www.nytimes.com Open in urlscan Pro
151.101.129.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Submission: On August 31 via manual (August 31st 2023, 4:10:48 am UTC) from US — Scanned from US

Summary HTTP 217 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 63 IPs in 5 countries across 52 domains to perform 217 HTTP transactions. The main IP is 151.101.129.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 3869.
TLS certificate: Issued by Thawte RSA CA 2018 on March 22nd 2023. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
10	44.211.112.71 44.211.112.71	14618 (AMAZON-AES) (AMAZON-AES)
8	151.101.193.164 151.101.193.164	54113 (FASTLY) (FASTLY)
2	2600:9000:25f... 2600:9000:25f5:1600:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.160.3.135 3.160.3.135	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:402... 2607:f8b0:4020:805::2002	15169 (GOOGLE) (GOOGLE)
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.36.115.111 104.36.115.111	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	54.86.50.125 54.86.50.125	14618 (AMAZON-AES) (AMAZON-AES)
4 5	68.67.161.208 68.67.161.208	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.39.155 104.18.39.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2602:803:c002... 2602:803:c002:200::113	26667 (RUBICONPR...) (RUBICONPROJECT)
2	108.156.180.227 108.156.180.227	16509 (AMAZON-02) (AMAZON-02)
4	3.160.5.49 3.160.5.49	16509 (AMAZON-02) (AMAZON-02)
1 3	3.160.5.46 3.160.5.46	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:13::239 2620:1ec:13::239	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.3.42.214 52.3.42.214	14618 (AMAZON-AES) (AMAZON-AES)
2 17	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 2	172.217.13.198 172.217.13.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:25f... 2600:9000:25f3:7800:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:d12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11 11	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
6 6	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1	104.126.116.136 104.126.116.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
1	54.197.82.237 54.197.82.237	14618 (AMAZON-AES) (AMAZON-AES)
1 4	23.52.158.180 23.52.158.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3 11	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2	72.247.71.192 72.247.71.192	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.205.62.23 23.205.62.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 5	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
1	20.40.202.2 20.40.202.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:141b:13:... 2600:141b:13:78d::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10 13	172.217.13.162 172.217.13.162	15169 (GOOGLE) (GOOGLE)
10 10	35.211.178.172 35.211.178.172	19527 (GOOGLE-2) (GOOGLE-2)
1	2606:4700:10:... 2606:4700:10::ac43:8ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2620:116:800b... 2620:116:800b:21:f059:4f7e:28a9:1588	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.194.66.159 35.194.66.159	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7 7	52.23.46.39 52.23.46.39	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2600:1f18:4e9... 2600:1f18:4e9:5a05:dd64:d7a:647:2f6e	14618 (AMAZON-AES) (AMAZON-AES)
2	104.36.115.113 104.36.115.113	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	8.43.72.97 8.43.72.97	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2607:f8b0:402... 2607:f8b0:4020:807::2001	15169 (GOOGLE) (GOOGLE)
7	18.116.227.71 18.116.227.71	16509 (AMAZON-02) (AMAZON-02)
4 5	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	40.76.134.238 40.76.134.238	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 6	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.167.164.37 185.167.164.37	198622 (ADFORM) (ADFORM)
4 4	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	67.220.228.203 67.220.228.203	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:141b:13:... 2600:141b:13:79f::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	23.204.152.211 23.204.152.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:141b:13:... 2600:141b:13::17d7:82bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	3.139.115.72 3.139.115.72	16509 (AMAZON-02) (AMAZON-02)
4	34.117.228.201 34.117.228.201	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.211.118.13 35.211.118.13	19527 (GOOGLE-2) (GOOGLE-2)
2	23.205.60.185 23.205.60.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	8.28.7.82 8.28.7.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	8.28.7.84 8.28.7.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	199.38.167.130 199.38.167.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 2	54.159.93.151 54.159.93.151	14618 (AMAZON-AES) (AMAZON-AES)
4 4	2606:ae80:145... 2606:ae80:1451:20::1690	25751 (VALUECLICK) (VALUECLICK)
1	2607:f8b0:402... 2607:f8b0:4020:807::2002	15169 (GOOGLE) (GOOGLE)
1 1	198.148.27.131 198.148.27.131	19189 (PULSEPOINT) (PULSEPOINT)
1 1	2603:c020:400... 2603:c020:400d:3000:67b7:1059:7283:c690	() ()
1 1	23.105.14.106 23.105.14.106	() ()
1	3.95.46.247 3.95.46.247	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.172.83.15 54.172.83.15	14618 (AMAZON-AES) (AMAZON-AES)
1	107.22.235.237 107.22.235.237	14618 (AMAZON-AES) (AMAZON-AES)
1	44.217.245.111 44.217.245.111	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.203.232.146 52.203.232.146	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
217	63

49 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csp.dev.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 44.211.112.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-211-112-71.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.193.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25f5:1600:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.160.3.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-3-135.cmh68.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.86.50.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-50-125.compute-1.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.161.208 (New York, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.39.155 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2602:803:c002:200::113 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.180.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-180-227.cmh68.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.160.5.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-49.cmh68.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.160.5.46 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-160-5-46.cmh68.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:13::239 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

edge.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.42.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-42-214.compute-1.amazonaws.com

purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.13.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25f3:7800:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:d12 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.33.220.150 (Seattle, United States) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.225.218.10 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.126.116.136 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-116-136.deploy.static.akamaitechnologies.com

hb.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.82.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-82-237.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.52.158.180 (New York, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-158-180.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.40.39.223 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.71.192 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-71-192.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.62.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-62-23.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nytimes-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.223.22.214 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.40.202.2 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

collector.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13:78d::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.13.162 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.211.178.172 (North Charleston, United States) 10 redirects

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)

sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800b:21:f059:4f7e:28a9:1588 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.194.66.159 (Washington, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.23.46.39 (Ashburn, United States) 7 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-46-39.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:4e9:5a05:dd64:d7a:647:2f6e (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 8.43.72.97 (United States) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.116.227.71 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-227-71.us-east-2.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.111.113.62 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

us01.z.antigena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)

cm2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 8.43.72.98 (United States) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13:79f::11a6 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.204.152.211 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-204-152-211.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:13::17d7:82bb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.139.115.72 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-115-72.us-east-2.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ue1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.118.13 (North Charleston, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 13.118.211.35.bc.googleusercontent.com

r.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.205.60.185 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-60-185.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.82 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.38.167.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.159.93.151 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-93-151.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:ae80:1451:20::1690 (United States) 4 redirects

ASN25751 (VALUECLICK, US)

medianet-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.131 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:c020:400d:3000:67b7:1059:7283:c690 (None, ) 1 redirects

ASN- ()

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.14.106 (None, ) 1 redirects

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.95.46.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-46-247.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.172.83.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-83-15.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.22.235.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-22-235-237.compute-1.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.217.245.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-245-111.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.232.146 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-232-146.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.210.196.208 (Fairfax, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 3869 a.et.nytimes.com — Cisco Umbrella Rank: 6467 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 6610 als-svc.nytimes.com — Cisco Umbrella Rank: 7932 myaccount.nytimes.com — Cisco Umbrella Rank: 12138 dd.nytimes.com — Cisco Umbrella Rank: 9027 purr.nytimes.com — Cisco Umbrella Rank: 8360 a.nytimes.com — Cisco Umbrella Rank: 6852 mwcm.nytimes.com — Cisco Umbrella Rank: 11222 csp.dev.nytimes.com — Cisco Umbrella Rank: 34878	2 MB
23	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 327 aax.amazon-adsystem.com — Cisco Umbrella Rank: 404 s.amazon-adsystem.com — Cisco Umbrella Rank: 310 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076	79 KB
21	pubmatic.com 4 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 512 ads.pubmatic.com — Cisco Umbrella Rank: 513 image6.pubmatic.com — Cisco Umbrella Rank: 752 image2.pubmatic.com — Cisco Umbrella Rank: 895 simage2.pubmatic.com — Cisco Umbrella Rank: 794 image8.pubmatic.com — Cisco Umbrella Rank: 653 image4.pubmatic.com — Cisco Umbrella Rank: 1151 simage4.pubmatic.com — Cisco Umbrella Rank: 1267	30 KB
21	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 8704 cm.g.doubleclick.net — Cisco Umbrella Rank: 237	173 KB
19	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 510 eus.rubiconproject.com — Cisco Umbrella Rank: 593 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1110 token.rubiconproject.com — Cisco Umbrella Rank: 597 pixel.rubiconproject.com — Cisco Umbrella Rank: 366	32 KB
18	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1551 secure-ds.serving-sys.com — Cisco Umbrella Rank: 2640 lm.serving-sys.com — Cisco Umbrella Rank: 2587	193 KB
17	nyt.com g1.nyt.com — Cisco Umbrella Rank: 8491 static01.nyt.com — Cisco Umbrella Rank: 6782 a1.nyt.com — Cisco Umbrella Rank: 7938 typeface.nyt.com — Cisco Umbrella Rank: 29064	841 KB
12	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 567 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590 dsum.casalemedia.com — Cisco Umbrella Rank: 1377	9 KB
11	bidswitch.net 11 redirects x.bidswitch.net — Cisco Umbrella Rank: 342 r.bidswitch.net — Cisco Umbrella Rank: 6090	5 KB
11	adsrvr.org 11 redirects insight.adsrvr.org — Cisco Umbrella Rank: 589 match.adsrvr.org — Cisco Umbrella Rank: 348	7 KB
9	yahoo.com 7 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 326 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451	3 KB
7	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 492 tps.doubleverify.com — Cisco Umbrella Rank: 506 tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1381	204 KB
7	bidr.io 7 redirects match.prod.bidr.io — Cisco Umbrella Rank: 564	4 KB
7	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1307 cs.media.net — Cisco Umbrella Rank: 1454 contextual.media.net — Cisco Umbrella Rank: 666	4 KB
6	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 583 eb2.3lift.com — Cisco Umbrella Rank: 388	12 KB
6	openx.net 1 redirects rtb.openx.net — Cisco Umbrella Rank: 751 u.openx.net — Cisco Umbrella Rank: 670 us-u.openx.net — Cisco Umbrella Rank: 478 nytimes-d.openx.net — Cisco Umbrella Rank: 14721	2 KB
5	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 473	1 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 secure.adnxs.com — Cisco Umbrella Rank: 450	4 KB
4	dotomi.com 4 redirects medianet-match.dotomi.com — Cisco Umbrella Rank: 10387 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3398	1 KB
4	googlesyndication.com d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 150 pagead2.googlesyndication.com — Cisco Umbrella Rank: 107	13 KB
3	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3278 collector.brandmetrics.com — Cisco Umbrella Rank: 3745	22 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 165	1 KB
2	thrtle.com 1 redirects thrtle.com — Cisco Umbrella Rank: 1266	685 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 854	1 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 791	1 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1322 c.go-mpulse.net — Cisco Umbrella Rank: 605	51 KB
2	microsoft.com edge.microsoft.com — Cisco Umbrella Rank: 64	24 KB
2	geoedge.be rumcdn.geoedge.be — Cisco Umbrella Rank: 2030	72 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	177 KB
1	aralego.com 1 redirects sync.aralego.com — Cisco Umbrella Rank: 2723	474 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 834	518 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 925	554 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1567	425 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1575	359 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1187
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	792 B
1	technoratimedia.com 1 redirects sync.technoratimedia.com	4 KB
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 551	966 B
1	criteo.com 1 redirects dis.criteo.com — Cisco Umbrella Rank: 596	529 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 812	756 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 365	512 B
1	adform.net cm2.adform.net — Cisco Umbrella Rank: 29436	163 B
1	antigena.com us01.z.antigena.com — Cisco Umbrella Rank: 3859
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	57 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 756	510 B
1	connectad.io sync-eu.connectad.io — Cisco Umbrella Rank: 3766	165 B
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 7485	201 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 105	440 B
1	yahoo.net hb.yahoo.net — Cisco Umbrella Rank: 3474	285 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1548	24 KB
0	akamaihd.net Failed trial-eum-clientnsv4-s.akamaihd.net Failed trial-eum-clienttons-s.akamaihd.net Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
217	52

