD9EcMIDmEprlmut_1YYUDLXxfGNinLq0HKH36sWWUwCRn6qD9l4DPuxVn2fD_xaCCnpo3S5lBDIBwyxRzzSzB1aIT1BqWI2RXhB5U5jNw-aLZfs8u2mMFDv_ptnjlBCVthj5bpUsWdwVdXqY0H5Ia1vDLV3IPTgmoeBTx5EIebUO7G8azrnpvDgcYb3BP1euudIjVWXEozkFtd8h6In3BtOMbGhAdRXD33WnA3RZvTYZaaTbVpQmjrvbyvX9duMr1PL4QnY8MXdGZQJ8vTqXZdOdvdKtVNsTaQDNOQCkPyDM-_urw_0reV4ccGNK5HWN-cfUGDtMv22qEpeqUmW0LXlx71BMD5Ylsdu7AUlmv9m0-taywhoBBjjjr-ZeWEQZCWYZhvQqMtZybDbqkVQVAk51ybSjOPfrLxbSZSoddAuSiMDbdXe2Uh3_jmGNEd6VxfjhTqY9wZrSz50owLiVG9qzODUZM0QrJPll9H9YXuU0NH07SxDbYhrLS9CEcz9bBOrx59EMjc2G4JOqzprKm6dnvd-9-1iZo16VJc7m2hA8uTTmd49PU-3X_TDZ-PV5pGOYQsDO1r-AIGji8XwVQkKh8bzKXyf5bizz1q4olIERIIfgRGtrjeB2xJUDEvk7CYeLcVEiEtyVj1NsLUNq2300mfUKblcFPmk3xYcN8Sbsn1NKqg7gbsKwHdHSUVDO0Q_kL1GF-IeVTy31Z-ZaCo2p8QfYdVRYZdza93Q5hJraWBduIqm2dnq0ssDNKu-icBY_8xB9zo5GjWXjVLVId9GK4ZribHtYzMKHtjNYlmNv6o1YrxBR-qIdbhns9nk_zWmRNZNYZugimB-NwnK2Y3d1a4fgMn0w5FJDpIFB0YQVqiDEBfdx0XaPYdF-0A7YqAaMxDWEjttJ-stJaFK10KtPCbPsjeQG7BSl8du1Co1ljgucKSHQnsld8LRmDQ-6qVA3Rg1MbVinHcWgpwHazw_1XnMfeOpmxeZ5ZrOn1zdv2mWtzaqoBMzyMyql_gK42mbwJK1F56mngaUlbPpJC9oIo0ZQBwIK1UyzW4oeS1Lmj0uK0UbspPyathcGrfRUS55TqN_9MQIvC25IWoo05qg_0-TFvvKJeX3iAB0BT62GrHZshs-8zL3Hdaws-YlVxZFMMMBMLpXsNmTr0Z97nPCBsKJ7hax9eSQSS9nR1QidpDR9fYmUsu7VndiiQsgYzc7oOvu2SZx2KZvCpeguSS7ZfGnvP5riCTIzdKfXR1b5sVrj0lA3AbHkoZ7NDEbR99qa-lflU__ReDmyiEpior0-ayVJKkgJfysfn5b4LmGrZ3wiIgMsJYFO45s7bCPvnJ55PN3ElTUHBgoDzUFY226Knjg-K-S0KnWMCFg1pjNkOgbzzrQz8T4AzPspCWfju461C4BauOJe0vPiNDd8EkASuP88tZ4qK7CexvxWe0vGrx2AyLsYeSzTn96QHunBzdGT-lq8l70zd9Pfw81irEwjOqiHTLS1j2_EOv1MGLdZRrNTuNcXT9ZNO-2YBJEqF1QflnvedzbQecaLlk1wWpnCWRJwmw3eCcPqXNanYNgcRkvVd-CoiRG8aGtEVxr7D5ltTbbtefxyOUKaqAKNd3s50KaZHlrAJNzB03niEZZWPcmEEWh0ddXjFNX4O7CQ5R8R6T2Q88Ky57uf8xtfbb0__0QjUhMmNz1gmc4Y33Dbh9hww9UWVYgNukzazqom0hBOi5n0XQRD_b3SrRvOyNhYksr7596-7mB8XoIOup5eQvD1FGd35mxSGKM3jrKOYVdBGGckQHoTP5Y50fUM3WqeOtlFgLaaZMb-ElZyAlT-iUyUX92m_xOfyDi1yQFBwTWdMdsx6kRENMLdiqzKpQ2yigcqugOU-6qrKBL9dWcFuaIKGN4vfmcWYqoWq1cu8hXoxj2F7SYadombSUUYumtAPv0G0b8Dn-LFQ5ZFPYvQ2MfLiU9cFp26eatbw5dx0W3wkc254kvjzFyuFX18ebhlS05dhI9kaofscCiYF-eXhrFbrAgDW2pTGGpg0zPebwrbYjS_u7a75Zsl7JHCW49SYZni83Q9bb2E9tyBu-Nz0MsJraDOt3ObHBb3GTTBqpDlxHxkoLnPQugeu8buaigKEtJg7iNR6JaUHUYq9qeKQv2KEWH6mSEQutRjKXsxBmVhxuY33xwHWG6hMa0nF59XiXyO9J23TIy1Su1QpcVtXOJEP6uPNR0OJ2DVVKQHedfyG4QrRIdzIiYl-ZBFgGLRIqYzMcEOr9gwx_itQ44Yfxvn0ieCtvkWqz3NCs7ZvUthexiJ9Uvt8xnpqmI8Defq5nQSCjr79CVpgVIh6_Bw2bv1pfN3FDZR5-TxU6x4Z6GNxLX8_RF-F5aWLZDVKKj4bxSPWSTOumubdW8fizcYLLNZO0suSlokdSccRoYb3cEO3QiwUMLRQXGNlRQm8X0BmWd743xyhV4Le7-zMyKqVsP8E3pgrSg_UAF3AmIb9ly-6P7yKGfc1LFVy_6gU6QjOzmlBS075mt6L7PQYsPGeAPECCvZ2mn0CYPubHLWDWNj-TS7URKN-tX1XIBw_ylaZYfGjoZGyce7HbC_DckZpAkNcnLvmuGXHvPNnmy90jvU_Cc1lXIqpUmxqap3neuTiKKyhHMfbdNQgASCjpNmo-c71UupvYrE9TNNozhtp0Z9yo802IVDPdYb6zdnQyUTWFItNKDKXP5szjZ6pL7oMF7QgkvfcxJerEII-wZ0bm-hfDEAIIEJ8X9P&cid=CAQSTgAvHhf_M7vSV1JHDqfjEcUSYaNGH1L2Qh1rG8YPJ7Cc90As2fsnzf-HQMnjK_7y9sZdgcBDj9UKwDShxKpD_H3FB2-f2tmm6cfMv2j6eBgB&dv3_ver=m202401290101&rfl=https%3A%2F%2Fs3.pardad-trading.com%2F&ds=l&xdt=1&iif=1&cor=12213947020176814000&adk=2923430906&idt=340&cac=0&dtd=16

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca8f9fcd91869d8dd034dd0bf198fea7200f1fb83025d4f597a963878a35eb0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39352
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7FD0 172 KB
61 KB 206ms
63ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
Origin: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11333
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 20:44:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/ Frame 7FD0 12 KB
4 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/elements/html/omrhp.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:59:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 7FD0 30 KB
11 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 16:59:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24870
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11551
x-xss-protection: 0
server: cafe
etag: 12710720872123804752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Mar 2024 16:59:11 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7FD0 41 KB
14 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Feb 2025 17:12:12 GMT

GET
DATA 200
OK truncated
/ Frame 7FD0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91d37ec009efbb7a2154cc2ac274079ca119744e92aca0cec9620a2e4b1544de

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 init Show response
gw.geoedge.be/api/ Frame 7FD0 0
216 B 257ms
84ms XHR
text/plain 2600:9000:210b:9400:10:43f:4352:ad61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:9400:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 16 Feb 2024 23:53:42 GMT
via: 1.1 0a41fb8a1e6869f7cc14f05241a462fa.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
content-length: 0
x-amz-cf-id: mN-2hKVRav4zqBBwSS91fZQMOX2tBHi-a1VcjDoaDQ3FtTR6Psn2Hw==
x-cache: Miss from cloudfront

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B68C 38 KB
13 KB 65ms
64ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 73917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 03:21:44 GMT
expires: Sat, 15 Feb 2025 03:21:44 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame B68C 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/18084140897926277244/ Frame E50E 87 KB
22 KB 201ms
76ms Document
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6363d303f406249bb62751e517e8a0c94bb17993cfaeac3e8433f7caddba09cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:53:42 GMT
expires: Sat, 15 Feb 2025 23:53:42 GMT
last-modified: Mon, 06 Nov 2023 23:55:49 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7FD0 0
0 276ms
133ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvksbvi8Zr8yDPwB8m0SkCX-unAoQIh2XfNHmEItQdbQUheM4Aquvi7X8IviMvHVVcCaAfaI3IYATw7rQpBpFqdvoPs5YpTZOic4NU78RAwZwnq9ED2mdR7btMyFatpUT53O9x8cA7jaXArEP-EviZ7An1t5zbDU5Qt1XFVWAiBgC1Ba2Pb4BSNRwDCouwQQWYrj7RwY626Ad2RnYlIZQ5wzPO7mKWudtHOOuWopouqBstN6wxB5CAdhF1So5S4V1A-RI1KxOrCMPncaqWjjNbSERu2ZpnqRMXK12eiripI7kD8KwxzosglTKO-fTuaf51d2AMtgPAG4EFkPIyDqhOR3mBwt92NlaRra3ORqeIlHha-CjCoKtWh4W3_v3xwsuQUO5hgJcAWDxzisiIpl2ZbtkX4lSKVfg5ptTZV3PEVrMRGd_GWJ4JJ6ZL4SU4VwOPPG2ymSfeD0EfyHOsOE4kgH711n4t7E_Fcn9k3nyIOd8jlk-AoYetJtkvICPFq387ndcwURmJDHqrq1uNqiYkgAWaFlsklQZJFF7Ne9DtXZJH15i8X825krZ3rlLC0vsVuf_5OoDAxrbjciq8C5HPqCwxDjSylzn-eYgQjqIgqU_d0i7nXlH8HG6LD9rgMH_FjDWrSXcOvmn1PkvRQxeVBNqcG_mRuU8780syaPyiloljknbR-fWWtzxtwoigOZOm64TYHNN4Z_3SUHwnhhcsb7zIlIE5TTkMROl7KK2WaD0nWztSJUjamc1bJIqPIXkNjwblKHm245oqttkecSLVZE0QEo_sknTovXtE3__O7SQsyQRBJzKdprPq537kgwANjN4aydm9gVMh0TSlxeaZDKZ0Mf0x1iTwlO0C7_2GXLVl711_2NAb7rGIdHQ8pS4YjOQFctNHk1QS_dENBa2kQ5Lh5YLH4zdsK8zh5mL1sqkUyEJzQYoQMaljz1NRMV9-Ddt3n0aU4v-pDv5X9ftj77-WnsOqjtIZo9xBwbFAWU8cfSZY2vGEKADDUKSrI8U5zGsXbvdc-4q74m4heYJ8PDCRQOXubWq5MRLYHZrWSIUk5FcOxc06xUJm8b8qeugsmJMJRgk5xQQhWHkKUlziMI9kr39qwAkUWvWU9k-CINbeiUf3gU3t3IjLcn4nOAEYgHjtzzDmqIwML6P7nHcRB1O2ZgIZjgewmNvOzAEdYqsgTG312tlUIwYdfleObHvjTE1lGCqFJgOGWAzW8RA7v-IoG7fq7PdUp7tcXhZiZf-RT90lvdHlxu9gTPNDRVDoOcWVqo55zTxTEcrOqpuR3Oi7EeWA_H4UoIriFI9Fw8PUYSuhmIbQSNI6itkg8zBIt4IYzcolQqHKNJLakMVBXDH9alIwsFsupSqUGbVqeUH70zZbU27px5jJ_HBY8yudPmAZCsP530kIXnRV00UpcNbr-JRf-yIwo1hMlbhM7bYg62GnkijfFHGwUIQ&sai=AMfl-YQMAT8tN-IDhq3fGCYuH92cNQ9J7JlQrC7RP2kT8B11tZrAFXUSJx-HlkaMdZEiD_Px-hMTq3ttuT7lidOJMki_b__k3yKHdrnvjeOebhOjFyrydFO3B51o6zinstX4ASe7DYtCXSVcXYIA0URD7cl1Ocq1uKPkP7JEyqndLZlxa02my-hweO4n-f-B4dKzPz_nf7NaaPOqTxFkPJd9tzfHWEyL1lrCLxgsEiHEYv1kfFP7YnKDO43CcTEE0Z5AF32wpZxvPZVUInXgk1H5poPxKEFccPPe_pJPnw&sig=Cg0ArKJSzCeBADOSjIPrEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=345&cbvp=1&cstd=332&cisv=r20240215.76958&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 16 Feb 2024 23:53:42 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 16 Feb 2024 23:53:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B68C 0
20 B 96ms
95ms Image
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9s4EhfXPZeHEKLi4oPMP_6ivyAgAAAAAOAHgBAI&bg=!jo2ljcLNAAZN4L4YbeA7ADQBe5WfOGmv_sN2WbTRcw3NGIu-nwcZg2DX4zw2zk1cIb4Luxq1Whi2fDPT1dgrAcgBRZC-AgAAAHpSAAAABGgBB5kDA-gn8kT43NIiTZUBjSLDp8KH4Y4ajK6tBuDVhKQ43RpJIvfCq28m0bvW4Kt9wgutTfXKYrsaLSQ1lYVFbizKbmcg9nkmKgviummAk3OjlD7ZzDl2ZuzFDN2Eqw6euSFvj3p86X7je6xLBDBla6TTt_REYGsfQRLtSHOXIOJm1WFHWTAdrE0z2RRY8EhqJtYo9FKI1VsRSvIa_x2pteBvDkZkjYwM6S9pRNfL7GKoTSKlE1vULQ8i_9Fqm1HsnGqxeAebMzk57WINPMhYgCpZiKbuIybsBuLqJDRDeKbCkiHHCzL_3RH5hLeB1cXTPiQ17JMaLMR2jEgg091oGYVYhSjwOSNKQ3VQZsLHRqA9ndOJ9iwLBchrrj8cEjrWS6IS6aSt81t1uiLzNu8mFttyiRZ4POw2CCdVmWyXvyB105DNyt7xlE47xqNgNTIFqV2ppnvm87lcduKS822WXGvwGnw0hFop25VUF8j0cP7xw6184Fnr7XNtcFwE3ipmEvM1Wno1nnT91eXe8Gf168GWasg6FnqcFg9YdA2GKDwT7Yosk_5NBeF4dEFpCIMLaUxar5b6WTtBnDrxbPyuHCPjX8fE0DcmlLe4SMyoAIK9uuKQydZDqNm3vLKY3b0bl9toPe9mHm4LjFZ0VMFq1TrNOqaCs8QBbqOC1yiiANjquVe_oTxN7TRxpGlSGOxA-A8Rd9qdKstfY0lCBxd7lvqtwXjyoo7-0wHbFHAtOZ1tJsGROL9_J6b1BndYGK5CM7UaHBuVQhvHOLTvY9NZs2SfQNqbapPVMXaAYe1f7Aiz-KPeyufWBBeJtsEdzvP0ilU4saTa2Uxxnavv5ojjZCcxRUJ2ms-03juvB4fs4nco1EMhnRHry0PuypCZiIfL4Cnw-6TKbziJOD24j56FLTsawGk4G4-6v2cSah6Im3dCHTHToAbcTt7vptdX4_sFFrbV-IuMmF1NzF3xw53mp1L8Q1AHiZP0-9Xor4u_hw9_QoeKK92sevOn2gqwfSt9GB8_xpqU9g