	Domain	Requested by
17	s.amazon-adsystem.com	2 redirects rumcdn.geoedge.be s.amazon-adsystem.com ssum-sec.casalemedia.com u.openx.net eus.rubiconproject.com ads.pubmatic.com
16	samizdat-graphql.nytimes.com	www.nytimes.com
15	www.nytimes.com	www.nytimes.com rumcdn.geoedge.be
13	cm.g.doubleclick.net	10 redirects u.openx.net eus.rubiconproject.com
11	g1.nyt.com	www.nytimes.com g1.nyt.com
10	x.bidswitch.net	10 redirects
10	match.adsrvr.org	10 redirects
8	fastlane.rubiconproject.com	www.nytimes.com
7	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
7	bs.serving-sys.com	d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com secure-ds.serving-sys.com
7	match.prod.bidr.io	7 redirects
7	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com u.openx.net www.nytimes.com
7	a.et.nytimes.com	www.nytimes.com myaccount.nytimes.com
6	simage2.pubmatic.com	2 redirects ads.pubmatic.com s.amazon-adsystem.com
6	ups.analytics.yahoo.com	6 redirects
6	securepubads.g.doubleclick.net	www.nytimes.com rumcdn.geoedge.be securepubads.g.doubleclick.net d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com www.googletagservices.com
5	pixel.tapad.com	4 redirects ads.pubmatic.com
5	eb2.3lift.com	3 redirects ads.pubmatic.com www.nytimes.com
5	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com rumcdn.geoedge.be
4	lm.serving-sys.com	secure-ds.serving-sys.com
4	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
4	token.rubiconproject.com	4 redirects
4	image2.pubmatic.com	ads.pubmatic.com
4	cs.media.net	1 redirects www.nytimes.com
4	dd.nytimes.com	www.nytimes.com dd.nytimes.com myaccount.nytimes.com
4	ib.adnxs.com	3 redirects www.nytimes.com
3	image8.pubmatic.com	2 redirects s.amazon-adsystem.com
3	csp.dev.nytimes.com	s.go-mpulse.net
3	cdn.doubleverify.com	d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com www.nytimes.com
3	pr-bh.ybp.yahoo.com	1 redirects u.openx.net ads.pubmatic.com
3	ssum-sec.casalemedia.com	1 redirects s.amazon-adsystem.com ssum-sec.casalemedia.com
3	sb.scorecardresearch.com	1 redirects www.nytimes.com secure-ds.serving-sys.com
3	c.amazon-adsystem.com	www.nytimes.com c.amazon-adsystem.com
2	tpsc-ue1.doubleverify.com	cdn.doubleverify.com
2	pubmatic-match.dotomi.com	2 redirects
2	thrtle.com	1 redirects s.amazon-adsystem.com
2	simage4.pubmatic.com	ads.pubmatic.com
2	medianet-match.dotomi.com	2 redirects
2	pm.w55c.net	2 redirects
2	contextual.media.net	www.nytimes.com
2	tps.doubleverify.com	cdn.doubleverify.com
2	image6.pubmatic.com	ads.pubmatic.com
2	us-u.openx.net	u.openx.net s.amazon-adsystem.com
2	um.simpli.fi	2 redirects
2	typeface.nyt.com	myaccount.nytimes.com
2	u.openx.net	1 redirects s.amazon-adsystem.com
2	eus.rubiconproject.com	s.amazon-adsystem.com eus.rubiconproject.com
2	ads.pubmatic.com	s.amazon-adsystem.com ads.pubmatic.com
2	d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
2	cdn.brandmetrics.com	www.googletagmanager.com rumcdn.geoedge.be
2	a1.nyt.com	www.nytimes.com www.googletagmanager.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	a.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	edge.microsoft.com	rumcdn.geoedge.be edge.microsoft.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	rumcdn.geoedge.be	www.nytimes.com rumcdn.geoedge.be
2	www.googletagmanager.com	www.nytimes.com www.googletagmanager.com
2	static01.nyt.com	www.nytimes.com
1	sync.aralego.com	1 redirects
1	ad.turn.com	1 redirects
1	sync.ipredictive.com	1 redirects
1	sync.bfmio.com	s.amazon-adsystem.com
1	crb.kargo.com	s.amazon-adsystem.com
1	rtb.adentifi.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	sync.technoratimedia.com	1 redirects
1	bh.contextweb.com	1 redirects
1	pagead2.googlesyndication.com	www.googletagservices.com
1	dis.criteo.com	1 redirects
1	p.rfihub.com	1 redirects
1	dsum.casalemedia.com	1 redirects
1	image4.pubmatic.com	www.nytimes.com
1	secure.adnxs.com	1 redirects
1	r.bidswitch.net	1 redirects
1	nytimes-d.openx.net	www.nytimes.com
1	c.go-mpulse.net	s.go-mpulse.net
1	px.ads.linkedin.com	eus.rubiconproject.com
1	aax-eu.amazon-adsystem.com	eus.rubiconproject.com
1	cm2.adform.net	eus.rubiconproject.com
1	us01.z.antigena.com	ads.pubmatic.com
1	www.googletagservices.com	d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
1	tpc.googlesyndication.com	d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	cms.quantserve.com	1 redirects
1	sync-eu.connectad.io	ssum-sec.casalemedia.com
1	s.go-mpulse.net	myaccount.nytimes.com
1	collector.brandmetrics.com	cdn.brandmetrics.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	hb.yahoo.net	www.nytimes.com
1	insight.adsrvr.org	1 redirects
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	htlb.casalemedia.com	www.nytimes.com
1	tlx.3lift.com	www.nytimes.com
1	rtb.openx.net	www.nytimes.com
1	hbopenbid.pubmatic.com	www.nytimes.com
1	prebid.media.net	www.nytimes.com
1	als-svc.nytimes.com	www.nytimes.com
0	trial-eum-clienttons-s.akamaihd.net Failed	s.go-mpulse.net
0	trial-eum-clientnsv4-s.akamaihd.net Failed	s.go-mpulse.net
0	sync-tm.everesttech.net Failed	ssum-sec.casalemedia.com
217	103

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
travel.gc.ca
www.parsintl.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2023-03-22` - `2024-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
a.et.nytimes.com R3	`2023-07-15` - `2023-10-13`	3 months	crt.sh
als-svc.nytimes.com R3	`2023-08-04` - `2023-11-02`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-08` - `2024-04-06`	a year	crt.sh
edge.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-06-27` - `2024-06-21`	a year	crt.sh
purr.nytimes.com R3	`2023-07-07` - `2023-10-05`	3 months	crt.sh
a.nytimes.com R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
brandmetrics.com GTS CA 1P5	`2023-07-08` - `2023-10-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.brandmetrics.com Go Daddy Secure Certificate Authority - G2	`2023-05-10` - `2024-06-10`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
bs.serving-sys.com Amazon RSA 2048 M02	`2022-11-22` - `2023-12-21`	a year	crt.sh
*.z.antigena.com Sectigo ECC Domain Validation Secure Server CA	`2023-04-03` - `2024-04-02`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
secure-ds.serving-sys.com R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
lm.serving-sys.com Amazon RSA 2048 M02	`2022-10-26` - `2023-11-24`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
adentifi.com Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
*.prod.use1.green.ops.kargo.com Amazon RSA 2048 M01	`2022-11-10` - `2023-12-09`	a year	crt.sh
*.bfmio.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Frame ID: 76723D6A3382FF0887AE69C7EDA9C153
Requests: 91 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 2E5030A7B96CA414911697B557086DF5
Requests: 2 HTTP requests in this frame

Frame: https://edge.microsoft.com/parakeet/frame.html
Frame ID: 9153E9FE06ADE5A0827CBE78FD7E054C
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: 1913484137F6A865F6D8A413DFED507F
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html;u5=;u18=anon;gtm=45He38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html
Frame ID: 5D68B3B9CFA8BA7CFA57CBA155AA8964
Requests: 1 HTTP requests in this frame

Frame: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 338137868EF280F47A9C072BB92CF908
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 24A96CC5A1BECC5A157482556C244213
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html;u5=;u18=anon;gtm=45He38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html
Frame ID: 14F036429B18EECFB7D724FF0288D679
Requests: 1 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&display=newsletter_morning_test&asset=RegiWall&application=Free_Experience&preloaded=true
Frame ID: 16E1363B05A538CC9BB15FF0EA54CA75
Requests: 18 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 44E7AE8FE6B04D6BE4DEE00180FFD387
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 83ED9C4C1BF4F76338F3E452E21DACC8
Requests: 22 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: D8D8B1F8A0A7ADFAAC8BA2325E7BBD31
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MTmdTVFJGRTJ1SllzQk9Tc09zVlU3WlJYd2xQa3NqcH5B
Frame ID: E028DAEA2A7AB5F0F13E24D09C127484
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 7AA4CEF34F6FFF6598821A6699BC0D1E
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=5030693220957059315&ex=appnexus.com
Frame ID: 069560C189F365651156AA774F288B05
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1665468086573620011276
Frame ID: C162E266189C13D79B42EEB50745DF93
Requests: 1 HTTP requests in this frame

Frame: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 22A0CAE4251EB4582B7FB7ADD117A668
Requests: 27 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&redir=true&gdpr=0&gdpr_consent=
Frame ID: 52C887ADFC0BB56E9C042580F5DEBF2B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3
Frame ID: A6D885402AE83D103C74F3B0C893E425
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4555.js
Frame ID: E8CED3F36105B6B9957DEED7D0CCDCCD
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements4555.js
Frame ID: 6D7A847BFFCA5296B7818E9C4A2B26B6
Requests: 3 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAojU7J4CYAACWigYpAMA&gdpr=0&gdpr_consent=
Frame ID: D699477FBA9B1752E9521BB4C2D4AA46
Requests: 1 HTTP requests in this frame

Frame: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Frame ID: CE727AF32EAD1A3D1A2588DA8CAB3532
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3
Frame ID: 3913956F2C0A7E49C1AB21F3089AAC90
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Canada Issues Travel Warning for L.G.B.T.Q. Citizens Visiting U.S. - The New York Times

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

217
Requests

82 %
HTTPS

26 %
IPv6

52
Domains

103
Subdomains

63
IPs

5
Countries

3836 kB
Transfer

11030 kB
Size

99
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://travel.gc.ca/destinations/united-states
Title: long list of travel warnings

Search URL Search Domain Scan URL

URL: https://www.parsintl.com/publication/the-new-york-times/
Title: Order Reprints

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2023 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-Sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-Service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/10940941449492-The-New-York-Times-Company-Privacy-Policy-
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1693455039079&ns_c=UTF-8&c8=Canada%20Issues%20Travel%20Warning%20for%20L.G.B.T.Q.%20Citizens%20Visiting%20U.S.%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1693455039079&ns_c=UTF-8&c8=Canada%20Issues%20Travel%20Warning%20for%20L.G.B.T.Q.%20Citizens%20Visiting%20U.S.%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&c9=

Request Chain 67

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

Request Chain 74

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html;u5=;u18=anon;gtm=45He38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html;u5=;u18=anon;gtm=45He38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html

Request Chain 79

https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1548328992 HTTP 302
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=9dbf4858-42bb-4265-82a5-eca7a42e7b45 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5030693220957059315&ttd_tdid=9dbf4858-42bb-4265-82a5-eca7a42e7b45 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&gdpr=0&redir=true HTTP 302
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1mZWRqR0NWRTJ1RVlZWHp1UjVlYUZMWHRDSy5QSm42RX5B&gdpr=0&ovsid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&dpid=55953

Request Chain 93

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3364566416634816000V10

Request Chain 94

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Request Chain 97

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MTmdTVFJGRTJ1SllzQk9Tc09zVlU3WlJYd2xQa3NqcH5B

Request Chain 98

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Request Chain 99

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5030693220957059315&ex=appnexus.com

Request Chain 100

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1665468086573620011276

Request Chain 112

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPASwa2PkWLmNS2SK-Vg5wAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA99gTlkeshA_1J8_QcjQGg&google_cver=1

Request Chain 113

https://match.adsrvr.org/track/cmf/casale HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWRiZjQ4NTgtNDJiYi00MjY1LTgyYTUtZWNhN2E0MmU3YjQ1&gdpr=0&gdpr_consent=&ttd_tdid=9dbf4858-42bb-4265-82a5-eca7a42e7b45 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&google_gid=CAESED4gjc0xOi_sR-Jdr2mlRXY&google_cver=1 HTTP 302
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
https://x.bidswitch.net/sync?dsp_id=93&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=e9e70f66-088c-4c2e-bc14-db03490ae248

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPASwa2PkWLmNS2SK_Vg5wAADd0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMIUwkP8fb5pqnjCiQkkgfI&google_cver=1

Request Chain 116

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=kBT1fJcS8H2LF6d9khi-esAR8H6LQvB-lhk_Ady3

Request Chain 117

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DD96F187537B4F3FB867C8937BD66AA5

Request Chain 118

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAojU7J4CYAACWigYpAMA&expiration=1694664641

Request Chain 128

https://match.adsrvr.org/track/cmf/openx?oxid=8a592937-4da2-31e7-536e-8a742f6f0038&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expiration=1696047041&gdpr=0&gdpr_consent=

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtoU_C4J5xRdzRL5ouT438&google_cver=1

Request Chain 133

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLYNEMOQ-20-FZ0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LLYNEMOQ-20-FZ0&ex=d-rubiconproject.com&status=ok

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hPov-IF6S1m069kvb7rKsw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 142

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cc1bf55c-1321-4046-85f2-ebbb900a7bb7%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&ttd_puid=cc1bf55c-1321-4046-85f2-ebbb900a7bb7%2C%2C

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODRGQTJGRjgtODE3QS00QjU5LUI0RUItRDkyRjZGQkFDQUIz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPXePWRw2TpQoOKnc8KdT4o&google_cver=1

Request Chain 147

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DD96F187537B4F3FB867C8937BD66AA5

Request Chain 148

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9dbf4858-42bb-4265-82a5-eca7a42e7b45&gdpr=0&gdpr_consent=

Request Chain 150

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch HTTP 302
https://x.bidswitch.net/sync?dsp_id=93&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
https://cm2.adform.net/pixel?adform_pid=3&adform_pc=e9e70f66-088c-4c2e-bc14-db03490ae248&adform_v=1

Request Chain 151

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA2MjYyYTc4NDc2Zjc1ZjI0Zjg3ODkzNTAxZmE4MmQ2Mzk2ZmQ0MA

Request Chain 153

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLYNEMOQ-20-FZ0

Request Chain 154

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExZTkVNT1EtMjAtRlow HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAKX9kNs18jnr6s33DEcwyI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZTkVNT1EtMjAtRlow&google_push=

Request Chain 155

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/3NMo-Lw9b3TumyNHvSxSkw?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-i7HVnMpE2oKfBDjXCPdNBofklX8nE9xVFEvWHA--~A

Request Chain 156

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PE5E-g6zRDuxcHElpP_4HA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PE5E-g6zRDuxcHElpP_4HA

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECM1S4ZxcYbJFang66HhG70&google_cver=1

Request Chain 189

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
https://r.bidswitch.net/sync?bidswitch_ssp_id=medianet&bsw_custom_parameter=e9e70f66-088c-4c2e-bc14-db03490ae248 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=e9e70f66-088c-4c2e-bc14-db03490ae248&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Dmedianet%26bsw_param%3De9e70f66-088c-4c2e-bc14-db03490ae248 HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dcc1bf55c-1321-4046-85f2-ebbb900a7bb7%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Dmedianet%252526bsw_param%25253De9e70f66-088c-4c2e-bc14-db03490ae248%252C HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5030693220957059315&pt=cc1bf55c-1321-4046-85f2-ebbb900a7bb7%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Dmedianet%2526bsw_param%253De9e70f66-088c-4c2e-bc14-db03490ae248%2C HTTP 302
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=medianet&bsw_param=e9e70f66-088c-4c2e-bc14-db03490ae248 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 190

https://image8.pubmatic.com/AdServer/ImgSync?p=163427 HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&redir=true&gdpr=-1&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uiT_j3hE2uVoL07YVXMxOTJJj.valdk-~A&gdpr=-1

Request Chain 191

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625790456431156

Request Chain 192

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=724bea2e-6726-4a1e-b74d-841cc6a0f4ac

Request Chain 194

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=77ALcbX21QBz115

Request Chain 195

https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=72d7b123d13a1026&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAL1cehU4KWCQMjb2aNAAAAAAA&expiration=1693541443&is_secure=true

Request Chain 196

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 202

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBb2pVN0o0Q1lBQUNXaWdZcEFNQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAAojU7J4CYAACWigYpAMA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAojU7J4CYAACWigYpAMA&pid=558502&do=add&gdpr=0 HTTP 303
https://sync.technoratimedia.com/services?uid=AAAojU7J4CYAACWigYpAMA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAAojU7J4CYAACWigYpAMA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5522376985850362459&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAojU7J4CYAACWigYpAMA&gdpr=0&gdpr_consent=

Request Chain 203

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5030693220957059315&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=

Request Chain 205

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&gdpr=0&gdpr_consent= HTTP 302
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3a060369-e270-4d79-a147-2ee0a9579e45

Request Chain 209

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=54a1c36f-ab5d-4197-8d0f-a4d5145a0e21&gdpr=0&gdpr_consent=

Request Chain 210

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1206918bbf2f1026&is_secure=true&networkId=17100&version=1&nuid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL1cehU4KWPQNW98HHAAAAAAA&expiration=1693541444&nuid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 211

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4320071910749590713&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

Request Chain 212

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=445&user_id=f762f856-7aad-3c70-a164-10c74dda50ad&ssp=pubmatic&bsw_param=e9e70f66-088c-4c2e-bc14-db03490ae248 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=&gdpr_consent=&gdpr_pd=

217 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request travel-warning-us-lgbtq.html Show response
www.nytimes.com/2023/08/30/world/canada/ 213 KB
66 KB 85ms
36ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

347578fb26bb96ea3a7a4bb63bfdb835879d6be712f2dc01e83a12cbd0a86c2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 231
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 65754
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 04:10:38 GMT
fastly-restarts: 1
last-modified: Thu, 31 Aug 2023 04:04:22 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2023/08/30/world/canada/travel-warning-us-lgbtq.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: 10f58b655ee440fe9c5a95fa74cf0a13
x-cache: HIT, HIT
x-cache-hits: 24, 1
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1693454946.506629,VS0,VE31
x-frame-options: DENY
x-gdpr: 0
x-nyt-app-webview: 0
x-nyt-data-last-modified: Thu, 31 Aug 2023 04:04:22 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: vi-story
x-origin-time: 2023-08-31 04:09:05 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2023-08-31T03:06:09.928Z
x-served-by: cache-lga21952-LGA, cache-yyz4552-YYZ
x-timer: S1693455038.433157,VS0,VE16
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 32ms
22ms Stylesheet
text/css 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Fri, 19 Jan 2024 14:23:55 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 19316802
x-guploader-uploadid: ADPycdvTxDxZkBwxaxClZG4XN5QZIjz62IdiEo_qvKoVXWIdxEnMJ_5lHyZa319eIqvWBUxC1cQSKHKd6rMmurrwiG7O
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9868
x-served-by: cache-yyz4552-YYZ
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1693455038.487941,VS0,VE0
etag: "b79308aee772cf8921761a4fdb884fe5"
vary: Accept-Encoding
x-goog-generation: 1673991774978541
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 9868
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1656

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 20ms
20ms Stylesheet
text/css 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 27865235
x-guploader-uploadid: ADPycdtPGn5ZClDlFOJ7dEHNg3bKluFi93z2ow_4AEJMeeD8CWkTcLZp5AeY1tlieEt46L_qPY6qby22F34LXmo8bKIkTw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-10-12 15:49:58 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455038.475861,VS0,VE1
etag: "e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1665589250507895
content-type: text/css; charset=utf-8
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1799
expires: Thu, 12 Oct 2023 15:49:58 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1968
last-modified: Wed, 12 Oct 2022 15:40:50 GMT
server: UploadServer
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr: 0
x-goog-stored-content-length: 5656
accept-ranges: bytes

GET
H2 200 adslot-26b1b95633a5eca77453.js Show response
www.nytimes.com/vi-assets/static-assets/ 23 KB
8 KB 21ms
20ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-26b1b95633a5eca77453.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9c9d166e09f2a6ea6e6ea254b42931bc255204d240d0974249bd780724b0832e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 651898
x-guploader-uploadid: ADPycdtVC-ZdXsrGnqqlnfRpFRWhBlD3p9s2hRJoIpnySuLKeJSf72T46uGkfYC9GWxMmc2HljzT38dHPabXP9PeFossQQ
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-23 15:05:40 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455039.516932,VS0,VE1
etag: "689168f30dad92c9fa3a60942462232d"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1692803092852815
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-26b1b95633a5eca77453.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2644
expires: Thu, 22 Aug 2024 15:05:40 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7957
last-modified: Wed, 23 Aug 2023 15:04:52 GMT
server: UploadServer
x-goog-hash: crc32c=a+1Ajg==, md5=aJFo8w2tksn6OmCUJGIjLQ==
x-gdpr: 0
x-goog-stored-content-length: 23058
accept-ranges: bytes

GET
H2 200 parakeet.min.js Show response
www.nytimes.com/ads/ 22 KB
5 KB 19ms
19ms Script
text/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/parakeet.min.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7d185a68ec7c2c52fd808d2eefd86e68264830af4cf3f1fa8946607b16b56907

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 151247
x-guploader-uploadid: ADPycdtJssOKXCxy4AGih-DbbawDwmRgg0lvce2MoG9-yaKE_mHJdpNOqVKd_f4LjCg9q4cJOzESLoV9oy8bwLn5PZYb
x-goog-stored-content-encoding: identity
x-origin-time: 2023-03-14 10:06:08 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455038.499172,VS0,VE1
etag: "adba4a1fb4bee00e1f70bd3e15c9f567"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1626722987661312
content-type: text/javascript
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/parakeet.min.js
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview: 0
x-nyt-route: ads-static-assets
x-nyt-edge-cache: HIT
x-cache-hits: 219
expires: Tue, 14 Mar 2023 10:06:08 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
content-length: 3933
last-modified: Mon, 19 Jul 2021 19:29:47 GMT
server: UploadServer
x-goog-hash: crc32c=W10/0g==, md5=rbpKH7S+4A4fcL0+Fcn1Zw==
x-gdpr: 0
x-goog-stored-content-length: 22511
accept-ranges: bytes

GET
H2 200 30canada-advisory3-qktw-superJumbo.jpg
static01.nyt.com/images/2023/08/30/multimedia/30canada-advisory3-qktw/ 493 KB
494 KB 53ms
41ms Image
image/webp 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2023/08/30/multimedia/30canada-advisory3-qktw/30canada-advisory3-qktw-superJumbo.jpg?quality=75&auto=webp

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

27c682d8ada5ec7f410a24aa53762c06865e73a5940122e70feb9d6415220af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 30 Aug 2023 18:50:15 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 33622
x-guploader-uploadid: ADPycdukLL9o7_IstgtoDZt1ukjhO99YaDLMW2jrzX0zZGNcP54XUGAgrIDuboelbS1K9zM27dWIiVRu1eYMxrmJqvUh
x-cache: HIT, HIT
fastly-io-info: ifsz=1013224 idim=2048x1366 ifmt=jpeg ofsz=504732 odim=2048x1366 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 504732
x-served-by: cache-iad-kjyo7100065-IAD, cache-yyz4552-YYZ
server: UploadServer
x-timer: S1693455039.539266,VS0,VE2
etag: "LCVklcYqX5YiHfo27sq6WlTtPIZPLGNh33IBxz3evBs"
vary: Accept
x-goog-generation: 1693421345622057
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=xryF9g==, md5=g3XFNTiQOKh59FUXr1DiOQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 1013224
x-amz-checksum-crc32c: xryF9g==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5, 1

GET
H2 200 author-ian-austen-thumbLarge.png
static01.nyt.com/images/2019/07/18/reader-center/author-ian-austen/ 22 KB
23 KB 23ms
19ms Image
image/png 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static01.nyt.com/images/2019/07/18/reader-center/author-ian-austen/author-ian-austen-thumbLarge.png

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

acb668be89d79ba1948ccfe97aba7776587a0a15da4367a112c885c0bf053758

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 27 Jul 2023 11:54:38 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 165322
x-guploader-uploadid: ADPycdvjLAmL2zmbEylHV8htNRIRI8DFHbUj0sCmtXdn_Za41yP5Bm9DDA6xZf8CiIyX1ZW0cFuwRXLo6eKgzo-qyaBGIQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 22736
x-served-by: cache-iad-kjyo7100031-IAD, cache-yyz4552-YYZ
last-modified: Thu, 18 Jul 2019 18:22:12 GMT
server: UploadServer
x-timer: S1693455039.539289,VS0,VE1
etag: "bd19ea019e83d55a1b594666d943f63d"
x-goog-generation: 1563474132651004
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=cgcbLg==, md5=vRnqAZ6D1VobWUZm2UP2PQ==
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 22736
x-amz-checksum-crc32c: cgcbLg==
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 223, 1

GET
H2 200 vendor-0069f25bbffec4fd3fca.js Show response
www.nytimes.com/vi-assets/static-assets/ 183 KB
55 KB 25ms
22ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-0069f25bbffec4fd3fca.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d57cdc47f635d0573f2ffd7afe1ef996c81373cddc10fa4ab69cbbad71903ed2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 716847
x-guploader-uploadid: ADPycdt0ilWgCKrZ4KiJ6MSmds_cN5sZmofGkG26sNmd46vAFgnxHmhHPD85qTPxvcBoaOAGS9lhJp0r7BpIKXpzyQeLRtrnM5-T
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-22 21:03:11 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455039.539648,VS0,VE1
etag: "bc5afe0bf5d5a9cb0fb1c46991c1a7dd"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1692738184860090
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-0069f25bbffec4fd3fca.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2619
expires: Wed, 21 Aug 2024 21:03:11 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 55409
last-modified: Tue, 22 Aug 2023 21:03:05 GMT
server: UploadServer
x-goog-hash: crc32c=WqBOpw==, md5=vFr+C/XVqcsPscRpkcGn3Q==
x-gdpr: 0
x-goog-stored-content-length: 187763
accept-ranges: bytes

GET
H2 200 story-7ae9c1ee2bfc713294e5.js Show response
www.nytimes.com/vi-assets/static-assets/ 2 MB
514 KB 52ms
49ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-7ae9c1ee2bfc713294e5.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d06bc3be6f257223f59418f75c9958e0b70007f3e99b299780c2b2912dfdf838

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 23787
x-guploader-uploadid: ADPycdtgNyb0VKnJCXVboTt3BLpPofcUHEs2HRho3MZsVAkxJOinR_2FQP7c2hSp6Wv3sBAQQkoBbk7o-UzFsELOSwW11Q
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-30 21:34:11 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455039.539624,VS0,VE2
etag: "6aa449ef80203dea2aba42719e8175d8"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1693430730138398
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-7ae9c1ee2bfc713294e5.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
expires: Thu, 29 Aug 2024 21:34:11 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 526031
last-modified: Wed, 30 Aug 2023 21:25:30 GMT
server: UploadServer
x-goog-hash: crc32c=SFu+vg==, md5=aqRJ74AgPeoqukJxnoF12A==
x-gdpr: 0
x-goog-stored-content-length: 1904690
accept-ranges: bytes