Requested by

Host: be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
URL: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame E50E 120 KB
41 KB 62ms
62ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 21:58:16 GMT

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/18084140897926277244/ Frame E50E 4 KB
4 KB 63ms
62ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18084140897926277244/preload.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e33b8407c21f47e7c990edcb66dcf85406e8955ea0f85432539d5b706870cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 11:58:57 GMT
date: Thu, 15 Feb 2024 11:58:57 GMT
x-content-type-options: nosniff
age: 129285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4368
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:55:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E50E 7 KB
6 KB 216ms
89ms XHR
application/json 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b269e60631d21a2199890fae144fc3d6160f27733c871b2952c1e3b7e48fff9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5768
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7FD0 0
0 128ms
128ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvksbvi8Zr8yDPwB8m0SkCX-unAoQIh2XfNHmEItQdbQUheM4Aquvi7X8IviMvHVVcCaAfaI3IYATw7rQpBpFqdvoPs5YpTZOic4NU78RAwZwnq9ED2mdR7btMyFatpUT53O9x8cA7jaXArEP-EviZ7An1t5zbDU5Qt1XFVWAiBgC1Ba2Pb4BSNRwDCouwQQWYrj7RwY626Ad2RnYlIZQ5wzPO7mKWudtHOOuWopouqBstN6wxB5CAdhF1So5S4V1A-RI1KxOrCMPncaqWjjNbSERu2ZpnqRMXK12eiripI7kD8KwxzosglTKO-fTuaf51d2AMtgPAG4EFkPIyDqhOR3mBwt92NlaRra3ORqeIlHha-CjCoKtWh4W3_v3xwsuQUO5hgJcAWDxzisiIpl2ZbtkX4lSKVfg5ptTZV3PEVrMRGd_GWJ4JJ6ZL4SU4VwOPPG2ymSfeD0EfyHOsOE4kgH711n4t7E_Fcn9k3nyIOd8jlk-AoYetJtkvICPFq387ndcwURmJDHqrq1uNqiYkgAWaFlsklQZJFF7Ne9DtXZJH15i8X825krZ3rlLC0vsVuf_5OoDAxrbjciq8C5HPqCwxDjSylzn-eYgQjqIgqU_d0i7nXlH8HG6LD9rgMH_FjDWrSXcOvmn1PkvRQxeVBNqcG_mRuU8780syaPyiloljknbR-fWWtzxtwoigOZOm64TYHNN4Z_3SUHwnhhcsb7zIlIE5TTkMROl7KK2WaD0nWztSJUjamc1bJIqPIXkNjwblKHm245oqttkecSLVZE0QEo_sknTovXtE3__O7SQsyQRBJzKdprPq537kgwANjN4aydm9gVMh0TSlxeaZDKZ0Mf0x1iTwlO0C7_2GXLVl711_2NAb7rGIdHQ8pS4YjOQFctNHk1QS_dENBa2kQ5Lh5YLH4zdsK8zh5mL1sqkUyEJzQYoQMaljz1NRMV9-Ddt3n0aU4v-pDv5X9ftj77-WnsOqjtIZo9xBwbFAWU8cfSZY2vGEKADDUKSrI8U5zGsXbvdc-4q74m4heYJ8PDCRQOXubWq5MRLYHZrWSIUk5FcOxc06xUJm8b8qeugsmJMJRgk5xQQhWHkKUlziMI9kr39qwAkUWvWU9k-CINbeiUf3gU3t3IjLcn4nOAEYgHjtzzDmqIwML6P7nHcRB1O2ZgIZjgewmNvOzAEdYqsgTG312tlUIwYdfleObHvjTE1lGCqFJgOGWAzW8RA7v-IoG7fq7PdUp7tcXhZiZf-RT90lvdHlxu9gTPNDRVDoOcWVqo55zTxTEcrOqpuR3Oi7EeWA_H4UoIriFI9Fw8PUYSuhmIbQSNI6itkg8zBIt4IYzcolQqHKNJLakMVBXDH9alIwsFsupSqUGbVqeUH70zZbU27px5jJ_HBY8yudPmAZCsP530kIXnRV00UpcNbr-JRf-yIwo1hMlbhM7bYg62GnkijfFHGwUIQ&sai=AMfl-YQMAT8tN-IDhq3fGCYuH92cNQ9J7JlQrC7RP2kT8B11tZrAFXUSJx-HlkaMdZEiD_Px-hMTq3ttuT7lidOJMki_b__k3yKHdrnvjeOebhOjFyrydFO3B51o6zinstX4ASe7DYtCXSVcXYIA0URD7cl1Ocq1uKPkP7JEyqndLZlxa02my-hweO4n-f-B4dKzPz_nf7NaaPOqTxFkPJd9tzfHWEyL1lrCLxgsEiHEYv1kfFP7YnKDO43CcTEE0Z5AF32wpZxvPZVUInXgk1H5poPxKEFccPPe_pJPnw&sig=Cg0ArKJSzCeBADOSjIPrEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=836&vt=11&dtpt=491&dett=3&cstd=332&cisv=r20240215.76958&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 23:53:42 GMT

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/18084140897926277244/ Frame E50E 676 B
704 B 70ms
69ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18084140897926277244/replay.png

Requested by

Host: be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
URL: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

560840d26c66d01e35e8257c2599e4d6ff81fb45082ac051cbfb0fb835657951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 18:21:50 GMT
date: Thu, 15 Feb 2024 18:21:50 GMT
x-content-type-options: nosniff
age: 106312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 676
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:55:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/18084140897926277244/ Frame E50E 63 KB
63 KB 63ms
63ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18084140897926277244/poster.jpg

Requested by

Host: be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
URL: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df74bc4a8c5cd98f22fc887736d160b0df363071f2514c166d8e9c9d4052704d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 22:00:56 GMT
date: Thu, 15 Feb 2024 22:00:56 GMT
x-content-type-options: nosniff
age: 93166
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64679
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:55:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1

206
Partial Content

file.mp4
r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/107dcc151f57a8bf/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739663621/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame E50E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/107dcc151f57a8bf/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739663621/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/107dcc151f57a8bf/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739663621/sparams/acao,ctier,expire,id,ip,ipbits,itag...

614 KB
615 KB

251ms
64ms

Media
video/mp4

2607:f8b0:4000:1d::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/107dcc151f57a8bf/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739663621/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4A6E4157D84A37854E3B7EC38EDFF21338505067.85049171F417868AE09E807205C70534D1A6EE5D/key/cms1/cms_redirect/yes/mh/o8/mip/2001:550:1d05:1::3/mm/42/mn/sn-q4flrnss/ms/onc/mt/1708127335/mv/m/mvi/5/pl/48/file/file.mp4

Requested by

Host: be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
URL: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

2607:f8b0:4000:1d::a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c5c40c179e117c7a2737f3ce285628c46e847a9bc8c129b1998a6f28ff598a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 23:53:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 06 Nov 2023 23:56:21 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-628760/628761
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 628761
Expires: Fri, 16 Feb 2024 23:53:43 GMT

Redirect headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:42 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/107dcc151f57a8bf/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739663621/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4A6E4157D84A37854E3B7EC38EDFF21338505067.85049171F417868AE09E807205C70534D1A6EE5D/key/cms1/cms_redirect/yes/mh/o8/mip/2001:550:1d05:1::3/mm/42/mn/sn-q4flrnss/ms/onc/mt/1708127335/mv/m/mvi/5/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 647
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/18084140897926277244/ Frame E50E 4 KB
4 KB 70ms
69ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/18084140897926277244/preload.jpg

Requested by

Host: be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
URL: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e33b8407c21f47e7c990edcb66dcf85406e8955ea0f85432539d5b706870cbc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 14 Feb 2025 11:58:57 GMT
date: Thu, 15 Feb 2024 11:58:57 GMT
x-content-type-options: nosniff
age: 129285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4368
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 23:55:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H2 200 stats Show response
gw.geoedge.be/api/ Frame 7FD0 0
215 B 71ms
70ms XHR
text/plain 2600:9000:210b:9400:10:43f:4352:ad61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gw.geoedge.be/api/stats
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:9400:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Fri, 16 Feb 2024 23:53:42 GMT
via: 1.1 0a41fb8a1e6869f7cc14f05241a462fa.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
content-length: 0
x-amz-cf-id: C1_deAhLhZXfVdB_Cufp7npw7z2_t3S7Prw5QAWGLJgRaLdT9ZIcew==
x-cache: Miss from cloudfront

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame E50E 13 KB
5 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/18084140897926277244/index.html?e=69&leftOffset=0&topOffset=0&c=Lzg1OomILX&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 00:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 00:12:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E50E 17 KB
6 KB 95ms
95ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 23:53:42 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7FD0 42 B
64 B 98ms
97ms Fetch
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgTCTGS13S1NPcmOFo_9lfrOxkBrjRLB6bO5VjX4MJ3T310lE9A1pcHEwNNNSNbo98hXQpJhnwNYNo5NK5BGHHNzp9RyVIxVERDH4Ehj4F1MlTM0QFdcG4Xb4h913-xW39LXz1WBSp0S7qn-oAdo_B62L6LaXEs3Q&sai=AMfl-YTcalIP1PmzW99X9MnPG7gChnNgzmk-gjz0UPO7BsIcg8E91Cebm2j6-n4B6W2EXWyvS1Jt9r-_y0CpwUO6xq-v2Wd5-t7re45ZEKSOO3niu1FX1mF16KF_NcTP3GB8qwn-_3rln-q6YlkgnXog&sig=Cg0ArKJSzDb4hvnjEqlaEAE&cid=CAQSTgAvHhf_M7vSV1JHDqfjEcUSYaNGH1L2Qh1rG8YPJ7Cc90As2fsnzf-HQMnjK_7y9sZdgcBDj9UKwDShxKpD_H3FB2-f2tmm6cfMv2j6eBgB&id=lidar2&mcvt=1000&p=15,315,265,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2496155832&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=406042100&rst=1708127621029&rpt=831&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 571A 39 KB
15 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 21:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 21:23:20 GMT