GET
H2 200 main-f793b7d9275093c1d424.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
417 KB 51ms
48ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0c6f3473b5540696e2d4a19deb3c4d15d22d5bb7e63e66b68a6614a21acb38d1

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 23801
x-guploader-uploadid: ADPycdv3u6CiBAmWMX1rs7LZty-kxJvtBxgUOjgy_OfgWX7r4lDCGsVTTdgCiiOofOAZePVO7GAHdC7PVAuPwilyN5EI-w
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-30 21:33:57 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455039.539885,VS0,VE2
etag: "5a98aa9d2b2d3c1b3a6f794297b0d21c"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1693431081750028
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-f793b7d9275093c1d424.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
expires: Thu, 29 Aug 2024 21:33:57 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 426000
last-modified: Wed, 30 Aug 2023 21:31:21 GMT
server: UploadServer
x-goog-hash: crc32c=OcYhJw==, md5=WpiqnSstPBs6b3lCl7DSHA==
x-gdpr: 0
x-goog-stored-content-length: 1489843
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 439 KB
118 KB 206ms
140ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

adc3b4e4bea5e7683ee6cb00a9c97bdfa5112b7d53017395c7a945cbef9a07a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120618
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 163ms
60ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 149 B
803 B 60ms
55ms XHR
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 0
age: 5
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: dcf822603b7b4a18
samizdat-x-canary: false
x-served-by: cache-yyz4552-YYZ
x-graphiti-gateway: 58cce6b3
x-nyt-country: US
x-timer: S1693455039.608938,VS0,VE1
x-nyt-continent: NA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: MI
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: NA:AM
x-nyt-edge-cache: HIT
x-cache-hits: 1
x-samizdat-query-sup-code
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
samizdat-x-instance: 8f8aeee5
x-envoy-upstream-service-time: 74
content-length: 132
last-modified: Thu, 31 Aug 2023 04:10:32 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 67ms
19ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 287
content-encoding: gzip
content-length: 20
date: Thu, 31 Aug 2023 04:10:38 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 65
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 53
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: MI
x-samizdat-query-exe-id: acc6dc3228630688
x-samizdat-query-field-errors: 0
x-served-by: cache-yyz4555-YYZ
x-timer: S1693455039.574603,VS0,VE1

GET
H2 200 als Show response
als-svc.nytimes.com/ 1 KB
1 KB 161ms
66ms XHR
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2F4384628c-5b2d-5de0-8485-e7a5e059251f&typ=&prop=nyt&plat=web

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-211-112-71.compute-1.amazonaws.com

Software

envoy /

Resource Hash

09aa7f7c7362d9a3e857f26697ec5dba6fa4ec905e692508e90ea68ab8cda780

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 google
content-encoding: gzip
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: als-svc.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 26
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a

GET
H2 200 grumi-ip.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 14 KB
6 KB 168ms
41ms Script
application/javascript 2600:9000:25f5:1600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25f5:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21de32a31b934126535d48ccc684d18827d937d7e08d68cb68149a894b914d62

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 03:52:31 GMT
x-amz-version-id: VyfilS_B3E1Thh5LqHNHzzVrRtkoviAH
content-encoding: br
last-modified: Thu, 24 Aug 2023 09:34:50 GMT
server: AmazonS3
via: 1.1 dda58b5db9b6efb2fca84829e7856cfe.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P5
etag: W/"dbb50c1d59c31f0ccd09001e145c285f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=14400, stale-while-revalidate=14400, immutable
age: 1088
x-amz-cf-id: NGdowqw2YEpcMPHuKG3ZaoDJ2-lrVWf1N3-H-iHUq3pl9mJV_NzScg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 248 KB
61 KB 152ms
27ms Script
application/javascript 3.160.3.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.3.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-3-135.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:04:30 GMT
content-encoding: gzip
via: 1.1 b7248001409a22dcf06ac3c9df2f5fac.cloudfront.net (CloudFront), 1.1 f62865a6aba38ebc6bc6283096c5ae5c.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 18:15:56 GMT
server: AmazonS3
x-amz-cf-pop: CMH68-P5, CMH68-P4
age: 369
x-amz-server-side-encryption: AES256
etag: W/"761fb227b5d9333f86d2e976465cc3f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: uAadh22sqBWkSUYzpENh9mV2I6n6dVi3i2yBuSU1f4HFhRN59ruvAQ==

GET
H2 200 prebid8.1.0.js Show response
www.nytimes.com/ads/ 302 KB
96 KB 22ms
21ms Script
text/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/prebid8.1.0.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 473513
x-guploader-uploadid: ADPycdtTBMoxSCUsSvaxyfbujH-SOuPb6rX30dUmFYElKMWjGP11__56zT8qnOXPIT6wUFOCbRSKGPePGsEjTMK9D0JNH-nurkus
x-goog-stored-content-encoding: identity
x-origin-time: 2023-07-07 16:38:42 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455039.539878,VS0,VE1
etag: "69d0b1569bbd0b87116d60db3a12cd34"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1687806692468937
content-type: text/javascript
access-control-allow-origin: *
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.1.0.js
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview: 0
x-nyt-route: ads-static-assets
x-nyt-edge-cache: HIT
x-cache-hits: 4323
expires: Fri, 07 Jul 2023 16:38:42 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
content-length: 97611
last-modified: Mon, 26 Jun 2023 19:11:32 GMT
server: UploadServer
x-goog-hash: crc32c=VcerCA==, md5=adCxVpu9C4cRbWDbOhLNNA==
x-gdpr: 0
x-goog-stored-content-length: 308841
accept-ranges: bytes

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 68ms
18ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 05 Oct 2023 06:18:10 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 28504348
x-guploader-uploadid: ADPycdu7sVTNwI3Sv0f8R7Fh-XoIQG6mmxnFwjfb2RlDK8FynrnJWbjoINMJRceSWN-M1H8gKSxaVPJ5VlI_gw3nrcVwog
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-yyz4552-YYZ
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1693455039.598037,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation: 1651598151054057
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20276
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1797

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 68ms
18ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 17:48:57 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 11442102
x-guploader-uploadid: ADPycdssemRFw4JOf27rWYIMimWPYkdKfd1jvgs8brBbhqHPGMAHyc16YtXJNheSTFLh5rwiuZOLeEnP28uuR79MJeG3gF7doXBX
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-yyz4552-YYZ
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1693455039.597963,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation: 1650460180561781
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 19816
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1852

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 86ms
36ms Font
font/woff2 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 08 Jun 2022 11:00:46 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 7232986
x-guploader-uploadid: ABg5-Uz_79ZDZR0Kq_gtb6K34dqlE-6DUUODSEWSLstya5k3cyxkHbmpbBi-nfCoiNLkW6Niu_HNMzHwBeCuZiJyQ4g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-yyz4552-YYZ
last-modified: Tue, 06 Apr 2021 21:11:52 GMT
server: UploadServer
x-timer: S1693455039.598832,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
x-goog-generation: 1617743511931481
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29076
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1283

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 86ms
36ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 22 Aug 2024 06:28:31 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 682927
x-guploader-uploadid: ADPycdvOewOJz2d1n3yeeLmTL7ghDmTXxl7mM2DvEHBrgetocTqsC0ziSUPqEYqyPwpM70bQ0--uGiawMmlNGD-X_R60Ag
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-yyz4552-YYZ
last-modified: Tue, 17 Jan 2023 21:42:55 GMT
server: UploadServer
x-timer: S1693455039.598821,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
x-goog-generation: 1673991775386425
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 550

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 87ms
38ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 05 Oct 2023 05:46:06 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 28506272
x-guploader-uploadid: ADPycdtlrLyZB9pK6bG-06OUUpicFrj_di-bpb_mPVl4WCxPXawlbQJItrpS0Bd0gvnYEHEWeB-vq-yoZWevGB0F4GclCA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-yyz4552-YYZ
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1693455039.598787,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
x-goog-generation: 1651598150991608
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20136
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1503

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 87ms
37ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 08 Feb 2023 05:42:31 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 17620086
x-guploader-uploadid: ADPycdtnDcZJ8-JvkzraWsiUsBI6Eps43opAMXXSc_aOAP5XacDrySvpELgxZ8j5KGXQPPq1wHU0hX146XvOeul3WKN1HaJHCg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-yyz4552-YYZ
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1693455039.598762,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
x-goog-generation: 1631734982696426
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 28620
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 899

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 88ms
39ms Font
font/woff2 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 08 Jun 2022 10:11:29 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 7235947
x-guploader-uploadid: ABg5-Uz1U1rNR35JOGvxkfvURwgJx-9_YpGc1QTD69Bf_ys_u1b-F1RnfUxr7vu12eSMdwVCIAnlbnXf_XfxZI4eQzBsBmrK-g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-yyz4552-YYZ
last-modified: Tue, 06 Apr 2021 21:11:52 GMT
server: UploadServer
x-timer: S1693455039.598697,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation: 1617743511893367
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 27260
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1145

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 87ms
38ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 05 Oct 2023 06:18:17 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 28504344
x-guploader-uploadid: ADPycdv_OzMGOozJn47W4JQ0jooLua4Y7iQJghMznLXGIKwnA3CLQqMxtB4AX8t0cJWMdq8kimGOa2qkfjTTwXnIe0tQbA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-yyz4552-YYZ
last-modified: Tue, 03 May 2022 17:15:51 GMT
server: UploadServer
x-timer: S1693455039.598696,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation: 1651598151578179
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 26504
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1756

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 2E50 332 B
1 KB 60ms
51ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

46cf42b16cd67da90ec7a8988b2b5fe60202c713f380844d131f2630ca1309c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 180
cache-control: public, max-age=600
content-encoding: gzip
content-length: 256
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 04:10:38 GMT
etag: W/"14c-hv29m43SUUvVkP07xL7vx7WaeD0"
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 4
x-cloud-trace-context: d7f3b7c26c441583c2dac5272df43ad2
x-content-type-options: nosniff
x-datadog-parent-id: 8417625506160811509
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 6519530104442117707
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 25
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-powered-by: Express
x-served-by: cache-yyz4552-YYZ

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 208ms
90ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-26b1b95633a5eca77453.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1539e622314283cafce7ae0993d6eff4203c1905b5f0649c0f072fd28dae5d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29041
x-xss-protection: 0
server: cafe
etag: 354 / 19600 / 31077496 / config-hash: 8988950760368396923
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 31 Aug 2023 04:10:38 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
964 B 199ms
112ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: caaaef55b5f5f2f1b7b3b5d965182bb263232219872bd215a92ea0fdaa0829ae

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:38 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 31 Aug 2023 04:10:38 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 82ms
28ms XHR
text/plain 104.36.115.111
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nytimes.com
date: Thu, 31 Aug 2023 04:10:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
258 B 536ms
457ms XHR
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: c736b1aa57870326bbc4e52d12de6ed4dee4d58a140f3561d86b4e7c6f74c1e6

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 31 Aug 2023 04:10:39 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 auction Show response
tlx.3lift.com/header/ 45 KB
10 KB 271ms
181ms XHR
application/json 54.86.50.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.1.0&referrer=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tmax=10000

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.86.50.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-86-50-125.compute-1.amazonaws.com

Software

Resource Hash

bbae609af99b790c585b5a6158652a2e56880714bc3781a0da865cea61d52530

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:38 GMT
content-encoding: gzip
accept-ch: sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 9791
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 940 B
1 KB 569ms
493ms XHR
application/json 68.67.161.208
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.161.208 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d9be6900f3e340348a2ac7423d9120a7161334e911bdc0d7e632d4c929d36e00

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:39 GMT
content-encoding: gzip
an-x-request-uuid: 59d4060f-a4e8-4dc3-8658-1c2234928390
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.44; 96.9.249.44; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
549 B 100ms
49ms XHR
application/json 104.18.39.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=995821
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.39.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4546975a6365d5ff6b339702c72dec934ba7488ceaf905d1d930382a994c4d7

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97CmlZkHjlTeHdtA%2FacQbx%2FMrc95YJ0myQy%2Fk6WjjIPJn92s9Uv2V4W5tShYrhDSgPN9%2FZ92TKIyyiJg84Yh59dMlNy4532Gb740fVe2qBNvaa%2BY7OcRstrCVqeIunFOk%2B8nLvK8"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ff26cc81ae93702-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 422 B
764 B 333ms
212ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.invCode=nyt_world_top&tg_i.pbadslot=top&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=56208bcb330b516&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08748826203442284
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c283b4ae8ddaf80d88262ef609b62e763bc54f965018d5f5d4677c6b35535c9f

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 422
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
3 KB 286ms
165ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.invCode=nyt_world_mid1&tg_i.pbadslot=story-ad-1&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=57506ef398ab452&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5509659943980609
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ae9b323a51fd7a855a734fe337692c97c406bf49762cc7275f51d69ec13cf67e

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:38 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 430 B
771 B 326ms
206ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.invCode=nyt_world_mid2&tg_i.pbadslot=story-ad-2&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=58999a27d2fe4e3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.15595409112106684
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5f386fe37226c8d198bb37c12efaf092d0180f8373e48ca1195339754e47f095

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 430
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
3 KB 256ms
136ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.invCode=nyt_world_mid3&tg_i.pbadslot=story-ad-3&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=59f79fd47cd6c9d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.29091833559740166
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7492be4c328161c49e5c9ceab0ceb11dbd06476e8f944d767552ecd079c118eb

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:38 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
3 KB 424ms
304ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.invCode=nyt_world_mid4&tg_i.pbadslot=story-ad-4&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=60be4519a081ba6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5543746801528018
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b949c1104020bde23047aa08b0bd820d649164eab0c934a5e1533d71df44b9c1

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:39 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 430 B
795 B 362ms
243ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.invCode=nyt_world_mid5&tg_i.pbadslot=story-ad-5&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=616754345d1dba8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24958145267386622
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4dee9664b03123274f4b1cc7a451f40e243cedfbce0677fa300616d55991e58e

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:39 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 430
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
3 KB 312ms
193ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.invCode=nyt_world_mid6&tg_i.pbadslot=story-ad-6&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=628e82dcaf273b8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9168389256706428
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f2c1c845c89c874b2591f22632c10ff9bcd507d7ac6b69d6eb7ccc37ceb4478c

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:38 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 428 B
770 B 298ms
180ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088374&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&tg_i.invCode=nyt_world_bottom&tg_i.pbadslot=bottom&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=6324fb499a5bab4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7850086827081377
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e6cd6b6f43f96bd4c3354f06decae0ef3cda623a3224a26afd80ed77e1e3a379

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:38 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 428
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 2E50 477 KB
158 KB 22ms
22ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=8868912

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c08f3636e93d83836b62f1cd5f16c66ab4eec24b1fd0667e00e6dbb11dd95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 22 Aug 2023 06:30:01 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 435
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 36
content-length: 161140
x-served-by: cache-yyz4552-YYZ
x-nyt-backend: lire-ui
server: envoy
etag: "5XYByg"
content-type: application/javascript
x-cloud-trace-context: 01197125c5743537572c29c1d1d10655
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 vendors~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~privacy~reviews~searc~c3cac964-6b2c73fb6076e3f1ac71.js Show response
www.nytimes.com/vi-assets/static-assets/ 43 KB
10 KB 21ms
21ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~privacy~reviews~searc~c3cac964-6b2c73fb6076e3f1ac71.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d702442ef75845d666d532a09cf0c8b210566a3c7c4db4ed3731b9411248ec94

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 23797
x-guploader-uploadid: ADPycdtxoQRehP4ZdOMrZt2I204VA98INXDtNr0FpvStqOvulOGgu6kgV3n-jTwdYNjZlWmMXKkefmx_jsNkDlnPagygXw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-30 21:34:02 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455039.840707,VS0,VE1
etag: "374f0148e06c78ddab79b45c67b548a6"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1693431082019800
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~bestsellers~card~collections~explainer~home~liveAsset~markets~paidpost~privacy~reviews~searc~c3cac964-6b2c73fb6076e3f1ac71.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1164
expires: Thu, 29 Aug 2024 21:34:02 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 9004
last-modified: Wed, 30 Aug 2023 21:31:22 GMT
server: UploadServer
x-goog-hash: crc32c=p/Vu/w==, md5=N08BSOBseN2rebRcZ7VIpg==
x-gdpr: 0
x-goog-stored-content-length: 43849
accept-ranges: bytes

GET
H2 200 vendors~audio~bestsellers~byline~collections~explainer~home~liveAsset~markets~paidpost~reviews~searc~40d3959e-710dc92967b8463e29ed.js Show response
www.nytimes.com/vi-assets/static-assets/ 45 KB
14 KB 22ms
21ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~byline~collections~explainer~home~liveAsset~markets~paidpost~reviews~searc~40d3959e-710dc92967b8463e29ed.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5f94b6f21a8454838f720253db7c575bcc22709566a5bd69f241eea05e1e316a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 23797
x-guploader-uploadid: ADPycduArwueLOX3OMLSE60jO6IbZgxXeQ7daosGKXZjPSGLnj0CK48uHR2DIWu7Gf5AC7ncmLSpOE8t3Wp6roYUXG3Yiw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-30 21:34:02 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455039.841140,VS0,VE1
etag: "25fab390c5cdd154db5830d70edbe86d"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1693431082006786
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~byline~collections~explainer~home~liveAsset~markets~paidpost~reviews~searc~40d3959e-710dc92967b8463e29ed.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1175
expires: Thu, 29 Aug 2024 21:34:02 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 14192
last-modified: Wed, 30 Aug 2023 21:31:22 GMT
server: UploadServer
x-goog-hash: crc32c=1Ag1YA==, md5=JfqzkMXN0VTbWDDXDtvobQ==
x-gdpr: 0
x-goog-stored-content-length: 46354
accept-ranges: bytes

GET
H2 200 vendors~account~capsule~clientSideCapsule~collections~explainer~freeaccess~getstarted~liveAsset~news~dc9936e8-86bfcac8f26a16768291.js Show response
www.nytimes.com/vi-assets/static-assets/ 14 KB
5 KB 23ms
23ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~account~capsule~clientSideCapsule~collections~explainer~freeaccess~getstarted~liveAsset~news~dc9936e8-86bfcac8f26a16768291.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

78d8cc59c9ed4972a6bb11cf6cff27ae0ebd4423e84209163abc54de1f36af95

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 23786
x-guploader-uploadid: ADPycduLQ5Tru6IEE7SuLwUYAuB2CR2dk-88ph7W50CbTmuUimgHKsxxjbR2BpaVm-VDyJjaZjYcnAJdbQmGNdVbZKo_7w
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-30 21:34:13 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455039.841178,VS0,VE1
etag: "1263a86b58f0ef3103a675efb4df151a"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1693431081996966
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~account~capsule~clientSideCapsule~collections~explainer~freeaccess~getstarted~liveAsset~news~dc9936e8-86bfcac8f26a16768291.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1048
expires: Thu, 29 Aug 2024 21:34:13 GMT
date: Thu, 31 Aug 2023 04:10:38 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 3963
last-modified: Wed, 30 Aug 2023 21:31:22 GMT
server: UploadServer
x-goog-hash: crc32c=ogSDyQ==, md5=EmOoa1jw7zEDpnXvtN8VGg==
x-gdpr: 0
x-goog-stored-content-length: 14443
accept-ranges: bytes

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ 202 KB
66 KB 38ms
38ms Script
text/javascript 2600:9000:25f5:1600:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25f5:1600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2c585dbc02e10454674c96ff836cb750660b3a743e33c149ba0485290ff1466

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 03:52:31 GMT
x-amz-version-id: 1kChClX555kHiZ7QAwcdyTtz91mRTcsu
content-encoding: br
last-modified: Thu, 31 Aug 2023 03:23:40 GMT
server: AmazonS3
via: 1.1 dda58b5db9b6efb2fca84829e7856cfe.cloudfront.net (CloudFront)
x-amz-cf-pop: CMH68-P5
etag: W/"b102718d7f436aa02fd2c43bb15c43ec"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age: 1089
x-amz-cf-id: Ped_HXBrEH8Bg6dQQgtwOCWS70NePtISIbPjtTzzY5O8C3lv68KKVQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 25ms
24ms XHR
text/plain 3.160.3.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fwww.nytimes.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.3.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-3-135.cmh68.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 00:42:00 GMT
via: 1.1 f62865a6aba38ebc6bc6283096c5ae5c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CMH68-P4
age: 12518
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.nytimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: Av5SynGLWesHJGTEfka3XAm0L9t-fVFBQAvm8-PYkV4QQQ1SMgytHQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 637 B
1 KB 279ms
200ms XHR
text/javascript 108.156.180.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&pid=ZPRdcB2UON1qL&cb=0&ws=1600x1200&v=23.821.1806&t=2000&slots=%5B%7B%22sd%22%3A%22top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22top_art_web%22%7D%5D&pj=%7B%22si_section%22%3A%22world%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.180.227 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-180-227.cmh68.r.cloudfront.net

Software

Server /

Resource Hash

d98343ecf3d7a8376c290efd52232bd2104038037439aa9c0c0ad4b79644be38

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:39 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 782cd53d3d23369feee6e4656bafe94a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CMH68-P2
x-amz-rid: CV1R2E441ARDSY5YT32S
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 637
x-amz-cf-id: IueoLcIVe8FRQmEkysEp1Il6Da9KxA6qAg5UQ3LpZ6zvUHMnvBmIVQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 73ms
24ms XHR
application/javascript 3.160.3.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.3.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-3-135.cmh68.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 13da95a9986b650e208a13e3d3754a9e.cloudfront.net (CloudFront)
date: Wed, 30 Aug 2023 08:30:38 GMT
x-amz-cf-pop: CMH68-P4
age: 70801
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: UbiGQ4gt5v8RxIPcObwLKzZpvSQfF6NoS9wQs__X29OFe9DwLuoXgA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
59 KB 50ms
49ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed218aa225ee16f2c665766383630d048f6091e8190d4e7b7983c985a6642ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60398
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 31 Aug 2023 04:10:39 GMT

GET
H2 200 tags.js Show response
dd.nytimes.com/ 276 KB
57 KB 158ms
27ms Script
text/javascript 3.160.5.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.5.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-5-49.cmh68.r.cloudfront.net

Software

Apache /

Resource Hash

6e2b0107d24f74703fbd7e96d44cfdaccaa4276cb44419639fca9c423130fb7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 bcf3714653b91c162db4f8a673af0716.cloudfront.net (CloudFront)
date: Thu, 31 Aug 2023 03:23:29 GMT
x-amz-cf-pop: CMH68-P4
age: 2830
x-cache: Hit from cloudfront
content-length: 57631
last-modified: Fri, 25 Aug 2023 07:04:40 GMT
server: Apache
etag: "4503f-603b9f5588540-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: 8zXwPyw9rSNJp09sXaqfp8s3-kaFQfDBDjZVAKrFarHx2_rZNlvObw==
expires: Thu, 31 Aug 2023 04:23:29 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1693455039079&ns_c=UTF-8&c8=Canada%20Issues%20Travel%20Warning%20for%20L.G.B.T.Q.%20Citizens%20Visiting%20U.S.%20-%20The%20New%20York%20Time...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1693455039079&ns_c=UTF-8&c8=Canada%20Issues%20Travel%20Warning%20for%20L.G.B.T.Q.%20Citizens%20Visiting%20U.S.%20-%20The%20New%20York%20Tim...

0
224 B

58ms
57ms

Image
text/plain

3.160.5.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1693455039079&ns_c=UTF-8&c8=Canada%20Issues%20Travel%20Warning%20for%20L.G.B.T.Q.%20Citizens%20Visiting%20U.S.%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&c9=
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Server: 3.160.5.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-5-46.cmh68.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:40 GMT
via: 1.1 0eae140cb47e1df2572b33198dae08ca.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CMH68-P4
x-amz-cf-id: bXwcqPguVCt7yMH5dPu2S5Mehshj19XsfYlml01NTf4ktkwRQkbNbw==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 31 Aug 2023 04:10:39 GMT
via: 1.1 0eae140cb47e1df2572b33198dae08ca.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CMH68-P4
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=3005403&ns__t=1693455039079&ns_c=UTF-8&c8=Canada%20Issues%20Travel%20Warning%20for%20L.G.B.T.Q.%20Citizens%20Visiting%20U.S.%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&c9=
content-length: 0
x-amz-cf-id: v2uyKMwR9R1TMDTl0or3mESdGfhiVFue4Sa5CLuuCqphGt14MP1BMQ==

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 20ms
19ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 505
content-encoding: gzip
content-length: 20
date: Thu, 31 Aug 2023 04:10:39 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 16
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 21
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: MI
x-samizdat-query-exe-id: bae51967d58607ac
x-samizdat-query-field-errors: 0
x-served-by: cache-yyz4555-YYZ
x-timer: S1693455039.449066,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 19ms
19ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-entitlements,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 804
content-encoding: gzip
content-length: 20
date: Thu, 31 Aug 2023 04:10:39 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 28
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 56
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: MI
x-samizdat-query-exe-id: 99861ab9072b280b
x-samizdat-query-field-errors: 0
x-served-by: cache-yyz4555-YYZ
x-timer: S1693455040.502776,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 63 B
960 B 182ms
181ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

de2fb7fd3a533c10e58a8054b788190cfd242b5b95be9db2a5d7882f5112abd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: b1a809f6aeb478be
samizdat-x-canary: false
x-served-by: cache-yyz4552-YYZ
x-graphiti-gateway: 58cce6b3
x-nyt-country: US
x-timer: S1693455039.469196,VS0,VE163
x-nyt-continent: NA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: MI
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: NA:AM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Thu, 31 Aug 2023 04:10:39 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 62292411
x-envoy-upstream-service-time: 93
content-length: 85
last-modified: Thu, 31 Aug 2023 04:10:39 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 comments-eee9bd21d2c033a16316.js Show response
www.nytimes.com/vi-assets/static-assets/ 41 KB
13 KB 20ms
19ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-eee9bd21d2c033a16316.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bcfed2bbd7649e072e11645c35100d59794197bc9f506b995c5d0df8056e674a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 201908
x-guploader-uploadid: ADPycdtvYRhhDapd3yx20JHcfEXLVIHbePGsgk1lTpTQEpqPa1vClIAxmfwBngT2eDJ17Qqd_WJXIcekoLA3nWR-3I_FJw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-28 20:05:31 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455039.484319,VS0,VE1
etag: "33cd6bc0834f8f8affd8d764c293cf72"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1693252829624102
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-eee9bd21d2c033a16316.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2418
expires: Tue, 27 Aug 2024 20:05:31 GMT
date: Thu, 31 Aug 2023 04:10:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 12401
last-modified: Mon, 28 Aug 2023 20:00:29 GMT
server: UploadServer
x-goog-hash: crc32c=2tefZg==, md5=M81rwINPj4r/2NdkwpPPcg==
x-gdpr: 0
x-goog-stored-content-length: 41927
accept-ranges: bytes