GET
H2 200 dc_oe=ChMIoZv7oIexhAMVOBxoCB1_1AuJEAAYACCz_6phQhMI9rq6oIexhAMV1g-KAx1biAXS;dc_eps=AHas8cCdIULG13wfvUmk6hDbff9RjBIFkNFOBj-a3MzbyKj_OhX5CfufsoW1l52NOZqm-XMY1staSTN31xD9EoyV;met=1;&timestamp=170812762...
ade.googlesyndication.com/ddm/activity/ Frame 7FD0 42 B
401 B 270ms
130ms Image
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoZv7oIexhAMVOBxoCB1_1AuJEAAYACCz_6phQhMI9rq6oIexhAMV1g-KAx1biAXS;dc_eps=AHas8cCdIULG13wfvUmk6hDbff9RjBIFkNFOBj-a3MzbyKj_OhX5CfufsoW1l52NOZqm-XMY1staSTN31xD9EoyV;met=1;&timestamp=1708127623235;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Requested by

Host: be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
URL: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FD0 0
20 B 96ms
95ms Ping
image/gif 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2989959039868&version=m202401290101&ct=119&x=1&cor=12213947020176814000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cksync.php
cs.media.net/ 52 B
640 B 236ms
83ms Image
image/gif 104.126.112.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.112.26 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-126-112-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 16 Feb 2024 23:53:44 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 52
x-mnet-hl2: E
Expires: Fri, 16 Feb 2024 23:53:44 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=163427
https://image8.pubmatic.com/AdServer/ImgSync?p=163427&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjdGQzAwMUItQjFBMC00MTQxLTlDMTktNjNCRkI0ODI4NUIy&gdpr=-1&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
309 B

55ms
54ms

Image
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Fri, 16 Feb 2024 23:53:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=da92c6fa-f3fb-4da8-a710-e66088258e8f&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

60ms
59ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=da92c6fa-f3fb-4da8-a710-e66088258e8f&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type: image/gif
date: Fri, 16 Feb 2024 23:53:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=da92c6fa-f3fb-4da8-a710-e66088258e8f&dongle=0cfd&gdpr=0&gdpr_consent=
date: Fri, 16 Feb 2024 23:53:45 GMT
server: Kestrel
content-length: 251

GET
H2

200

pd
nytimes-d.openx.net/w/1.0/
Redirect Chain

https://nytimes-d.openx.net/w/1.0/pd
https://nytimes-d.openx.net/w/1.0/pd?cc=1

43 B
202 B

49ms
48ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nytimes-d.openx.net/w/1.0/pd?cc=1
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:44 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://nytimes-d.openx.net/w/1.0/pd?cc=1
date: Fri, 16 Feb 2024 23:53:44 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eff7afa8-5a7f-4bf0-9f23-5735c1b069e2&expiration=1739750024

43 B
739 B

79ms
79ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eff7afa8-5a7f-4bf0-9f23-5735c1b069e2&expiration=1739750024
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpkXdby9d2r7V5ljnAwsdbCou5lLQedBGINOPUwosbVYtJ%2Fu6GNbZLWjd%2FD3eiWf%2BvTYTuFTsMupLxqLeD%2F23Ptb%2FfJcGTCly9D3%2B3ozbSVw191wBi6ZCCeSA%2BbSG23F3BYUl42t15n%2FTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8569b636394d09ce-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=eff7afa8-5a7f-4bf0-9f23-5735c1b069e2&expiration=1739750024
Date: Fri, 16 Feb 2024 23:53:44 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H3 200 vendors~allAccessLandingPage~audio~bestsellers~card~collections~cookingAppDownloadLandingPage~cookin~4a67e758-f25a10c60a5ee97e6c88.js Show response
s3.pardad-trading.com/vi-assets/static-assets/ 47 KB
12 KB 615ms
614ms Script
application/javascript 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/vendors~allAccessLandingPage~audio~bestsellers~card~collections~cookingAppDownloadLandingPage~cookin~4a67e758-f25a10c60a5ee97e6c88.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

299fe4cb399d6f400ea1117ee107768dd59304e3b970633836c97fdb523af76a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: br
x-amz-request-id: M0RY15BSKPN74KMZ
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-02-15 20:51:41 UTC
x-served-by: cache-lga21944-LGA, cache-fra-etou8220032-FRA
x-timer: S1708127625.144518,VS0,VE1
etag: W/"89d2aa7420071c50c97aad617aebfe4a"
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~allAccessLandingPage~audio~bestsellers~card~collections~cookingAppDownloadLandingPage~cookin~4a67e758-f25a10c60a5ee97e6c88.js
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-nyt-app-webview: 0
x-nyt-edge-cache: HIT-HIT
x-cache-hits: 16, 1329
date: Fri, 16 Feb 2024 23:53:45 GMT
x-amz-version-id: ZjFgFMUun_Ghu4VDGTGlejH5JB6aOIse
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-F-X
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400
x-amz-id-2: WdGT5U9NxPn3M3P7YxkFTkmuEvUNIv6hrbuENOfxN5vCus7W19a+cxsDOo/ujQMKsx+ZJ3Z9VuQ=
last-modified: Thu, 15 Feb 2024 20:45:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spjd7R%2BGMkaCSFDk0OE6eBOZ%2Fr0EJ64K6iPhUpPS379aajlwW2RoW48pFQq3DRx0F5MZq2doU4nzqiQg6zqHfz1o6DZ9CRv%2B7P5K1%2FkyFSVuW3Ck2irHqMz%2BMnsb5%2FX4e8JKZrPriowHPbJu3%2BWYe1sAvGY%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
permissions-policy: browsing-topics=()
cf-ray: 8569b6362e61da77-MIA

GET
H3 200 vendors~audio~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~~b0abd9a2-7cae7a188391d7df3240.js Show response
s3.pardad-trading.com/vi-assets/static-assets/ 41 KB
14 KB 3566ms
3565ms Script
application/javascript 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/vendors~audio~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~~b0abd9a2-7cae7a188391d7df3240.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a39dd2226649d9c999542a2ca99d429bbfb2d97a685719f1919e5bd8b4c2789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-amz-meta-origin: main
content-encoding: br
x-amz-request-id: 3P9MT72QMSTWW122
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-02-08 18:01:50 UTC
x-served-by: cache-fra-eddf8230078-FRA
x-timer: S1708127628.993094,VS0,VE1
etag: W/"5ea786277458c96ecadfc6506588c8d2"
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~reviews~search~~b0abd9a2-7cae7a188391d7df3240.js
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-amz-meta-last-modified: 1707414457
x-cache-hits: 8772
date: Fri, 16 Feb 2024 23:53:48 GMT
x-amz-version-id: 8TZLgwT9jEORQZKfxzuNi1Vikt45A7dM
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mXoPsvVcNVyxAvXQRduZ/zbHBggkONgsPgghGSbWl9TQ5WNRN6Up1VJSka8PGKeL6Os9pQHbGvw=
last-modified: Thu, 08 Feb 2024 17:47:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKmQ6Lot5FWpcJDtProNJ5wu1GE63Gim%2FiCPZCtwowYII%2BQYlZRZZBWd0K3nxFHHH2HO5oMyYTHLlU5f%2BcS27jf1JOzA1H%2BpmAZ%2FuA91U%2FifqhFezscSnfr8rrFumoni2JRV%2FYDyxCWuMdLJfWsNpmNewXs%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
permissions-policy: browsing-topics=()
cf-ray: 8569b6362e64da77-MIA

GET
H3 200 vendors~burst~byline~capsule~home~trending-3305c049ed8e94e90396.js Show response
s3.pardad-trading.com/vi-assets/static-assets/ 21 KB
6 KB 341ms
340ms Script
application/javascript 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/vi-assets/static-assets/vendors~burst~byline~capsule~home~trending-3305c049ed8e94e90396.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea53a803218d6d1043ee9e296f0c51573db4b9c516e399c6fed031d64d2b2321

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-amz-meta-origin: pr
content-encoding: br
x-amz-request-id: X25XQMNRCPD7WMVX
x-amz-server-side-encryption: AES256
x-nyt-mktg-group: group4
x-origin-time: 2024-02-09 16:38:27 UTC
x-served-by: cache-fra-etou8220105-FRA
x-timer: S1708127625.899595,VS0,VE1
etag: W/"033b9bb3318ed9663a8d7652c6c6bdc2"
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~burst~byline~capsule~home~trending-3305c049ed8e94e90396.js
access-control-expose-headers: X-Nyt-Mktg-Group
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-amz-meta-last-modified: 1707496402
x-cache-hits: 3249
date: Fri, 16 Feb 2024 23:53:44 GMT
x-amz-version-id: DX6Ck7nAT5Dc6M7obXTY6lb7HAXcCnP1
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-X
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-amz-id-2: oH6yms8E3elu+qaFYZ62uSCskuHAhwBeeLrGV+JB5mahPJt7+gQDjdi8W3o4aA8eIPWl2S9Ok7o=
last-modified: Fri, 09 Feb 2024 16:33:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKw9N%2By4Gft6yeO1S45l1XulImZGwWmLpZQ7xly3WpoV7LOCs2sudagqzJUMKJMJnGfzv4a6wIEUKap9zg5sL2seJR1%2BNn4MEZ5TJr6t%2FE9pNXq%2FqfZl6Zmnnrf%2F2P%2BZBrr3pEg7qEXWuVK3x8jrTPyFe0E%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
permissions-policy: browsing-topics=()
cf-ray: 8569b6362e65da77-MIA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
63 KB 78ms
77ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12b4ba58997eee741713199cbc4d2c4965fafe70163c7c52639bd2e2e8304017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64764
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 21:47:54 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Feb 2024 23:53:44 GMT

GET
H2 200 tags.js Show response
dd.nytimes.com/ 147 KB
27 KB 312ms
68ms Script
text/javascript 18.238.55.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-30.jfk52.r.cloudfront.net

Software

Apache /

Resource Hash

c86173bc54fd2bcb7df476bff9ea9caefac3ebc91b21a219421682636056a6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 f52a6d89da5cd85d46c2c4e4af9acf1e.cloudfront.net (CloudFront)
date: Fri, 16 Feb 2024 23:24:47 GMT
x-amz-cf-pop: JFK52-P4
age: 1738
x-cache: Hit from cloudfront
content-length: 27520
last-modified: Thu, 15 Feb 2024 15:36:30 GMT
server: Apache
etag: "24ac3-6116d6430e1ee-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: OSX5BRw_eDsh0ltpF3RzRmfuUHKTcnYcoMJxe9xfQRWeJWjavat3Hg==
expires: Sat, 17 Feb 2024 00:24:47 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1708127624743&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1708127624743&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2...

0
225 B

68ms
68ms

Image
text/plain

108.139.47.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1708127624743&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fs3.pardad-trading.com%2F&c9=
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Server: 108.139.47.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-50.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:45 GMT
via: 1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: pBcjyheTTL7AdgZtqcUNUOns9h6uMKSRbQF5j_2fuXU5I38MB1VLzg==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 16 Feb 2024 23:53:45 GMT
via: 1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=3005403&ns__t=1708127624743&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fs3.pardad-trading.com%2F&c9=
content-length: 0
x-amz-cf-id: cZRQgTfJn6uYGlJa6tygOoF5YaI-xI6ScR3loF-MVq1GCbaLNUzaVg==

POST
H2 200 track
a.et.nytimes.com/ 0
0 79ms
78ms Ping
text/plain 44.195.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-146-220.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
BLOB 200
OK 3a8de48b-9f49-4711-a487-bb8a8e5fa865
https://s3.pardad-trading.com/ 597 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://s3.pardad-trading.com/3a8de48b-9f49-4711-a487-bb8a8e5fa865
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 597
Content-Type: application/javascript

POST
H2 200 / Show response
dd.nytimes.com/js/ 241 B
627 B 192ms
69ms XHR
application/json 18.238.55.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.238.55.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-238-55-30.jfk52.r.cloudfront.net

Software

DataDome /

Resource Hash

da37ff8a4d532b80e17c2fdc4f1efb26c7ab3ac4ac9dddb019eafba35f9ec1d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:45 GMT
via: 1.1 872838324e32b579ba7d3bf4c42b2d24.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: JFK52-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 241
x-amz-cf-id: EtaPjutlTAjhBaUu8Sg5ysHtaWPd-x1V0zTZnSXDCDqi85PyELNVFQ==
expires: 0

GET
H3 200 market Show response
s3.pardad-trading.com/api/ 526 B
2 KB 199ms
198ms Fetch
application/json 2606:4700:3032::6815:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s3.pardad-trading.com/api/market