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 7 KB
3 KB 262ms
262ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2782077960d32ab496c552d67fc90a0fb6be85e9d0327adbb1ad612db2b9d1d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: en-US,en;q=0.9
x-nyt-entitlements
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
x-nyt-programming-abtest
nyt-app-type: project-vi
Content-Type: application/json
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-news-tenure
x-nyt-internal-meter-override

Response headers

content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 0
x-nyt-pass-reason: PRVT
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 62cc0e0a400940e4
samizdat-x-canary: false
x-served-by: cache-yyz4552-YYZ
x-graphiti-gateway: 58cce6b3
x-nyt-country: US
x-timer: S1693455040.523280,VS0,VE243
x-nyt-continent: NA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: MI
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: NA:AM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Thu, 31 Aug 2023 04:10:39 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 8f8aeee5
x-envoy-upstream-service-time: 172
last-modified: Thu, 31 Aug 2023 04:10:38 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 frame.html Show response
edge.microsoft.com/parakeet/ Frame 9153 167 B
417 B 132ms
51ms Document
text/html 2620:1ec:13::239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.microsoft.com/parakeet/frame.html
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:13::239 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d235d239ed7dcc804c2ec2f66533abcbdb7d2959a68a207a43730dde3367da5a

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 167
content-type: text/html
date: Thu, 31 Aug 2023 04:10:39 GMT
etag: "1d9550dedff2fa7"
last-modified: Sun, 12 Mar 2023 18:10:30 GMT
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EB0BD00A4E11421AA95266D95A805A8B Ref B: BL2AA2010203033 Ref C: 2023-08-31T04:10:39Z

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 20ms
19ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 505
content-encoding: gzip
content-length: 20
date: Thu, 31 Aug 2023 04:10:39 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 17
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 21
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: MI
x-samizdat-query-exe-id: 8ce6965636843526
x-samizdat-query-field-errors: 0
x-served-by: cache-yyz4555-YYZ
x-timer: S1693455040.588194,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 20ms
19ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 506
content-encoding: gzip
content-length: 20
date: Thu, 31 Aug 2023 04:10:40 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 18
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 21
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: MI
x-samizdat-query-exe-id: 9245b22e99784f25
x-samizdat-query-field-errors: 0
x-served-by: cache-yyz4555-YYZ
x-timer: S1693455040.109412,VS0,VE1

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 151ms
63ms Fetch
text/html 52.3.42.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://purr.nytimes.com/v1/purr-cache

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.3.42.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-42-214.compute-1.amazonaws.com

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:39 GMT
via: 1.1 google
x-envoy-decorator-operation: purr.nytimes.com:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
server: envoy
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 0635406a1e730be4df46417e6ccbc272
access-control-allow-credentials: true
x-envoy-upstream-service-time: 22
content-length: 0

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 156ms
69ms Fetch
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&caller_id=nyt-vi&jkcb=1693455039535&referrer=&sourceApp=nyt-vi

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-211-112-71.compute-1.amazonaws.com

Software

envoy /

Resource Hash

3aa024cab2301d9fb5a7f0c62363d750c4357de9b2fbfd89b89f2dc6bd64a94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nyti-upstream: gke
date: Thu, 31 Aug 2023 04:10:39 GMT
x-envoy-decorator-operation: a.nytimes.com:443/*
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-encoding: gzip
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 28
access-control-allow-headers: Content-Type, x-requested-by

GET
H2 200 clientSideCapsule-91632ea4d19bb7a8e41f.js Show response
www.nytimes.com/vi-assets/static-assets/ 508 KB
126 KB 22ms
21ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/clientSideCapsule-91632ea4d19bb7a8e41f.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

833359d13aea0ad98683d677fed4666098f07c8110786404aa59a6b4d1fc89cf

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 23768
x-guploader-uploadid: ADPycds_z3Y6xjLgtFz0dLzowlDa_mAFZLjT8x8-RUs9kRn9CdNqW21QhRqAdSkSiyJIYexa3PNHv1YWvDBq5x064F8sNBY9fqCD
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-30 21:34:31 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455040.568757,VS0,VE3
etag: "254f3bcc17d39a082c8c892a01edd981"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1693431080320746
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/clientSideCapsule-91632ea4d19bb7a8e41f.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1
expires: Thu, 29 Aug 2024 21:34:31 GMT
date: Thu, 31 Aug 2023 04:10:39 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 128397
last-modified: Wed, 30 Aug 2023 21:31:20 GMT
server: UploadServer
x-goog-hash: crc32c=I+jaRw==, md5=JU87zBfTmggsjIkqAe3ZgQ==
x-gdpr: 0
x-goog-stored-content-length: 519954
accept-ranges: bytes

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 44 KB
8 KB 190ms
189ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0c0a7285ed036be8256201d3c67316edca620628c6127491b445ada02108eb83

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 0
x-nyt-pass-reason: PRVT
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: ef63e03b97ed1a24
samizdat-x-canary: false
x-served-by: cache-yyz4552-YYZ
x-graphiti-gateway: 58cce6b3
x-nyt-country: US
x-timer: S1693455040.608907,VS0,VE167
x-nyt-continent: NA
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: MI
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: private, no-store
x-nyt-audience-target-flat: NA:AM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Thu, 31 Aug 2023 04:10:39 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 62292411
x-envoy-upstream-service-time: 100
last-modified: Thu, 31 Aug 2023 04:10:39 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 63 B
956 B 167ms
166ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b2064442f57238d5e04d61bacad93794e723f91204f928f6980801c400b7bea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 940e4d56d9056396
samizdat-x-canary: false
x-served-by: cache-yyz4552-YYZ
x-graphiti-gateway: 58cce6b3
x-nyt-country: US
x-timer: S1693455040.131049,VS0,VE146
x-nyt-continent: NA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: MI
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: NA:AM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Thu, 31 Aug 2023 04:10:40 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 1846d8bf
x-envoy-upstream-service-time: 79
content-length: 81
last-modified: Thu, 31 Aug 2023 04:06:21 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/ 402 KB
127 KB 48ms
48ms Script
text/javascript 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c81f14e2bb3209ad75981c1843043f0a465d4c090f2313d0aa5398a7767ca9ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 10:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63087
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129468
x-xss-protection: 0
server: cafe
etag: 3806458570195517322
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 29 Aug 2024 10:39:13 GMT

GET
H2 200 parakeet.min.js Show response
edge.microsoft.com/parakeet/ Frame 9153 23 KB
23 KB 42ms
42ms Script
application/javascript 2620:1ec:13::239
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.microsoft.com/parakeet/parakeet.min.js
Requested by: Host: edge.microsoft.com
URL: https://edge.microsoft.com/parakeet/frame.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:13::239 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 35ebaaa5ccc5200a59dc83791e3776a844a14a3ab52fb7994442652b4b2729e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://edge.microsoft.com/parakeet/frame.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:40 GMT
last-modified: Sun, 12 Mar 2023 18:10:30 GMT
x-msedge-ref: Ref A: CB11A8FAF06C4C6D89ECAE0E69511CAD Ref B: BL2AA2010203033 Ref C: 2023-08-31T04:10:40Z
etag: "1d9550dedff74c0"
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 23488

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame 1913
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

320 B
1 KB

67ms
66ms

Document
text/html

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

9863e497691733db74131fb61099b6d3aad4198f442b261fd589ab6a96ab13d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 320
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 31 Aug 2023 04:10:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: V95RVBT2E16BK9N78S2J

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 31 Aug 2023 04:10:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: SVQ66QWS963E3CRWTQFG

POST
H2 200 / Show response
dd.nytimes.com/js/ 235 B
621 B 81ms
31ms XHR
application/json 3.160.5.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.5.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-5-49.cmh68.r.cloudfront.net

Software

DataDome /

Resource Hash

aa4f0f9be3b9e9ef9b6f3e58524ff8db98779ac79abaff58f9ed2594dd0153fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:40 GMT
via: 1.1 d6eccaed6bcab76e8b9ccd6b59f866ba.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: CMH68-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 235
x-amz-cf-id: 8z7Q0F_sjrfrUtZmLfW--JHj8sG_3QoapWdjDDlzz3cK4nZWWguRgg==
expires: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 29ms
28ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 289
content-encoding: gzip
content-length: 20
date: Thu, 31 Aug 2023 04:10:40 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 66
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 53
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: MI
x-samizdat-query-exe-id: 9b361a53415fe0c6
x-samizdat-query-field-errors: 0
x-served-by: cache-yyz4555-YYZ
x-timer: S1693455041.557897,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 4 KB
2 KB 20ms
20ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c9b1491324d9bd544f7efcb44707814ca4dc668408ca8479a91add96ff63ae89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 0
age: 390
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 1b7e43f275ff6450
samizdat-x-canary: false
x-served-by: cache-yyz4552-YYZ
x-graphiti-gateway: 58cce6b3
x-nyt-country: US
x-timer: S1693455041.579901,VS0,VE1
x-nyt-continent: NA
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: MI
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: NA:AM
x-nyt-edge-cache: HIT
x-cache-hits: 1
x-samizdat-query-sup-code
date: Thu, 31 Aug 2023 04:10:40 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: HIT
samizdat-x-instance: ebfa98ba
x-envoy-upstream-service-time: 37
content-length: 1151
last-modified: Thu, 31 Aug 2023 03:56:41 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 19ms
19ms Font
application/octet-stream 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 20 Apr 2023 17:49:25 GMT
date: Thu, 31 Aug 2023 04:10:40 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 11442073
x-guploader-uploadid: ADPycdtszN228AQlIVLtVJ9LRndtfo5FtWBqrRWpf8dD-ngmzxeVf87isU3rjzRG17TN9O0C30i4MGFvt7x1mNUlXv71
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20196
x-served-by: cache-yyz4552-YYZ
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1693455041.581415,VS0,VE0
etag: "75739ac267f076931c6da9740386ee6b"
x-goog-generation: 1650460180595156
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 20196
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1621

GET
H2 200 standalone-client.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 37 KB
15 KB 20ms
19ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

647b59a59956c45e64f7f8de426b20e1bc47ac34e436a6810455696503c7b16f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Thu, 17 Aug 2023 21:15:17 GMT
date: Thu, 31 Aug 2023 04:10:40 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 134
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 20
content-length: 14822
x-served-by: cache-yyz4552-YYZ
x-nyt-backend: lire-ui
server: envoy
etag: "5XYByg"
content-type: application/javascript
x-cloud-trace-context: 30f4e52c96da7ffd7f2e2f640a884fa7
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 10 KB
4 KB 183ms
182ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&gr=METER_LIMIT&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=truncator

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

cdb934826cb47d3a906197985e2597dc81a19bc472dcd9a595b691dc0d4b8491

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:40 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: capi-prd.growth-mc.nyti.nyt.net:443/*
x-cache: MISS
x-envoy-upstream-service-time: 138
x-served-by: cache-yyz4552-YYZ
server: envoy
x-cmots-campaign-names: {"barOne":"MAG_bar1_test_subcon","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1693455041.643570,VS0,VE163
vary: x-nyt-country, x-nyt-user-status, x-nyt-cmots-purr-ad-conf, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 7952de271593b82fc197728b47e311ae
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
x-nyt-edge-cache: MISS
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2

200

activityi;dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcana... Show response
5290727.fls.doubleclick.net/ Frame 5D68
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fca...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes...

716 B
533 B

59ms
59ms

Document
text/html

172.217.13.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html;u5=;u18=anon;gtm=45He38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ee0f41779de25e74b1add03fa28d5a8ca7c36d714ab62e85043b3ca9c103b7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 04:10:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 04:10:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html;u5=;u18=anon;gtm=45He38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 160ms
37ms Script
application/x-javascript 2600:9000:25f3:7800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25f3:7800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 16:54:41 GMT
content-encoding: gzip
via: 1.1 0f798c5dc07bf9546ee3d4bc341d91a4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:52:49 GMT
server: nginx
x-amz-cf-pop: CMH68-P3
age: 40559
etag: W/"64d2e361-1197e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9GUsIXLLxynKrxlniWWyUzEj9rXtFl0P_9wycSALEZ7kIbB2_2zw3Q==
expires: Thu, 31 Aug 2023 16:54:41 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
737 B 47ms
46ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/show-ads.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 09 Jun 2021 09:54:39 GMT
date: Thu, 31 Aug 2023 04:10:40 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 70702
x-guploader-uploadid: ABg5-UwUwIiaqEzIpvvB_rrhNuBFF1n7dBRURinvL9vr30LT-9uSL90G9xJsq4EcVMXMORAzxeCU-ZqROnHihb0qxvY
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
x-served-by: cache-yyz4552-YYZ
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1693455041.723399,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-generation: 1608239975905841
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 45
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 9122

GET
H2 200 comscore-streaming.js Show response
a1.nyt.com/analytics/ 103 KB
19 KB 48ms
47ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a1.nyt.com/analytics/comscore-streaming.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 09 Jun 2021 10:07:54 GMT
date: Thu, 31 Aug 2023 04:10:40 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 70702
x-guploader-uploadid: ABg5-UxySl-4LYufyFA685-cahpeSVkbzps-NaVm8rAVOf2RcTZuearWuUFnJzeMQVaZK4kcDbeFg5WtOTkvJAu4LzU
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 18717
x-served-by: cache-yyz4552-YYZ
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1693455041.724127,VS0,VE0
etag: "04e0b9556a78ce5cedf86a34e5483036"
vary: Accept-Encoding
x-goog-generation: 1608239975621789
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 105675
accept-ranges: bytes
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 8530

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 4 KB
2 KB 125ms
37ms Script
text/javascript 2606:4700:20::681a:d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85bee2e512beeb93c704c13381735ed93c26e12188e1f8225f50c6bce230793c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:40 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 31 Aug 2023 04:07:24 GMT
server: cloudflare
age: 196
cf-polished: origSize=4729
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gE6mSf%2BYURWlMR3wRlQX12rqCifdh%2BRCtGrrgHmoniPby67uFNzhuescxO5V2sdBGHIIZoe%2FUtzIajzJcaDXa2gMCAcrCFPb4jMp2v%2BuAiYomNbxQYhq%2BSl3KzolpxyDY9B%2FtSxPzOh9IkYhY3oJud8"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ff26cd4ed784bc7-BUF
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2

200

cksync
hb.yahoo.net/
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1548328992
https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=9dbf4858-42bb-4265-82a5-eca7a42e7b45
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5030693220957059315&ttd_tdid=9dbf4858-42bb-4265-82a5-eca7a42e7b45
https://ups.analytics.yahoo.com/ups/55953/sync?uid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=55953&ovsid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&gdpr=0&redir=true
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1mZWRqR0NWRTJ1RVlZWHp1UjVlYUZMWHRDSy5QSm42RX5B&gdpr=0&ovsid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&dpid=55953

43 B
285 B

196ms
69ms

Image
image/gif

104.126.116.136
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hb.yahoo.net/cksync?cs=63&axid_e=eS1mZWRqR0NWRTJ1RVlZWHp1UjVlYUZMWHRDSy5QSm42RX5B&gdpr=0&ovsid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&dpid=55953

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Server

104.126.116.136 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-116-136.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800, max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=604800, max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-length: 43
expires: Thu, 31 Aug 2023 04:10:41 GMT

Redirect headers

location: https://hb.yahoo.net/cksync?cs=63&axid_e=eS1mZWRqR0NWRTJ1RVlZWHp1UjVlYUZMWHRDSy5QSm42RX5B&gdpr=0&ovsid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&dpid=55953
date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 19ms
19ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 507
content-encoding: gzip
content-length: 20
date: Thu, 31 Aug 2023 04:10:40 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 19
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 21
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: MI
x-samizdat-query-exe-id: 83cbdf3bfc9aa4fb
x-samizdat-query-field-errors: 0
x-served-by: cache-yyz4555-YYZ
x-timer: S1693455041.760593,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 1 KB
1 KB 163ms
162ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

481e5f79ab64d2d83e0ba60b05a04530da21727427b1e51a897b888e46ec1f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 923ed436a39b96f8
samizdat-x-canary: false
x-served-by: cache-yyz4552-YYZ
x-graphiti-gateway: 58cce6b3
x-nyt-country: US
x-timer: S1693455041.780317,VS0,VE144
x-nyt-continent: NA
vary: Accept-Encoding, Samizdat-X-Personalize, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: MI
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: NA:AM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Thu, 31 Aug 2023 04:10:40 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 8f8aeee5
x-envoy-upstream-service-time: 76
content-length: 563
last-modified: Tue, 26 Jul 2022 18:52:52 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 599 B
1 KB 268ms
268ms XHR
text/javascript 108.156.180.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&pid=ZPRdcB2UON1qL&cb=1&ws=1600x1200&v=23.821.1806&t=2000&slots=%5B%7B%22sd%22%3A%22bottom%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22bottom_art_web%22%7D%5D&pj=%7B%22si_section%22%3A%22world%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.180.227 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-180-227.cmh68.r.cloudfront.net

Software

Server /

Resource Hash

544ed8a2237cda1e785970350873b4f66c28a2d83cefd3851f9b109447c2b997

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 782cd53d3d23369feee6e4656bafe94a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CMH68-P2
x-amz-rid: 3CPEWZ9E1SP5A1QE305M
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 599
x-amz-cf-id: mEWdogq5wgM9AaaMUf7YOzoQU9Zcw2isiXF1of6wEhm_hd7kGy9O9A==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 365ms
365ms Fetch
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=884110126168312&correlator=2535079492901006&eid=31077496%2C31068367&output=ldjh&gdfp_req=1&vrg=202308280101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Cworld%2Ccanada&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1693455040865&lmt=1693490662&adxs=0&adys=76&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&vis=1&psz=1600x-1&msz=1600x-1&fws=516&ohw=1600&ga_vid=594805481.1693455041&ga_sid=1693455041&ga_hid=2117924438&ga_fc=false&dlt=1693455038463&idt=2291&prev_scp=div%3Dtop%26pos%3Dtop%26amzniid%3DJB_JujvuvDnGLDKL_6HSWN0AAAGKSck7OgEAAAvWAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDDiBNa%26amznp%3D9wiups%26amznsz%3D970x250%26amznbid%3D4cqz28%26request_time%3D2351&cust_params=als_test_clientside%3Dweb_none_medium_20230831041038%26mktg%3Dtype_anon%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1693443810389%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26geo%3Dcanada%252Cunitedstates%252Cflorida%26des%3Dtravelwarnings%252Chomosexualityandbisexuality%252Ctransgender%252Cstatesus%26auth%3Dianausten%26coll%3Dtravel%252Cworldnews%252Cusnews%252Ccanada%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dworld%26si_section%3Dworld%26id%3D100000009063869%26pt%3Dnt1%252Cnt13%252Cnt14%252Cnt15%252Cnt18%252Cnt20%252Cnt21%252Cnt3%252Cnt4%252Cnt5%252Cpt19%252Cpt2%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_chanel%252Cneg_citi_aa%252Cneg_chan2%252Cneg_gg1%252Cneg_bofa%252Cneg_mastercard%252Cneg_hms%252Cneg_google%252Cneg_capitalone%252Cneg_rchmt%252Cpolitics_sentiment%252Cneg_debeer%252Cgb_safe%252Cgs_travel%252Cneg_gg2%252Cneg_mttl%252Cneg_mtb%252Cneg_sia%252Cneg_ts%252Cgs_politics%252Cneg_kaypemg%252Cneg_newyorkp%252Cneg_ms_safe%252Cneg_racism%252Cgs_travel_locations%252Cgs_travel_locations_na%252Cgs_law%252Cneg_orep%252Cneg_hearts%252Cneg_cathay%252Cgs_politics_misc%252Cneg_amerex%252Cgs_politics_issues_policy%252Cgs_law_misc%252Cneg_amex%252Csociety_lgbt%252Cneg_bp%252Cneg_rmw%252Cneg_rms%252Cneg_msft%252Cneg_cme%252Cneg_mktg_safe_q4_2019%252Cneg_aramco%252Cneg_chldis%252Cneg_rolex%252Ccc_tech_society%252Cneg_samsung%252Cneg_korean_air%252Cgv_crime%252Cgs_t%26is_viral%3Dmedium%26mt%3DMT10%252CMT5%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_prebid_0723_3_index_pubmatic%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_blockdetect_0221_1_network_detection%252Cdfp_amzn_2_adslot_priority%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%252Cdfp_adrefresh_0123_1_adrefresh%26sov%3D2%26page_view_id%3DGfFaY5Lr_c6qiL8AznhrVqAO%26purr%3Dfull%26uap%3Dbrowser%26aid%3D5sJL6olKZ2fnpOos2DCKnd%26typ_materials%3D%2523news%2523%26slug%3Dadvisory&adks=3762408111&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

270a1dc91f3fad5b959d0b9bc0134dae3673261d223be455b95445a42f1b13a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13000
x-xss-protection: 0
google-lineitem-id: 6354386870
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138444454632
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 542 B
294 B 117ms
117ms Fetch
text/plain 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=884110126168312&correlator=2535079492901006&eid=31077496%2C31068367&output=ldjh&gdfp_req=1&vrg=202308280101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Cworld%2Ccanada&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1693455040877&lmt=1693490662&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&vis=1&psz=150x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=594805481.1693455041&ga_sid=1693455041&ga_hid=2117924438&ga_fc=false&dlt=1693455038463&idt=2291&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D2356&cust_params=als_test_clientside%3Dweb_none_medium_20230831041038%26mktg%3Dtype_anon%252Clogf%252Cabf%26bt%3D%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1693443810389%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26geo%3Dcanada%252Cunitedstates%252Cflorida%26des%3Dtravelwarnings%252Chomosexualityandbisexuality%252Ctransgender%252Cstatesus%26auth%3Dianausten%26coll%3Dtravel%252Cworldnews%252Cusnews%252Ccanada%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dworld%26si_section%3Dworld%26id%3D100000009063869%26pt%3Dnt1%252Cnt13%252Cnt14%252Cnt15%252Cnt18%252Cnt20%252Cnt21%252Cnt3%252Cnt4%252Cnt5%252Cpt19%252Cpt2%26gscat%3Dneg_ibmtest%252Cneg_ibm%252Cneg_chanel%252Cneg_citi_aa%252Cneg_chan2%252Cneg_gg1%252Cneg_bofa%252Cneg_mastercard%252Cneg_hms%252Cneg_google%252Cneg_capitalone%252Cneg_rchmt%252Cpolitics_sentiment%252Cneg_debeer%252Cgb_safe%252Cgs_travel%252Cneg_gg2%252Cneg_mttl%252Cneg_mtb%252Cneg_sia%252Cneg_ts%252Cgs_politics%252Cneg_kaypemg%252Cneg_newyorkp%252Cneg_ms_safe%252Cneg_racism%252Cgs_travel_locations%252Cgs_travel_locations_na%252Cgs_law%252Cneg_orep%252Cneg_hearts%252Cneg_cathay%252Cgs_politics_misc%252Cneg_amerex%252Cgs_politics_issues_policy%252Cgs_law_misc%252Cneg_amex%252Csociety_lgbt%252Cneg_bp%252Cneg_rmw%252Cneg_rms%252Cneg_msft%252Cneg_cme%252Cneg_mktg_safe_q4_2019%252Cneg_aramco%252Cneg_chldis%252Cneg_rolex%252Ccc_tech_society%252Cneg_samsung%252Cneg_korean_air%252Cgv_crime%252Cgs_t%26is_viral%3Dmedium%26mt%3DMT10%252CMT5%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_0_control%252Cdfp_prebid_0723_3_index_pubmatic%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_blockdetect_0221_1_network_detection%252Cdfp_amzn_2_adslot_priority%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%252Cdfp_adrefresh_0123_1_adrefresh%26sov%3D2%26page_view_id%3DGfFaY5Lr_c6qiL8AznhrVqAO%26purr%3Dfull%26uap%3Dbrowser%26aid%3D5sJL6olKZ2fnpOos2DCKnd%26typ_materials%3D%2523news%2523%26slug%3Dadvisory&adks=373610990&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5d08de3a186ac525eab279e5a38acfad14727d9f3fbc47cf0c2dd85e374422a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3381 6 KB
3 KB 202ms
65ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308280101/pubads_impl.js?cb=31077496

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 04:10:41 GMT
expires: Fri, 30 Aug 2024 04:10:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 24A9 2 KB
3 KB 45ms
45ms Document
text/html 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

8913ac71a147abf2b101b5897784c75617de4bda026f1aff4341564a49ac6867

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 2112
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 31 Aug 2023 04:10:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: Z6WFPD3TRG61VBPY01NE