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:492d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565fcf8b6b7bee6091a9114e8ce2a2f1ff02524d9674515742bf1cfcf996784c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:48 GMT
x-envoy-decorator-operation: vi.nyt.net:443/*
content-encoding: br
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-api-version: F-F-X
age: 8
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT, HIT
x-nyt-mktg-group: group4
x-envoy-upstream-service-time: 61
alt-svc: h3=":443"; ma=86400
x-origin-time: 2024-02-16 23:53:43 UTC
x-served-by: cache-lga21927-LGA, cache-fra-eddf8230090-FRA
server: cloudflare
x-timer: S1708127629.699928,VS0,VE2
vary: Accept-Encoding, Fastly-SSL
x-frame-options: DENY
content-type: application/json; charset=utf-8
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/api/market
access-control-expose-headers: X-Nyt-Mktg-Group, X-Nyt-Mktg-Group
cache-control: s-maxage=60,(null)
x-nyt-app-webview: 0
permissions-policy: browsing-topics=()
x-nyt-route: market
x-nyt-edge-cache: HIT-HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohv2KuCozwe2DIziCx01VkL%2BOBKdXzV5ikUpZtvkERoVeOJRsMklqf77CxCB4H8OaNfVQn%2BE6pOn6Dj2OzB3pRGSLLdO2aEF2mB57cfO1ybiJzDWpC5Cc%2B0h8V%2FlHs%2FDHG9NxuOLtjIEfS2Jq6igIvar0ZE%3D"}],"group":"cf-nel","max_age":604800}
x-gdpr: 1
cf-ray: 8569b64ebaaada77-MIA
x-cache-hits: 38, 1

GET
H2 200 vhs.min.js Show response
static01.nyt.com/video-static/vhs3/ 496 KB
114 KB 32ms
32ms Script
application/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static01.nyt.com/video-static/vhs3/vhs.min.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/vi-assets/static-assets/vendors~burst~byline~capsule~home~trending-3305c049ed8e94e90396.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0d83283563d7c546842e4e2bef1ecdee3db0ade306ef9fc7bf717b87e2107ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 06 Feb 2024 23:12:44 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 233375
x-guploader-uploadid: ABPtcPoottTx1DKdoH4LfoXPjk0Q15_3px8qBOcw-F8kxkskQpxVL_kiRdAOvlzT0zzTL-LdMymOiVSNig
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: video/vhs3
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 115571
x-served-by: cache-iad-kiad7000153-IAD, cache-mia-kmia1760080-MIA
last-modified: Tue, 30 Jan 2024 23:12:38 GMT
server: UploadServer
x-timer: S1708127629.607000,VS0,VE0
etag: "bfb22a63e419c768ff2ed0ce6c9ae33e"
vary: Accept-Encoding
x-goog-generation: 1706656358833564
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=MzQWkA==, md5=v7IqY+QZx2j/LtDObJrjPg==
cache-control: public,max-age=60,s-maxage=604800
x-goog-stored-content-length: 507640
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 28440

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
360 B 75ms
74ms XHR
text/javascript 18.164.92.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fs3.pardad-trading.com%2F&pid=blFwUoe1I05TU&cb=1&ws=1600x1200&v=24.206.2351&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid1_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&sm=52397c47-6ab8-405f-9236-740bf16799ca&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.92.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-92-122.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 5af2699243b550d789ef9dce0b522ed2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://s3.pardad-trading.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: kMeBn5ufVeLiyFHHfyCK1UcEqzEcH6Z69Egrp6G-wzaG6Ao2aUAk4w==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
361 B 74ms
74ms XHR
text/javascript 18.164.92.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fs3.pardad-trading.com%2F&pid=blFwUoe1I05TU&cb=2&ws=1600x1200&v=24.206.2351&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid2_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&sm=52397c47-6ab8-405f-9236-740bf16799ca&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.92.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-92-122.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:47 GMT
via: 1.1 5af2699243b550d789ef9dce0b522ed2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://s3.pardad-trading.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: JpSirZRqidR7EWkCaLMvBLHnBNb9nsGCKOtWHwF648JsyWuWUA3mOw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
361 B 75ms
74ms XHR
text/javascript 18.164.92.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fs3.pardad-trading.com%2F&pid=blFwUoe1I05TU&cb=3&ws=1600x1200&v=24.206.2351&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid3_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%2C%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&cfgv=1&sm=52397c47-6ab8-405f-9236-740bf16799ca&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.92.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-92-122.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 5af2699243b550d789ef9dce0b522ed2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://s3.pardad-trading.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 7_7QWY9SABnyIA-VMZUlj4F6yCXFQaJodnBa0wVwTglB_sE_BD9CaA==

GET purr-cache
purr.nytimes.com/v1/ 0
0

GET data-layer
a.nytimes.com/svc/nyt/ 0
0

GET
H2 200 author-marie-solis-thumbStandard.png
static01.nyt.com/images/2023/06/09/reader-center/author-marie-solis/ 5 KB
5 KB 41ms
41ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/06/09/reader-center/author-marie-solis/author-marie-solis-thumbStandard.png?quality=75&auto=webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

51197621ba8ef63f68344b123f60747feb5c165843fa811b22be90ccc5e65270

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Mon, 07 Aug 2023 11:17:09 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 285363
x-guploader-uploadid: ADPycdsvokLaEvbH_pqwCIYCkL0BwS2OiDb6dwfr0s6luGVYgJyWotkrePbGaWbucdJyNbA0HhpVZgW5OpDaLqf7YpWP
x-cache: HIT, HIT
fastly-io-info: ifsz=9913 idim=75x75 ifmt=png ofsz=4954 odim=75x75 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4954
x-served-by: cache-iad-kcgs7200144-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.745066,VS0,VE0
etag: "f0j6r3+QxCJL+JejvCyQf66dO2gOKgovyM7sDH922oc"
vary: Accept
x-goog-generation: 1686333370432834
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=qjxWQw==, md5=2pPmqfXXzbRRZFCqixY3sQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 9913
x-amz-checksum-crc32c: qjxWQw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 20730, 371

GET
H2 200 13productivity-01-pblc-mediumSquare149.jpg
static01.nyt.com/images/2024/02/13/multimedia/13productivity-01-pblc/ 4 KB
5 KB 42ms
41ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/13/multimedia/13productivity-01-pblc/13productivity-01-pblc-mediumSquare149.jpg?quality=75&auto=webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

060781fa94ff26d6e15c96edb5c7a7575c6429a8a1611e41d6b2b6fc6e193c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 16:41:43 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010226
age: 25925
x-guploader-uploadid: ABPtcPpCHxlgWE95VpVNNoAHIqpSN_6Y78nV-_umJehL8zhU2zs663AfRN-MB7eWQJE4FgcjcblKOMNnvw
x-cache: HIT, HIT
fastly-io-info: ifsz=11751 idim=149x149 ifmt=jpeg ofsz=4446 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 4446
x-served-by: cache-iad-kiad7000075-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.745757,VS0,VE0
etag: "xj9mr5fS4jFWQYYsAPBz101GnEdTfUKBu7WJTY/BDa0"
vary: Accept
x-goog-generation: 1707904809427743
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=acHksQ==, md5=J3jj6zi9su9mMbw2LQeHbw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 11751
x-amz-checksum-crc32c: acHksQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 360

GET
H2 200 00econ-lessons-mediumSquare149.jpg
static01.nyt.com/images/2024/02/14/business/00econ-lessons/ 3 KB
4 KB 41ms
41ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/14/business/00econ-lessons/00econ-lessons-mediumSquare149.jpg?quality=75&auto=webp

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9d3d35030623ff78afd1dc13072790a8ed2f9f8c0151aa1217a72e9640e0d811

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 16:41:44 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010215
age: 25925
x-guploader-uploadid: ABPtcPrBUB7PtKeEsB4z9nsNNi6BOZGWzRcRp_NcHU4m6h02NZ-nxxcN4Y0wStzqyRUH16ds4rDaGcdgHQ
x-cache: HIT, HIT
fastly-io-info: ifsz=10395 idim=149x149 ifmt=jpeg ofsz=3466 odim=149x149 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 3466
x-served-by: cache-iad-kcgs7200097-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.745690,VS0,VE0
etag: "/i7UcZnW5upK099elPJu6Vlr8PHvPBdSJOe1sDzwz8I"
vary: Accept
x-goog-generation: 1708050486394128
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=vS88Lg==, md5=W/QL1azyWn6C8lOYa3zHyw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 10395
x-amz-checksum-crc32c: vS88Lg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23, 362

GET
H2 200 cheltenham-normal-700.woff
g1.nyt.com/fonts/family/cheltenham/ 36 KB
37 KB 38ms
32ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a67ec15e20b12efff4c0dab67f909e2c7e08f8f7cc348d5c072e5e179b0f7290

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 26 Sep 2024 08:54:36 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2009951
x-guploader-uploadid: ADPycdunTMVi16zsVA5g3dD27nSUgGJ_2nS-IGTwqRS6NAQm-n3g1TVgFOvau-SvAl9XbUFqtfWRz9ckENbYId_fZltBGQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 37340
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1708127629.771962,VS0,VE0
etag: "738608727fc7c5797889e17788508b26"
x-goog-generation: 1673991775275250
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Zk8RaA==, md5=c4YIcn/HxXl4ieF3iFCLJg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 37340
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 67

GET
H2 200 franklin-normal-700.woff
g1.nyt.com/fonts/family/franklin/ 26 KB
27 KB 39ms
33ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

640a9138e66deb5b745997e8dbe0be6e4c32d82da5710f9cea8afb0bee2f3bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 28 Aug 2024 06:12:30 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2033689
x-guploader-uploadid: ADPycdub6POGF5SG8XBhowhvNuKg_G7Jck60Kezu2NVEsEa9gbbijPzyCmm-QQqtrHghDuEybLlo17iV-tl8wYESpm70qg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27032
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127629.772330,VS0,VE0
etag: "ab057a3b069a4ecbde7c3ea74411284e"
x-goog-generation: 1673991776263300
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Rh/wYQ==, md5=qwV6OwaaTsvefD6nRBEoTg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27032
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 87

GET
H2 200 franklin-normal-400.woff
g1.nyt.com/fonts/family/franklin/ 35 KB
36 KB 38ms
33ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-400.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a742a2af7c3bd1cab7c1cd0bddb1026dba2abb8c0b80f14c881a034854db962b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 08 Aug 2024 07:58:37 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 1526957
x-guploader-uploadid: ADPycdteUSW9N3sRD7ZaX1_vGDcKA0WD9keLAV93a0FkTap06UzDdEyQeDCvOj4F1D8DoAVZGLHHC1donm7W8KNFR4sw8xP_LUN2
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35764
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1708127629.772322,VS0,VE0
etag: "a4bfea3a5c7e7e577c2bcdcd61321eaa"
x-goog-generation: 1650460180560561
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=STMqMg==, md5=pL/qOlx+fld8K83NYTIeqg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 35764
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 82

GET
H2 200 imperial-normal-400.woff
g1.nyt.com/fonts/family/imperial/ 33 KB
33 KB 38ms
33ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2ded6ccf52893dda8d7ff261b54805bf7a6d9a225d44ceca138c4295c57d742d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 22 Aug 2024 08:06:30 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 361061
x-guploader-uploadid: ADPycdvwrgTtQdiWA_zJ7qjHxLzJIrq3ychUF6sksSHFf2jbVi50FitgwWzb4lZVLZO73K6cEGRQ4XcPLc12WO-HfdQKLiFTvd0M
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 33744
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127629.772311,VS0,VE0
etag: "910963d6a159124b2f1ba07ad3f87e00"
x-goog-generation: 1673991776747903
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ieCt7A==, md5=kQlj1qFZEksvG6B60/h+AA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 33744
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 70

GET
H2 200 imperial-normal-700.woff
g1.nyt.com/fonts/family/imperial/ 32 KB
32 KB 33ms
32ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a79b0d41335a1e325af898d3d59f0a69cc6e2098b8aa73ed1b185865c8c31914

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 16 Oct 2024 11:30:22 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2743757
x-guploader-uploadid: ABPtcPpXkrRWkatXWw8db5mYHCeH-Hg4PPPJjaCA65Mf8jLBZEP6SJAJPKsdDw7cGL1OrEkEghXAvyHEfOwRDcLpsoBCWjvoJxFj
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 32652
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127629.772328,VS0,VE0
etag: "53b85cb8b3e80c7a993ba8021fe74a51"
x-goog-generation: 1673991776807707
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=IVcNLg==, md5=U7hcuLPoDHqZO6gCH+dKUQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 32652
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 72

GET
H2 200 franklin-normal-300.woff
g1.nyt.com/fonts/family/franklin/ 26 KB
27 KB 37ms
36ms Font
application/octet-stream 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.woff

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

985aac7d49c194276a9409a009e38ec2c82f3f607c26b9358b23d48ed004c284

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://s3.pardad-trading.com/
Origin: https://s3.pardad-trading.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 17 Jul 2024 09:44:03 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 2137048
x-guploader-uploadid: ADPycdtCx5zJDnR2wYZLsFwWmbWmygF4GoWWqeyAkvr1x0-wxLU_hWZGNijd5UplndWVRrHOfc9XpC2cIR_HPQvUBMFXbIrMklQY
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26864
x-served-by: cache-mia-kmia1760062-MIA
last-modified: Tue, 17 Jan 2023 21:42:56 GMT
server: UploadServer
x-timer: S1708127629.772599,VS0,VE0
etag: "fe2bd94ddc6ab147c15e7a4f748b4a9e"
x-goog-generation: 1673991776219559
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=0YQkag==, md5=/ivZTdxqsUfBXnpPdItKng==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26864
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 66

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 79ms
79ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://s3.pardad-trading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset,x-nyt-geoip-map
access-control-max-age: 300
age: 0
content-length: 0
date: Fri, 16 Feb 2024 23:53:48 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 20
x-nyt-audience-target-flat: NA:PM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: MISS
x-nyt-meridiem: PM
x-nyt-region: NY
x-samizdat-query-exe-id: b720ac2947ae432f
x-samizdat-query-field-errors: 0
x-served-by: cache-mia-kmia1760097-MIA
x-timer: S1708127629.627732,VS0,VE47

GET
H2 200 16navalny-hp-flipper1-lcvb-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2024/02/16/multimedia/16navalny-hp-flipper1-lcvb/ 41 KB
42 KB 35ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/16/multimedia/16navalny-hp-flipper1-lcvb/16navalny-hp-flipper1-lcvb-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0ec26b35d4044489e7b6c6082f96a3a28e206908113984445109b4fa282e5590

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 22:41:49 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010230
age: 4319
x-guploader-uploadid: ABPtcPosdo80AD1TFcaF-hPpEhIavwn0XFDldaWcWZ7uVT8BYRWvHDVM1vXh1SyvibDcqx7YsXiQJyyrUg
x-cache: HIT, HIT
fastly-io-info: ifsz=74835 idim=600x400 ifmt=jpeg ofsz=42492 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 42492
x-served-by: cache-iad-kjyo7100125-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.987400,VS0,VE0
etag: "9bUuG704chJ2sAEUtxwCLIcud0iNnVmJlQv2ZOPfdrE"
vary: Accept
x-goog-generation: 1708102520106472
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=6ecZPQ==, md5=PPqbsN1QMtmzpmkNVfS4CQ==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 74835
x-amz-checksum-crc32c: 6ecZPQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4, 38

GET
H2 200 16Trump-abortion-tpfq-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2024/02/16/multimedia/16Trump-abortion-tpfq/ 6 KB
6 KB 35ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/16/multimedia/16Trump-abortion-tpfq/16Trump-abortion-tpfq-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

06abbcbe5c50e81836c65a2e515c1d9ad4a4d029ca737daae096029afd10dba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 15:48:29 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010228
age: 29119
x-guploader-uploadid: ABPtcPrDSs7anDdOLGJ4IIwROvjTRK_LhR1yI7sn4KcguUdzk-p_4nCxER-czL-TM_YKnMwN4aLK-GoPiw
x-cache: HIT, HIT
fastly-io-info: ifsz=19325 idim=600x400 ifmt=jpeg ofsz=5960 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 5960
x-served-by: cache-iad-kjyo7100073-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.987400,VS0,VE0
etag: "uIyWK+g2yZim0pj6pcwf0D+r6LYNJyBbjqggE4RyKIc"
vary: Accept
x-goog-generation: 1708098488792472
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Bc9Iiw==, md5=34yKv+zUPBM8Uk250kv4HQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 19325
x-amz-checksum-crc32c: Bc9Iiw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17, 2

GET
H2 200 16nat-trump-georgia-vcgw-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2024/02/16/multimedia/16nat-trump-georgia-vcgw/ 17 KB
18 KB 35ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/16/multimedia/16nat-trump-georgia-vcgw/16nat-trump-georgia-vcgw-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

71a584be241ef2568e1b8427d3f2d2a3b2a1d44edab90cc151f716b2fd9f20f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 10:48:05 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010214
age: 47143
x-guploader-uploadid: ABPtcPrUtOKhu7jHBetvrVu087vCqsSEhxkr1_LOogsJutOl_-mtRJb-kyuR3kL9_91QzI64_r0
x-cache: HIT, HIT
fastly-io-info: ifsz=54603 idim=600x400 ifmt=jpeg ofsz=17430 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 17430
x-served-by: cache-iad-kjyo7100081-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.987373,VS0,VE0
etag: "shC2bEh8EvGIRx2gzjG83Z4hZWD7qjsSnKm41u+TOb0"
vary: Accept
x-goog-generation: 1708078085460742
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=5jGj6w==, md5=s3l08My94IegI78VJDYb+w==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 54603
x-amz-checksum-crc32c: 5jGj6w==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5, 2

GET
H2 200 16nat-tower-stolen-02-wlck-HP-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2024/02/16/multimedia/16nat-tower-stolen-02-wlck-HP/ 19 KB
19 KB 38ms
36ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/16/multimedia/16nat-tower-stolen-02-wlck-HP/16nat-tower-stolen-02-wlck-HP-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

710b0655ed9250d40b111427e60ad0da542fe4e1acf5fc6967224e12467b8601

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 18:23:14 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010248
age: 19834
x-guploader-uploadid: ABPtcPpbwj8iOtbKVfb3p1qKPZPiZ0mMnQaeJ8WkkWyUn9VL5Mg_D7mB86usvG30hMEGLDJB4i3gUUzr9Q
x-cache: HIT, HIT
fastly-io-info: ifsz=51935 idim=600x400 ifmt=jpeg ofsz=19332 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19332
x-served-by: cache-iad-kjyo7100165-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.988371,VS0,VE0
etag: "E2kkjoLqHr329bMw0oUbwk+qbAjPPkI9PkJTFmdrg/I"
vary: Accept
x-goog-generation: 1708107580547903
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=2SjqGg==, md5=6HcSGQrud/gdILtDfq0yfg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 51935
x-amz-checksum-crc32c: 2SjqGg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 43, 3

GET
H2 200 16nat-kc-charges-gcpw-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2024/02/16/multimedia/16nat-kc-charges-gcpw/ 23 KB
23 KB 39ms
37ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/16/multimedia/16nat-kc-charges-gcpw/16nat-kc-charges-gcpw-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ebce0ebf21d54cc042f2dba30740eeb2c4223b27ffcc2e714ffd0f1758f46a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 18:01:45 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010216
age: 21123
x-guploader-uploadid: ABPtcPrQiuPdTCCMUuoVXvMp85wT4KqAdX1n9uEZhOwS3quhAqIhmvgoWq7O-Gbs5cdC-M6VFak
x-cache: HIT, HIT
fastly-io-info: ifsz=65369 idim=600x400 ifmt=jpeg ofsz=23276 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 23276
x-served-by: cache-iad-kiad7000053-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.988531,VS0,VE0
etag: "qOp0B9cWfy1/gM4dDZo30VlAwvzjiZwPKeIKt/7a5ys"
vary: Accept
x-goog-generation: 1708106479468330
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=pJHy7w==, md5=6pQy6Uv9UJIJw4y6mvB4wg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 65369
x-amz-checksum-crc32c: pJHy7w==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7, 127

GET
H2 200 16dc-impeach-01-jbmv-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2024/02/16/multimedia/16dc-impeach-01-jbmv/ 13 KB
14 KB 40ms
38ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/16/multimedia/16dc-impeach-01-jbmv/16dc-impeach-01-jbmv-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

adeba17e4b8783bd7b69ede340e3ccc2250ed4c582dd5ed188700ab2e6dcb57a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 21:43:41 GMT
date: Fri, 16 Feb 2024 23:53:48 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010246
age: 7807
x-guploader-uploadid: ABPtcPoLLrt3ZUzkTKe5uRdif8KwTNB3qJ9Hr3e3EKIWdtCIFpDiksOUYXm7gtsBftAORm-rh-XRLNgTJw
x-cache: HIT, HIT
fastly-io-info: ifsz=45421 idim=600x400 ifmt=jpeg ofsz=13612 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 13612
x-served-by: cache-iad-kcgs7200054-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.988654,VS0,VE0
etag: "F75j+osho+qlRBD4hAQsRiiyirejDEKcUK/HEeqpjiA"
vary: Accept
x-goog-generation: 1708119748533477
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=EXeElQ==, md5=JhbNUgG3ruge31e4CyF+og==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 45421
x-amz-checksum-crc32c: EXeElQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 19, 2

GET
H2 200 16money-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2024/02/17/business/16money/ 25 KB
26 KB 32ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/17/business/16money/16money-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

aea9122d7a4d8fdaec43e49ee79285560b358d2b0fc5bb3459bd2f9fef67220b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 16:56:07 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010246
age: 25061
x-guploader-uploadid: ABPtcPo6_DSuVLuwKjjFHYIQxkusEWC7dZg_CsxhZxBSePU8vJ7gGFdUkfXb_2hywaieMwtvVQ
x-cache: HIT, HIT
fastly-io-info: ifsz=58524 idim=600x400 ifmt=jpeg ofsz=25938 odim=600x400 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 25938
x-served-by: cache-iad-kcgs7200140-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.021681,VS0,VE0
etag: "somurn+mzDFRI0gGoxzmsFs2RkiLtegU17jxsIWcAvk"
vary: Accept
x-goog-generation: 1708102374829167
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=zmaojg==, md5=mRWAw3JdtBmCiAAUAW1CAg==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 58524
x-amz-checksum-crc32c: zmaojg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27, 2

GET
H2 200 16kristof-jvwp-square320.jpg
static01.nyt.com/images/2024/02/16/multimedia/16kristof-jvwp/ 8 KB
8 KB 32ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/16/multimedia/16kristof-jvwp/16kristof-jvwp-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0d522e30ac3af91c1f636e9aa75a4dfffa560ac173746e4a84d8463171c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 20:12:09 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010249
age: 13298
x-guploader-uploadid: ABPtcPony2vR7VLd1txlkJCQAEU8IXLNzYNXZcoHLmaqXiH7C6vurxvPvUPFZdnbYycV7ot_4_ZmaNzXnA
x-cache: HIT, HIT
fastly-io-info: ifsz=22638 idim=320x320 ifmt=jpeg ofsz=7798 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 7798
x-served-by: cache-iad-kjyo7100050-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.026303,VS0,VE0
etag: "ESdeCbpfJRAq/73F4PK5TGkZ9hPJ/0ULjFz4NQZWk2Q"
vary: Accept
x-goog-generation: 1708113610860338
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=FeGDpQ==, md5=8VWqjqYWlXFgBtiDx/i7ZQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 22638
x-amz-checksum-crc32c: FeGDpQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10, 177

GET
H2 200 lauren-kelley-author-thumbLarge-v3.png
static01.nyt.com/images/2020/06/21/opinion/lauren-kelley-author/ 22 KB
23 KB 35ms
35ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2020/06/21/opinion/lauren-kelley-author/lauren-kelley-author-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

16f8d035afb8104c5b417a2a866571402d99b56a20423fe26c0521eddfbfd97c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 20:12:09 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010249
age: 13298
x-guploader-uploadid: ABPtcPr5oYK7iPVdXnVnZ34ZAgBF8n8dEX2Nd4YE0tHzlSyrm-OUR0_lXt7JGhg5RB24Vq6UrDNeMtkrWQ
x-cache: HIT, HIT
fastly-io-info: ifsz=36528 idim=150x150 ifmt=png ofsz=22942 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 22942
x-served-by: cache-iad-kiad7000039-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.026690,VS0,VE0
etag: "FTYqhMRwkNslskXQIoX8EJ7WagwMPG7VuaOSTs6ihS4"
vary: Accept
x-goog-generation: 1652803876292399
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=KSaYqw==, md5=UIxgCZ08n/tix/LoF7/XkQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 36528
x-amz-checksum-crc32c: KSaYqw==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36, 241

GET
H2 200 bretstephens-thumbLarge-v6.png
static01.nyt.com/images/2017/08/27/insider/bretstephens/ 22 KB
22 KB 33ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2017/08/27/insider/bretstephens/bretstephens-thumbLarge-v6.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3ddb9b3f6d032fefd389b8f5cfe1872ddc516cd7fff513ce2ae1f693827d22ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 17 Oct 2023 09:00:50 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300712
age: 35404
x-guploader-uploadid: ADPycduC4Q6zsSpXJTWv7hPiuErfVS7xzU1wiCDTPdqVNZFHTo3B8_L3rFRoF6hQuWF7s5J53xI_8_2ivQSjnUvHy15FDZ3DF0RA
x-cache: HIT, HIT
fastly-io-info: ifsz=36769 idim=150x150 ifmt=png ofsz=22194 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 22194
x-served-by: cache-iad-kjyo7100139-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.026615,VS0,VE0
etag: "DpyvH9B/rcHObQhEkPKxhagWi3jcpoiKpXiAaw0NlUI"
vary: Accept
x-goog-generation: 1529443409814891
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Puz7UQ==, md5=Cs1fFi8uBbgByOJFeAHkKQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 36769
x-amz-checksum-crc32c: Puz7UQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 449

GET
H2 200 carlos-lozada-circle-thumbLarge.png
static01.nyt.com/images/2022/09/09/opinion/carlos-lozada-circle/ 18 KB
19 KB 35ms
34ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/09/09/opinion/carlos-lozada-circle/carlos-lozada-circle-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1c20d8aa7c1a6c58610714d07e81628ceaea258e0918a454071dabc7dd056a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 17 Oct 2023 06:42:18 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300709
age: 501052
x-guploader-uploadid: ADPycduuKDR_AazABTeejNrOJ0o6hI4hsd55v0GY6s3YZIfG4gPWGHbCMo6qXQ_Zu0cjQ1L8e1rEDkgbHwJnYh7X9Ddtuv_npEie
x-cache: HIT, HIT
fastly-io-info: ifsz=30567 idim=150x150 ifmt=png ofsz=18900 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 18900
x-served-by: cache-iad-kcgs7200132-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.028288,VS0,VE0
etag: "v3oSWin3OrgWynCsai8kegOJORbMq2GtWyPoR9OdfdY"
vary: Accept
x-goog-generation: 1683712804637311
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=te4Cyg==, md5=sRnYVp4CnTbwZgCyJgv2oQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 30567
x-amz-checksum-crc32c: te4Cyg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14, 822

GET
H2 200 16lozada-image-square320.jpg
static01.nyt.com/images/2024/02/18/opinion/16lozada-image/ 10 KB
11 KB 35ms
35ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/18/opinion/16lozada-image/16lozada-image-square320.jpg?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f6f5fab4be009d74585708cc673d1a3b6b3554c9446432ba96acb7e3aa037078

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 20:18:47 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010249
age: 12902
x-guploader-uploadid: ABPtcPrWcmjRrGBwveU-vTNJNMGtIvg6j66M_el6n3Gtnvv4W-0qVkeoLPvrCmf9DscjUU_s6Q
x-cache: HIT, HIT
fastly-io-info: ifsz=18669 idim=320x320 ifmt=jpeg ofsz=10438 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 10438
x-served-by: cache-iad-kjyo7100057-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.028451,VS0,VE0
etag: "Y/p8mZbyrwz4YLntq7LC6vzyps5Zvi6cT4J/vozaOjc"
vary: Accept
x-goog-generation: 1708101781674660
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=mQTwkA==, md5=SnT4mbXPA6kPb3rBwXkkhw==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 18669
x-amz-checksum-crc32c: mQTwkA==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 158

GET
H2 200 jamelle-bouie-thumbLarge-v3.png
static01.nyt.com/images/2019/01/24/opinion/jamelle-bouie/ 23 KB
24 KB 34ms
33ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2019/01/24/opinion/jamelle-bouie/jamelle-bouie-thumbLarge-v3.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

27dadccf6ff4838e33c512b7653eca84e25df6cd0bd09d2043c08961ac9bea2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 03 Oct 2023 02:27:07 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-mnz1300711
age: 368050
x-guploader-uploadid: ADPycdvVNP7Zc6v2nl-4jqRyh3yqsCOTWjA5CIMIClpKOK7M1pd_y7q3pLj8E8E2OoFNaaJU92KCfgVTwKIUMT6wrNkI1nYnFqyv
x-cache: HIT, HIT
fastly-io-info: ifsz=34916 idim=150x150 ifmt=png ofsz=23552 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 23552
x-served-by: cache-iad-kjyo7100125-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.054922,VS0,VE0
etag: "Q7jiqdX8VihjHUzCd6sOmM+nV5qqAHhcxlIYJyXbIyc"
vary: Accept
x-goog-generation: 1548949465273531
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=ygYpjg==, md5=gcLVzOkKxswJQb3t21U8jA==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 34916
x-amz-checksum-crc32c: ygYpjg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3668, 805

GET
H2 200 Peter_Coy_Final-thumbLarge.png
static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/ 19 KB
19 KB 38ms
32ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2022/02/27/opinion/author-peter-coy-2/Peter_Coy_Final-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d398b90b592b327e99a6d915c3a8b2896d03a3c6b617bb5cbbf555fa57ee9725

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Tue, 05 Sep 2023 16:32:49 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 315323
x-guploader-uploadid: ADPycduC9xqPJaEW5r8_fyUfHfuhkHXC6ar9BTOSAwkek--i5tfliBcSYkw97GobxxuXeDoUEMh3rWqtVOX6zPNlTy6VXQ
x-cache: HIT, HIT
fastly-io-info: ifsz=30899 idim=150x150 ifmt=png ofsz=19030 odim=150x150 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 19030
x-served-by: cache-iad-kiad7000050-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.064457,VS0,VE0
etag: "pKxVSvUhBTYCP2nV/TCQfl9L8Trc0nAOFrwQjd7jZzw"
vary: Accept
x-goog-generation: 1678306549211650
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=HcBmbg==, md5=a/NESZYrulE18m32Zyd6QA==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 30899
x-amz-checksum-crc32c: HcBmbg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 146, 204

GET
H2 200 16Hard-Fork-episodic-cats-square320-v2.png
static01.nyt.com/images/2024/02/16/podcasts/16Hard-Fork-episodic-cats/ 64 KB
64 KB 36ms
33ms Image
image/webp 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2024/02/16/podcasts/16Hard-Fork-episodic-cats/16Hard-Fork-episodic-cats-square320-v2.png?format=pjpg&quality=75&auto=webp&disable=upscale

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e26058f9c872dded15a2891a1a7e0387a8ccf6d942837993eadd8a92a6241154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 16 Feb 2024 17:37:03 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
fastly-io-served-by: vpop-kiad7010226
age: 22606
x-guploader-uploadid: ABPtcPqPG3mIBrNKK9uU-3bBkI7XaY9yJOT4q9aWipyZrwbIQ-YTohpuFN8heqQVdwNjCv_SfCQ
x-cache: HIT, HIT
fastly-io-info: ifsz=99305 idim=320x320 ifmt=png ofsz=65134 odim=320x320 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 65134
x-served-by: cache-iad-kjyo7100044-IAD, cache-mia-kmia1760080-MIA
server: UploadServer
x-timer: S1708127629.065228,VS0,VE0
etag: "T1JUoH7FvJJ66ag/qIAT4NLqSMe7Fb7VrIM6qjRQQB0"
vary: Accept
x-goog-generation: 1708048640133914
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=pyiePQ==, md5=o4eK/Fzdo+dfaFWw/Tqhiw==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 99305
x-amz-checksum-crc32c: pyiePQ==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 14, 184

GET meter.js
meter-svc.nytimes.com/ 0
0

OPTIONS
H2 405 meter.js
meter-svc.nytimes.com/ Frame 0
0 213ms
74ms Preflight 44.195.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fs3.pardad-trading.com%2F&referer=https%3A%2F%2Fs3.pardad-trading.com%2F&pageviewID=OiyYUgBY_6wQCgNJRtdSgojt&MessageSelectionAPI=real

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.195.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-146-220.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-nyt-internal-meter-override
Access-Control-Request-Method: GET
Origin: https://s3.pardad-trading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-length: 0
date: Fri, 16 Feb 2024 23:53:49 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
via: 1.1 google
x-envoy-decorator-operation: meter-svc.nytimes.com:443/*
x-envoy-upstream-service-time: 17

GET
H2

200

activityi;dc_pre=CNqAz6SHsYQDFcC2AAAdHlED-w;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=352676510.1708127629;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=no...
5290727.fls.doubleclick.net/ Frame FFEA
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=352676510.1708127629;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CNqAz6SHsYQDFcC2AAAdHlED-w;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=352676510.1708127629;u17=https%3A%2F%2Fs3.par...

564 B
518 B

104ms
103ms

Document
text/html

142.251.40.230

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CNqAz6SHsYQDFcC2AAAdHlED-w;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=352676510.1708127629;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=noapi;gtm=45He42e0v72703797za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs3.pardad-trading.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.230 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s3.pardad-trading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 315
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:53:49 GMT
expires: Fri, 16 Feb 2024 23:53:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 23:53:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNqAz6SHsYQDFcC2AAAdHlED-w;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=352676510.1708127629;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=noapi;gtm=45He42e0v72703797za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs3.pardad-trading.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 233ms
73ms Script
application/x-javascript 2600:9000:24f1:1600:18:1fcd:353:c61

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:1600:18:1fcd:353:c61 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 19:05:03 GMT
content-encoding: gzip
via: 1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:04:59 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 17326
etag: W/"65838f3b-11b0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: mJzx7qBLWvVhHpHE06H0oOtIzdihiaO5xG8wxiQdo_bXddLgvTWuBA==
expires: Sat, 17 Feb 2024 19:05:03 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
481 B 43ms
33ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Fri, 03 Feb 2023 05:46:10 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 57125
x-guploader-uploadid: ADPycdtjsmE2ICVIHSb7QJIooj9C3ooKmyI_oHmScreRwweaj0y_HtjPAb6r4E4go2UTjIfkbtHxq5hJwFFKyHtcAl78KE6PGa1F
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-mia-kmia1760080-MIA
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1708127629.158318,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1640215841852360
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 8437

GET
H2 200 comscore-streaming.js Show response
a1.nyt.com/analytics/ 103 KB
19 KB 41ms
31ms Script
text/javascript 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/comscore-streaming.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Thu, 30 Mar 2023 05:47:04 GMT
date: Fri, 16 Feb 2024 23:53:49 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 60759
x-guploader-uploadid: ADPycdu5aboERq8SBOffIq0Rm5gnlya54qEahmMwUJKY8zxEX-PusSwrkXsuhsRS3dYBg8jXzMx0ivKjxF60DPN0tvhLHA
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 18717
x-served-by: cache-mia-kmia1760080-MIA
last-modified: Wed, 22 Dec 2021 23:30:41 GMT
server: UploadServer
x-timer: S1708127629.158318,VS0,VE0
etag: "04e0b9556a78ce5cedf86a34e5483036"
vary: Accept-Encoding
x-goog-generation: 1640215841902856
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 105675
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 8167

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 5 KB
3 KB 125ms
44ms Script
text/javascript 2606:4700:20::681a:d12

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d12 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 062ca1252e35b1dded0e404cac8925e32b9b82879171af32233b075027c30126

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:49 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 16 Feb 2024 23:37:49 GMT
server: cloudflare
age: 960
cf-polished: origSize=5357
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvHZU78Tn%2Fw8DRJSAwYUOzENU5pDKj7GrWab8XCfEuBBTBV7vTUND8c%2F70zatZSpNMjCKxFMNsAcyHxfUW341y6Qsdec4VNn9kJvJdqKEV9fiBJaXg3VVjuTdizn8p7vJ3EBD0qB6D1oGjY%2BE0SIE9hX"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8569b652a82d0355-MIA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

POST v2
samizdat-graphql.nytimes.com/graphql/ 0
0

POST
H2 200 track
a.et.nytimes.com/ 0
0 137ms
136ms Ping
text/plain 44.195.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-146-220.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 106ms
106ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest,x-nyt-targeting-dimensions-map
Access-Control-Request-Method: POST
Origin: https://s3.pardad-trading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest,x-nyt-targeting-dimensions-map
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset,x-nyt-geoip-map
access-control-max-age: 300
age: 0
content-length: 0
date: Fri, 16 Feb 2024 23:53:49 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: MISS
x-cache-hits: 1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 44
x-nyt-audience-target-flat: NA:PM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: MISS
x-nyt-meridiem: PM
x-nyt-region: NY
x-samizdat-query-exe-id: ad1a197b7c2a2ce0
x-samizdat-query-field-errors: 0
x-served-by: cache-mia-kmia1760097-MIA
x-timer: S1708127630.565116,VS0,VE73

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 88ms
88ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest,x-nyt-targeting-dimensions-map
Access-Control-Request-Method: POST
Origin: https://s3.pardad-trading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest,x-nyt-targeting-dimensions-map
access-control-allow-methods: GET,POST
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset,x-nyt-geoip-map
access-control-max-age: 300
age: 0
content-length: 0
date: Fri, 16 Feb 2024 23:53:49 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 44
x-nyt-audience-target-flat: NA:PM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: PM
x-nyt-region: NY
x-samizdat-query-exe-id: 99a19ed6bda8fb4b
x-samizdat-query-field-errors: 0
x-served-by: cache-mia-kmia1760097-MIA
x-timer: S1708127630.582106,VS0,VE56

GET
H2 200 65568.js
cdn.brandmetrics.com/scripts/bundle/ 49 KB
16 KB 412ms
412ms Script
text/javascript 2606:4700:20::681a:d12

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=s3.pardad-trading.com
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d12 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 23:53:50 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 23:53:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cw8i7B%2F5YatJE8360DGhrKHMwiAWRvje5mCGVJFIDfjQE3Zu2I2vwKjuHhRniKpxcTaelBuBHsI76loG9NRYWUzGpgFSTVo4ra2AyeWyeHFJd04dva3cFHjDf6n74gGkRa%2F9wWQbGmhYl6Z61sKZyW5F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8569b655fbe10355-MIA
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 177ms
57ms Image
image/gif 18.204.98.167

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=B6Hw8aDULJuIBjsON0&d=s3.pardad-trading.com&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12090&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fs3.pardad-trading.com%2F&b=11246&t=CZCNW7Cu9C3aWu3o_DeCurxDkyH4k&V=143&i=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&tz=600&sn=1&sv=TMcqIDuuBQkDGhvItD49pb4DB-lvq&sr=external&sd=1&im=06672fd3&_
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.98.167 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s3.pardad-trading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Feb 2024 23:53:49 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 dc_pre=CNqAz6SHsYQDFcC2AAAdHlED-w;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=*;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=noapi;gtm=45He42e0v72703797za20...
adservice.google.com/ddm/fls/z/ Frame FFEA 42 B
401 B 231ms
97ms Image
image/gif 2607:f8b0:4006:823::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNqAz6SHsYQDFcC2AAAdHlED-w;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=*;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=noapi;gtm=45He42e0v72703797za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs3.pardad-trading.com%2F

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CNqAz6SHsYQDFcC2AAAdHlED-w;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8409658510917;npa=0;auiddc=352676510.1708127629;u17=https%3A%2F%2Fs3.pardad-trading.com%2F;u5=;u18=;pscdl=noapi;gtm=45He42e0v72703797za200;gcd=13l3l3l3l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fs3.pardad-trading.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 84ms
83ms Ping
text/plain 44.195.146.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.195.146.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-146-220.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://s3.pardad-trading.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET c.js
collector.brandmetrics.com/ 0
0

GET
H2 200 dc_oe=ChMIoZv7oIexhAMVOBxoCB1_1AuJEAAYACCz_6phQhMI9rq6oIexhAMV1g-KAx1biAXS;dc_eps=AHas8cCdIULG13wfvUmk6hDbff9RjBIFkNFOBj-a3MzbyKj_OhX5CfufsoW1l52NOZqm-XMY1staSTN31xD9EoyV;met=1;&timestamp=170812763...
ade.googlesyndication.com/ddm/activity/ Frame 7FD0 42 B
107 B 131ms
130ms Image
image/gif 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoZv7oIexhAMVOBxoCB1_1AuJEAAYACCz_6phQhMI9rq6oIexhAMV1g-KAx1biAXS;dc_eps=AHas8cCdIULG13wfvUmk6hDbff9RjBIFkNFOBj-a3MzbyKj_OhX5CfufsoW1l52NOZqm-XMY1staSTN31xD9EoyV;met=1;&timestamp=1708127630289;eid1=2;ecn1=0;etm1=7;eid2=12;ecn2=0;etm2=7;eid4=14;ecn4=1;etm4=0;eid6=16;ecn6=1;etm6=0;eid8=960584;ecn8=1;etm8=0;eid10=18;ecn10=1;etm10=0;eid12=960585;ecn12=1;etm12=0;eid14=13;ecn14=1;etm14=0;

Requested by

Host: be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
URL: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 23:53:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: als-svc.nytimes.com
URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web

Domain: s3.pardad-trading.com
URL: https://s3.pardad-trading.com/vi-assets/static-assets/icon-the-morning_144x144-b12a6923b6ad9102b766352261b1a847.webp

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: purr.nytimes.com
URL: https://purr.nytimes.com/v1/purr-cache

Domain: a.nytimes.com
URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1708127628647&referrer=&sourceApp=nyt-vi

Domain: meter-svc.nytimes.com
URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fs3.pardad-trading.com%2F&referer=https%3A%2F%2Fs3.pardad-trading.com%2F&pageviewID=OiyYUgBY_6wQCgNJRtdSgojt&MessageSelectionAPI=real

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: samizdat-graphql.nytimes.com
URL: https://samizdat-graphql.nytimes.com/graphql/v2

Domain: collector.brandmetrics.com
URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=s3.pardad-trading.com&rnd=3447679

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 20:38:23	Name: sync Value: CgkIOhDAudyi2zE=
.nytimes.com/	1970-01-21 03:14:23	Name: nyt-a Value: hspq0k-uFa1r0cltRo252rQx
.et.nytimes.com/	1970-01-20 18:28:49	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-21 03:14:23	Name: sessionIndex Value: 1\|1708127619655\|hspq0k-uFa1r0cltRo252rQx\|1708127619655
.et.nytimes.com/	1970-01-20 18:30:14	Name: et-ppvid Value: https://s3.pardad-trading.com/=OiyYUgBY_6wQCgNJRtdSgojt
.pardad-trading.com/	1970-01-21 03:50:23	Name: __gads Value: ID=585d549391d04d4f:T=1708127620:RT=1708127620:S=ALNI_MaWA5HdTwEfYxkmHmbhSS4deyWyzQ
.pardad-trading.com/	1970-01-21 03:50:23	Name: __gpi Value: UID=00000dca9374328d:T=1708127620:RT=1708127620:S=ALNI_MZj4mxjideF63uC5IrnE9sZE__4Lg
.pardad-trading.com/	1970-01-20 22:47:59	Name: __eoi Value: ID=6a54ab04435b414d:T=1708127620:RT=1708127620:S=AA-AfjYHozxjLdMgERpNvy1neQ4D
.openx.net/	1970-01-21 03:14:23	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:14:23	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 04:04:47	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 03:14:23	Name: khaos Value: LSPB2ZOW-K-AJY1
.rubiconproject.com/	1970-01-21 03:14:23	Name: audit Value: 1\|mFVHqHkj5bE9rCXAyq/BfaS5Bv7H1ouoxdnNVF8ci15A73ETsg0wvQ8q+B4gA2Me7NRNcAw6Ih7E+s7MgCQsVzOAeVvN3U5AHBx5r9vc1LMvwZjshXb9VyKPLRELhl3xG7JtXJVTTK0=
.doubleclick.net/	1970-01-21 04:04:47	Name: IDE Value: AHWqTUnlWq9kUAY3vaDw_Kj5F-0XrS7cRFE4sta2XFh0mI_YDbFh7js5kujCDQ7p
.adnxs.com/	1970-01-20 20:38:23	Name: XANDR_PANID Value: X8DFjzDf61O-gKq5drwDHvLYWUe7RVRqPoxkMEtmLi8LbPIw4a7VJMYyq7gkSYhw2-o641Z7N2pp5hmmNkfyuGcLaAQ3tuxAsJhCEaZYipg.
.adnxs.com/	1970-01-20 20:38:23	Name: uuid2 Value: 677985985708994855
.casalemedia.com/	1970-01-21 03:14:23	Name: CMID Value: Zc-1hdHM5EgAAA1lAAMsngAA
.casalemedia.com/	1970-01-20 20:38:23	Name: CMPS Value: 2690
.casalemedia.com/	1970-01-20 20:38:23	Name: CMPRO Value: 2690
.doubleclick.net/	1970-01-20 22:47:59	Name: APC Value: AfxxVi48SKT09cM-LYBMbnQB1KtdcwbNSpEVRCPmlrIot5BfYN6aEA
.doubleclick.net/	1970-01-20 22:47:59	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:38:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaQrNj4N!@wnfH8K6pQK`!5=E<L5?%K<hqyM%/kH]a2FBkidUvw_fx<VY:'o8KwhR$n%nugO%v4VB%nnsq)#A:
.openx.net/	1970-01-21 03:14:23	Name: i Value: 7255c8c9-a907-0167-1674-d5924bd9f177\|1708127624
.3lift.com/	1970-01-20 20:38:23	Name: tluid Value: 197134576253653410717
.pubmatic.com/	1970-01-20 18:30:14	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 20:38:23	Name: SyncRTB3 Value: 1709251200%3A220
.pubmatic.com/	1970-01-21 03:14:23	Name: KADUSERCOOKIE Value: 27FC001B-B1A0-4141-9C19-63BFB48285B2
.media.net/	1970-01-21 03:14:23	Name: visitor-id Value: 3511292241524215000V10
beacon.lynx.cognitivlabs.com/	1970-01-21 03:15:50	Name: UID Value: eff7afa8-5a7f-4bf0-9f23-5735c1b069e2
beacon.lynx.cognitivlabs.com/	1970-01-21 03:15:50	Name: ss Value: V7YCCbIP2hSgRVvMxREmPOLv6vgupQ37WcVsASQJInmh6SqTqDwXIpPYYoq5abW8NfTociUqRC35vVt8I4uwrQ%3D%3D
.adsrvr.org/	1970-01-21 03:15:50	Name: TDID Value: da92c6fa-f3fb-4da8-a710-e66088258e8f
.scorecardresearch.com/	1970-01-21 04:04:47	Name: UID Value: 109c3ba4df3b622093a61641708127625
.pubmatic.com/	1970-01-20 18:30:14	Name: pi Value: 163427:3
.pubmatic.com/	1970-01-20 20:38:23	Name: chkChromeAb67Sec Value: 2
.adsrvr.org/	1970-01-21 03:15:50	Name: TDCPM Value: CAESFgoHc3Z4OXQ1MBILCJ6-8bOR1dc8EAUYBSABKAIyCwi-9KXgp9XXPBAFOAE.
.s3.pardad-trading.com/	1970-01-21 03:14:23	Name: datadome Value: mjOGlqKMmWD_dRP0dFl8rzecstjf11mQqfFbgKFJLxrGLNaKmxHk8Zsk8ea8PtyRYH_w5wogjw87LXgUnGA5s6ohJhAoiRPMH8cWEA~qouxrouxfnOs3mBJNYSOCI8a3
s3.pardad-trading.com/	1970-01-20 18:28:48	Name: _dd_s Value: rum=0&expire=1708128519888

140 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
javascript	error	URL: https://s3.pardad-trading.com/(Line 266) Message: Access to XMLHttpRequest at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://s3.pardad-trading.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://s3.pardad-trading.com/(Line 266) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/(Line 266) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/(Line 266) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/(Line 266) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://s3.pardad-trading.com/ Message: Access to XMLHttpRequest at 'https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web' from origin 'https://s3.pardad-trading.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=s3.pardad-trading.com&t=5693759&v=1.720.0&sl=0&si=898e5dd4-22a8-4c60-8280-cd414bb83b36-s8z3pf&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao= Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://s3.pardad-trading.com/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://s3.pardad-trading.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://s3.pardad-trading.com/ Message: Access to fetch at 'https://purr.nytimes.com/v1/purr-cache' from origin 'https://s3.pardad-trading.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://purr.nytimes.com/v1/purr-cache Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://s3.pardad-trading.com/ Message: Access to fetch at 'https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1708127628647&referrer=&sourceApp=nyt-vi' from origin 'https://s3.pardad-trading.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1708127628647&referrer=&sourceApp=nyt-vi Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://s3.pardad-trading.com/ Message: Access to fetch at 'https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fs3.pardad-trading.com%2F&referer=https%3A%2F%2Fs3.pardad-trading.com%2F&pageviewID=OiyYUgBY_6wQCgNJRtdSgojt&MessageSelectionAPI=real' from origin 'https://s3.pardad-trading.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&messageComponentLibraryFallback=true&url=https%3A%2F%2Fs3.pardad-trading.com%2F&referer=https%3A%2F%2Fs3.pardad-trading.com%2F&pageviewID=OiyYUgBY_6wQCgNJRtdSgojt&MessageSelectionAPI=real Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://s3.pardad-trading.com/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://s3.pardad-trading.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://s3.pardad-trading.com/ Message: Access to fetch at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://s3.pardad-trading.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://samizdat-graphql.nytimes.com/graphql/v2 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://s3.pardad-trading.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
aax.amazon-adsystem.com
ade.googlesyndication.com
adservice.google.com
als-svc.nytimes.com
be75c4eac280354fe60b71776977de59.safeframe.googlesyndication.com
beacon.lynx.cognitivlabs.com
c.amazon-adsystem.com
c.go-mpulse.net
cdn.brandmetrics.com
cm.g.doubleclick.net
collector.brandmetrics.com
config.aps.amazon-adsystem.com
cs.media.net
dd.nytimes.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
fastlane.rubiconproject.com
g1.nyt.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gw.geoedge.be
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image8.pubmatic.com
match.adsrvr.org
meter-svc.nytimes.com
nytimes-d.openx.net
pagead2.googlesyndication.com
pnytimes.chartbeat.net
prebid.media.net
purr.nytimes.com
r5---sn-q4flrnss.c.2mdn.net
rtb.openx.net
rumcdn.geoedge.be
s.go-mpulse.net
s0.2mdn.net
s3.pardad-trading.com
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tlx.3lift.com
tpc.googlesyndication.com
www.datadoghq-browser-agent.com
www.googletagmanager.com
www.nytimes.com
a.nytimes.com
als-svc.nytimes.com
collector.brandmetrics.com
meter-svc.nytimes.com
purr.nytimes.com
s3.pardad-trading.com
samizdat-graphql.nytimes.com
104.126.112.26
104.36.115.111
108.138.115.149
108.138.129.160
108.139.47.50
142.250.176.194
142.251.40.162
142.251.40.226
142.251.40.230
15.197.193.217
151.101.129.164
151.101.193.164
172.64.151.101
18.164.92.122
18.173.132.21
18.204.98.167
18.215.133.183
18.238.55.30
2600:141b:1c00:239e::11a6
2600:141b:1c00:991::11a6
2600:9000:210b:9400:10:43f:4352:ad61
2600:9000:24f1:1600:18:1fcd:353:c61
2600:9000:2511:4000:4:b37b:9440:93a1
2602:803:c002:200::32
2606:4700:20::681a:d12
2606:4700:3032::6815:492d
2607:f8b0:4000:1d::a
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:820::2008
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2002
34.120.63.153
35.186.253.211
35.244.159.8
44.195.146.220
52.223.22.214
54.152.40.140
68.67.160.26
8.28.7.82
8.28.7.83
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
04247f45e4298b818db5d6161620f2b9ee1d782aa4560a45f5765c41c672d6a8
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
060781fa94ff26d6e15c96edb5c7a7575c6429a8a1611e41d6b2b6fc6e193c60
06276214001978a8f3382e91ec5fadf2bd507f174f950e8cdeca4a0e91f170a9
062ca1252e35b1dded0e404cac8925e32b9b82879171af32233b075027c30126
06abbcbe5c50e81836c65a2e515c1d9ad4a4d029ca737daae096029afd10dba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
095a2050fffeee67efcc5dffaa579dd76fe3916b3de4c384aa037acca45d9c9f
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d522e30ac3af91c1f636e9aa75a4dfffa560ac173746e4a84d8463171c2ab7e
0d83283563d7c546842e4e2bef1ecdee3db0ade306ef9fc7bf717b87e2107ac3
0ec26b35d4044489e7b6c6082f96a3a28e206908113984445109b4fa282e5590
12a926c240c96cbacb470bee74292212b03a1c43ceee77aeefbbc5ae579c0e0a
12b4ba58997eee741713199cbc4d2c4965fafe70163c7c52639bd2e2e8304017
15f958de8a4e7d9ad46450991efe4d0248f5f2e865e4956b8ff14b6e907bbe9c
161376c4f90d4e97682e18c3363465dd9dffd7c346a24961b1b563862f59bd09
16f8d035afb8104c5b417a2a866571402d99b56a20423fe26c0521eddfbfd97c
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1c20d8aa7c1a6c58610714d07e81628ceaea258e0918a454071dabc7dd056a73
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9
21f3ae79c2fc30acb895a1b39fc7bdef8f6c2a426221181949f04fca836ab8c6
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
264062387185aeac238d90328f12342a4dac123baa47d7981dc2797a43dd39ea
27141b3b405cc996997629f3e4e561247b42b1bdbbb9e3a53b09c45bd5c5d135
27dadccf6ff4838e33c512b7653eca84e25df6cd0bd09d2043c08961ac9bea2b
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
299d2fa755a26bd5007a26fdf65958b73598c74456b1d81cd72244e54b8a6dcd
299fe4cb399d6f400ea1117ee107768dd59304e3b970633836c97fdb523af76a
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2a39dd2226649d9c999542a2ca99d429bbfb2d97a685719f1919e5bd8b4c2789
2a8518a77b008a6c0a9e16b7736058745205557a04b8301f24437b9dc6f3d63d
2ded6ccf52893dda8d7ff261b54805bf7a6d9a225d44ceca138c4295c57d742d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
352b9e243c2e3a49a49cb8bc8df84d0a04183bbc3eac33a0476c9a11ff9e352d
3a97d7e2b2a744b06c4860981b48cf1a6f1a4046e48270bf825cf9a90b1f3636
3c3bb445a65f00a954fc1e0d957690acc408f2e9904ef44d033e87f65e7160fa
3ddb9b3f6d032fefd389b8f5cfe1872ddc516cd7fff513ce2ae1f693827d22ca
3e99cc00c52afca0a9c6a4bcbc440dec602e194e04eba329850b57c16283779e
3fb755d89de8cad5b50e4838f2291dbc0c472cbe037bb68b19b19b6825af404b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
51197621ba8ef63f68344b123f60747feb5c165843fa811b22be90ccc5e65270
53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd
560840d26c66d01e35e8257c2599e4d6ff81fb45082ac051cbfb0fb835657951
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
565fcf8b6b7bee6091a9114e8ce2a2f1ff02524d9674515742bf1cfcf996784c
566e55891061ccfbd69982d4ee1d498867708ffc198fe7ca24ccc99d58684cb7
577daca611b9ae7cc68fd26e230bd20d1f5659998cf988fccab9eb17bf7bd1fc
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
582271ab44e600ff98c4864b742cc59b58bd4d05ff973d437aa7676c967e709f
5bcbb026b99cf9c89f233879e5ee670e4cebd4c46a64bbf2bb0e182d7de12a18
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e1b9e32d9e81e71e32708dbcceac353d76dede97da2f2e172e0f4d6f3f025a2
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
612414151e0b7f8ab5b7e572fe287acf1202084cda302adb8522397f462ba305
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
6363d303f406249bb62751e517e8a0c94bb17993cfaeac3e8433f7caddba09cb
640a9138e66deb5b745997e8dbe0be6e4c32d82da5710f9cea8afb0bee2f3bbf
710b0655ed9250d40b111427e60ad0da542fe4e1acf5fc6967224e12467b8601
7184f94de6059eb2acabe5ca2b8d4dee7ce2817a5c69de917b8c987a38a58c60
719314f680a79defc6c02a7dbaff63da48911cbf418614226bde044fb02e065d
71a584be241ef2568e1b8427d3f2d2a3b2a1d44edab90cc151f716b2fd9f20f9
71b2f4fee2ed4163e1ef309ca22a8a108aab0ba7cfb535d38b33c1ec3718836a
7a905d4591de7626a94a888326be987c8e7cd2f6fa1214ada8ac083a4b862a98
7c11193952e3a7f5c5887a688239ba863628181c0a55f8bc3ab687ff755c1a33
7daf755b623cb0003b375d09763a1ba0ef903621de9b28dbc95ced9d53c3fdc7
7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47
7e76ec11f2baa0f7948d92891718df73970877050a5b48e2b6fb9b340378a2d1
815e85139cc9a73d4233ca7620d3aea96bd46da73c96ef98f9f6217747252861
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
866dec1b8c54b367961beada053c99d6f73e4d030dee6d2defd4f60fc0bf548e
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a6bd1e9706f15358fb636bb52f69b755d936a79adc1e5056c439cd59cbb41ee
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8aca80728030390ca27a845ca99c8e6bd9174aea22b4060971d1a0ea9a8e9454
8b3353c94bbef2e39f1553d70d7bfef002992de5611f1d6cdca16b0f6b8256a4
8b84ebfbd15694400df12827c578baf3e0d64b86b13222a7d27a536e236dcb6c
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91d37ec009efbb7a2154cc2ac274079ca119744e92aca0cec9620a2e4b1544de
922a4c224d2a5acba49effd511ac46c69297624b2ce0c0477530b9bb2d8487d5
9377e1ed8c646a7ae8b8b570821baf287765c047e9dab20fa71a4eb76a40c294
94d8b663df54b8d00643cb8a84823af0a5bd93c3e491e227b7996246e1677373
9598017c8fd717e1850704f5ecc3acce7888e24b9a152ed5557dad1003efa2ba
985aac7d49c194276a9409a009e38ec2c82f3f607c26b9358b23d48ed004c284
99013b5f831f3762b1a2648e07bb3116d914c5b1539bdf4fe0634602cc26b19e
9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47
9d3d35030623ff78afd1dc13072790a8ed2f9f8c0151aa1217a72e9640e0d811
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3024aade119b2b7ba1a34ca5bec9c6c51b7fbeebd92d50627692a7ca6ce155a
a4a061d70f2bd491690c7747089ed0ec49b8cd9a06cff94f9f31658214a5547e
a67ec15e20b12efff4c0dab67f909e2c7e08f8f7cc348d5c072e5e179b0f7290
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a742a2af7c3bd1cab7c1cd0bddb1026dba2abb8c0b80f14c881a034854db962b
a79b0d41335a1e325af898d3d59f0a69cc6e2098b8aa73ed1b185865c8c31914
ac3c156a0e6cc290e315b2cf97ce75c4ce23417e33628e964196ea3fcd2cfffb
ad01b93ecf6b0b442902d27ae93b6af83a92784a05455b81490512a3d5d8b08b
adeba17e4b8783bd7b69ede340e3ccc2250ed4c582dd5ed188700ab2e6dcb57a
aea9122d7a4d8fdaec43e49ee79285560b358d2b0fc5bb3459bd2f9fef67220b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b269e60631d21a2199890fae144fc3d6160f27733c871b2952c1e3b7e48fff9d
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b49a5061864b4b935b6055a17db8704dfb40f092ab777c9e2d578f195fc7c38c
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b7edead72d48e3c090460d631d9b26d325ebf5f05d7da28964d0fce385241199
ba57e9fe37374aae1060174b2a0150a2fca11878eef5c4f3e1d964ec10b345c9
babddd6b42eb3aead6829b35241af5c8f275fec1dad7412d2a538a4d78652b4e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5e8eef5efe4f00b4a4bb3df651d1418ecf8072ec98393dd773454f814f477c
bcbbfe66a2e17c1dbc127ccea0f4fec035d42d51d1741332275026e291d79be8
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e
c08bc6659261089e2775d7b93bbe0c826b9c8403bbbb9e45a8a4c0e514f99ec5
c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e
c5c40c179e117c7a2737f3ce285628c46e847a9bc8c129b1998a6f28ff598a74
c86173bc54fd2bcb7df476bff9ea9caefac3ebc91b21a219421682636056a6a1
ca8f9fcd91869d8dd034dd0bf198fea7200f1fb83025d4f597a963878a35eb0f
d1582496f5a3dfc8ea0f003dca762b94a11141461cd2df63f79cf685b7e6fac7
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d398b90b592b327e99a6d915c3a8b2896d03a3c6b617bb5cbbf555fa57ee9725
d3e01a24e357418c6b81f191cdc6fedf29f78d0b8002725c1f9b3e2d4d9233cf
d8757f6bdce85810dccd86c70096aa15e596386c246a7819e3182346b253241b
da37ff8a4d532b80e17c2fdc4f1efb26c7ab3ac4ac9dddb019eafba35f9ec1d4
dca6cb4eddb8011fd900ed609b91b1a4f372aa00201c2e97bfd4474564371478
dde90ebdfc76ccb5ecccc016ad9e5bc96114e32fc6339dc231fbe44bb3a38c3a
de7410d31f6225b3e8b4bc2a303909303618b23683740fcb2bc847c910cd3e79
de9e0de16743ce5453503ea556a0a9d39b834ff4b765aa1161621e840cdf4715
df74bc4a8c5cd98f22fc887736d160b0df363071f2514c166d8e9c9d4052704d
e26058f9c872dded15a2891a1a7e0387a8ccf6d942837993eadd8a92a6241154
e33b8407c21f47e7c990edcb66dcf85406e8955ea0f85432539d5b706870cbc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e4e53fef7b814459a9d88a90513e6df308bd0aec7f2c0d58f5813246783f23ca
e5c7cddb6992e0cf8ad0d1ee0816b9ddf4052766a4117a28a3960f529d22cd86
ea53a803218d6d1043ee9e296f0c51573db4b9c516e399c6fed031d64d2b2321
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebce0ebf21d54cc042f2dba30740eeb2c4223b27ffcc2e714ffd0f1758f46a12
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1fd7964d738926046b207a7c8ac57250afdefabc84fe7efc836766f7bd5dbef
f4cd85fa783c1faa16a76e3d00b04db35bc35dc079dda367b8ee7956f1cea4fd
f6f5fab4be009d74585708cc673d1a3b6b3554c9446432ba96acb7e3aa037078
f92d409454f07d130a17a8a40694683700fa7908f77519aa3fd6ed6bf08a43af
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

s3.pardad-trading.com Open in urlscan Pro 2606:4700:3032::6815:492d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

234 Requests

91 %HTTPS

39 %IPv6

25 Domains

55 Subdomains

41 IPs

1 Countries

4808 kBTransfer

11769 kBSize

37 Cookies

298 Outgoing links

Redirected requests

234 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

s3.pardad-trading.com Open in urlscan Pro
2606:4700:3032::6815:492d Public Scan

Screenshot
Live screenshot

Full Image

234
Requests

91 %
HTTPS

39 %
IPv6

25
Domains

55
Subdomains

41
IPs

1
Countries

4808 kB
Transfer

11769 kB
Size

37
Cookies

234 HTTP transactions
3 data transactions