GET
H2 200 dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftrave... Show response
adservice.google.com/ddm/fls/i/ Frame 14F0 194 B
440 B 156ms
59ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html;u5=;u18=anon;gtm=45He38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CI2Vm9GDhoEDFZpTDQodt8kEjA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4619458135093;auiddc=1985050255.1693455041;u17=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html;u5=;u18=anon;gtm=45He38u0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 04:10:41 GMT
expires: Thu, 31 Aug 2023 04:10:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 19ms
19ms Preflight 151.101.193.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age: 300
age: 507
content-encoding: gzip
content-length: 20
date: Thu, 31 Aug 2023 04:10:40 GMT
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
timing-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via: 1.1 google, 1.1 varnish
x-cache: HIT
x-cache-hits: 20
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 21
x-nyt-audience-target-flat: NA:AM
x-nyt-continent: NA
x-nyt-country: US
x-nyt-edge-cache: HIT
x-nyt-meridiem: AM
x-nyt-region: MI
x-samizdat-query-exe-id: 8e225b86c5879226
x-samizdat-query-field-errors: 0
x-served-by: cache-yyz4555-YYZ
x-timer: S1693455041.980518,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 210 B
998 B 188ms
188ms Fetch
application/json 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://samizdat-graphql.nytimes.com/graphql/v2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-f793b7d9275093c1d424.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

d8ca07a1064ddcee74223a91e27f83a88d713db4271a7701d035888742b48a8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
x-nyt-internal-meter-override: undefined

Response headers

content-encoding: gzip
x-nyt-meridiem: AM
x-b3-traceid: 0
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 4b363d5ca8477f7d
samizdat-x-canary: false
x-served-by: cache-yyz4552-YYZ
x-graphiti-gateway: 58cce6b3
x-nyt-country: US
x-timer: S1693455041.001145,VS0,VE138
x-nyt-continent: NA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: MI
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control: max-age=30
x-nyt-audience-target-flat: NA:AM
x-nyt-edge-cache: MISS
x-cache-hits: 0
x-samizdat-query-sup-code
date: Thu, 31 Aug 2023 04:10:41 GMT
via: 1.1 google, 1.1 varnish
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
samizdat-x-instance: 1846d8bf
x-envoy-upstream-service-time: 71
content-length: 149
last-modified: Thu, 31 Aug 2023 04:10:40 GMT
server: envoy
samizdat-x-kubernetes-namespace: v1
x-fetch-attempts: 1
access-control-allow-credentials: true
x-datadog-trace-id: 0
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame 16E1 19 KB
9 KB 84ms
83ms Document
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&display=newsletter_morning_test&asset=RegiWall&application=Free_Experience&preloaded=true

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

b8f37cfe110d9dfc109eee82cc1e3d4b14f4e6fea7263af85bae9b86ed097195

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://.go-mpulse.net; style-src 'unsafe-inline' .nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors .nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 04:10:41 GMT
etag: W/"4d13-ROnP8VWwqp400Xys1PaVdORgAyc"
expires: 0
pragma: no-cache
resp-details: [[it:lui]]
server: envoy
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 google, 1.1 varnish
x-api-version: F-X
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: c5d16fcc60f14a02382dfec85c77af6d
x-content-type-options: nosniff
x-datadog-parent-id: 9167057160014762211
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 919128737231330059
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 24
x-nyt-backend: lire-ui
x-nyt-edge-cache: MISS
x-powered-by: Express
x-served-by: cache-yyz4552-YYZ

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 96 KB
20 KB 38ms
38ms Script
text/javascript 2606:4700:20::681a:d12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by: Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2c65f5216f7a60f74523e4c0be8018e8b4edff033a9a250c78c4e1762a7ad72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 31 Aug 2023 04:07:24 GMT
server: cloudflare
age: 197
cf-polished: origSize=99066
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnKa4CZe7ztH3I%2Bcxil8XscP49RDTxooUwre2y8RfEV7jYUYw89ExGRR9UGgnvqSc0YEJeJQIBt0a0sjUVxR4RtboKyNbBGEnt28qAz2OatI5NnSlVKBx2s9X9YeL6SSXR8wQmML4Awz6ibaPKVABmog"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ff26cd66d7f4bc7-BUF
request-context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 148ms
56ms Image
image/gif 54.197.82.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&u=DD9I0SBq7alt6RMnh&d=nytimes.com&g=16698&g0=world%2CCanada%2Cinternational_desk&g1=Ian%20Austen&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&b=2657&t=DpuRV4U64GoD4tkJwD9c4TzC4TsIm&V=141&i=Canada%20Cautions%20L.G.B.T.Q.%20Citizens%20Visiting%20U.S.%20Over%20State%20Laws&tz=600&_acct=anon&sn=1&sv=-kq9IZEWjnDXfJwmDCTwb9M0ujY&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.82.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-82-237.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 24A9
Redirect Chain

https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3364566416634816000V10

43 B
479 B

50ms
50ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3364566416634816000V10

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4KW98Z5RKX5FFVJD1T0G
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3364566416634816000V10
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Thu, 31 Aug 2023 04:10:41 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 44E7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

2 KB
2 KB

28ms
28ms

Document
text/html

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 71326419a7b2f7719eafcb33f5788a91143b0e610d21e4692567f0101d7f4fb7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1754
Content-Type: text/html
Date: Thu, 31 Aug 2023 04:10:41 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Thu, 31 Aug 2023 04:10:41 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 83ED 15 KB
6 KB 154ms
33ms Document
text/html 72.247.71.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-71-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=152011
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Thu, 31 Aug 2023 04:10:41 GMT
expires: Fri, 01 Sep 2023 22:24:12 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D8D8 281 B
554 B 152ms
32ms Document
text/html 23.205.62.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.62.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-62-23.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 31 Aug 2023 04:10:41 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame E028
Redirect Chain

https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MTmdTVFJGRTJ1SllzQk9Tc09zVlU3WlJYd2xQa3NqcH5B

43 B
479 B

75ms
46ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MTmdTVFJGRTJ1SllzQk9Tc09zVlU3WlJYd2xQa3NqcH5B

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 31 Aug 2023 04:10:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 5NG6S8NG4E912BCGS93D

Redirect headers

age: 0
content-length: 0
date: Thu, 31 Aug 2023 04:10:41 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MTmdTVFJGRTJ1SllzQk9Tc09zVlU3WlJYd2xQa3NqcH5B
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.75
strict-transport-security: max-age=31536000

GET
H2

200

cm Show response
u.openx.net/w/1.0/ Frame 7AA4
Redirect Chain

https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...

693 B
732 B

56ms
56ms

Document
text/html

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7f7a59853253bbc5058f572cc17306584d5d17bf8c62aaca6bb4c5150ad5f10f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 400
content-type: text/html
date: Thu, 31 Aug 2023 04:10:41 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 31 Aug 2023 04:10:41 GMT
location: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 0695
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=5030693220957059315&ex=appnexus.com

43 B
479 B

54ms
54ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=5030693220957059315&ex=appnexus.com

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 31 Aug 2023 04:10:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: EXN1GY1QTP2REE98JFC9

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 172a4a2e-8040-46c2-8b3e-d8be47009d96
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 04:10:41 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://s.amazon-adsystem.com/ecm3?id=5030693220957059315&ex=appnexus.com
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 96.9.249.44; 96.9.249.44; 806.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame C162
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1665468086573620011276

43 B
479 B

56ms
56ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1665468086573620011276

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 31 Aug 2023 04:10:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: VBTWXP59ZEYHAGKKR5KR

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 31 Aug 2023 04:10:41 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1665468086573620011276
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK c.js Show response
collector.brandmetrics.com/ 0
188 B 206ms
51ms Script
text/javascript 20.40.202.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=9736024
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Request-Context: appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date: Thu, 31 Aug 2023 04:10:40 GMT
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 16E1 477 KB
158 KB 19ms
18ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=8868912

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&display=newsletter_morning_test&asset=RegiWall&application=Free_Experience&preloaded=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c08f3636e93d83836b62f1cd5f16c66ab4eec24b1fd0667e00e6dbb11dd95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&display=newsletter_morning_test&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Tue, 22 Aug 2023 06:30:01 GMT
date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: gzip
via: 1.1 google, 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 437
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 36
content-length: 161140
x-served-by: cache-yyz4552-YYZ
x-nyt-backend: lire-ui
server: envoy
etag: "5XYByg"
content-type: application/javascript
x-cloud-trace-context: 01197125c5743537572c29c1d1d10655
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ Frame 16E1 205 KB
49 KB 141ms
44ms Script
application/javascript 2600:141b:13:78d::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&display=newsletter_morning_test&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:78d::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: br
last-modified: Sat, 05 Aug 2023 19:43:17 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ Frame 16E1 0
0 84ms
84ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&display=newsletter_morning_test&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame 16E1 276 KB
57 KB 27ms
26ms Script
text/javascript 3.160.5.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.5.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-5-49.cmh68.r.cloudfront.net

Software

Apache /

Resource Hash

6e2b0107d24f74703fbd7e96d44cfdaccaa4276cb44419639fca9c423130fb7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 bcf3714653b91c162db4f8a673af0716.cloudfront.net (CloudFront)
date: Thu, 31 Aug 2023 03:23:29 GMT
x-amz-cf-pop: CMH68-P4
age: 2832
x-cache: Hit from cloudfront
content-length: 57631
last-modified: Fri, 25 Aug 2023 07:04:40 GMT
server: Apache
etag: "4503f-603b9f5588540-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
accept-ranges: bytes
x-amz-cf-id: ATjUVSc09fHIOnx5ko8Weuolyi14YLEStpzV-9S-F93MRK88_eGtwg==
expires: Thu, 31 Aug 2023 04:23:29 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame 16E1 0
0 60ms
60ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&display=newsletter_morning_test&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame 16E1 1 KB
1 KB 152ms
69ms Fetch
application/json 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fwww.nytimes.com%2F&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dfreex%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsubscription%252Fonboarding-offer%253FcampaignID%253D7JFJX%2526EXIT_URI%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252F2023%25252F08%25252F30%25252Fworld%25252Fcanada%25252Ftravel-warning-us-lgbtq.html%26display%3Dnewsletter_morning_test%26asset%3DRegiWall%26application%3DFree_Experience%26preloaded%3Dtrue%23lire-ui-101235

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=8868912

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-211-112-71.compute-1.amazonaws.com

Software

envoy /

Resource Hash

70aa624490254933ce93ad1e43ae57ae8711214b4ac417ae50d8a9f948d1c2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-nyti-upstream: gke
date: Thu, 31 Aug 2023 04:10:41 GMT
x-envoy-decorator-operation: a.nytimes.com:443/*
via: 1.1 google
strict-transport-security: max-age=63072000; preload; includeSubdomains
content-encoding: gzip
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 28
access-control-allow-headers: Content-Type, x-requested-by

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ Frame 16E1 0
0 65ms
64ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&display=newsletter_morning_test&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame 16E1 29 KB
29 KB 23ms
19ms Font
font/woff 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Fri, 07 Jun 2024 08:47:08 GMT
date: Thu, 31 Aug 2023 04:10:41 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 7241013
x-guploader-uploadid: ADPycduKTIutALnSZuP6PncYkIFjnq0hivFWb5fVvBlbUsyBjOHEJoSp-0T2fG1N5DEhy-rIQgY-F4yutVy9woT5icDxhtNhaRFJ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-yyz4552-YYZ
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1693455041.249267,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
x-goog-generation: 1605538717313763
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29324
accept-ranges: bytes
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 787

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame 16E1 29 KB
29 KB 21ms
20ms Font
font/woff 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 17 May 2023 07:37:23 GMT
date: Thu, 31 Aug 2023 04:10:41 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 9145996
x-guploader-uploadid: ADPycdtiYrB3k-5be370I6Eva5dphb-qL8nsI_2Sgl7COhGpx08vWr2h4LQiuGpq5Mq0zXMEHJ6bRygGtjuZ_As4d2e20X0_Vglo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-yyz4552-YYZ
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1693455041.249292,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
x-goog-generation: 1605538717322939
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 29504
accept-ranges: bytes
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 768

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 44E7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPASwa2PkWLmNS2SK-Vg5wAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA99gTlkeshA_1J8_QcjQGg&google_cver=1

43 B
632 B

31ms
26ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA99gTlkeshA_1J8_QcjQGg&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA99gTlkeshA_1J8_QcjQGg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

1
sync-eu.connectad.io/pixel/ Frame 44E7
Redirect Chain

https://match.adsrvr.org/track/cmf/casale
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OWRiZjQ4NTgtNDJiYi00MjY1LTgyYTUtZWNhN2E0MmU3YjQ1&gdpr=0&gdpr_consent=&ttd_tdid=9dbf4858-42bb-4265-82a5-eca7a...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&google_gid=CAESED4gjc0xOi_sR-Jdr2mlRXY&google_cver=1
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
https://x.bidswitch.net/sync?dsp_id=93&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=e9e70f66-088c-4c2e-bc14-db03490ae248

0
165 B

452ms
354ms

Image
text/plain

2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=e9e70f66-088c-4c2e-bc14-db03490ae248
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: H2
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:42 GMT
cache-control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ff26cdcbdeb4bd2-BUF
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: //sync-eu.connectad.io/pixel/1?dataid=data3&uuid=e9e70f66-088c-4c2e-bc14-db03490ae248
Date: Thu, 31 Aug 2023 04:10:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 44E7 43 B
855 B 92ms
53ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPASwa2PkWLmNS2SK_Vg5wAADd0AAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C6HT84WT565P5PM67QX8
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 44E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPASwa2PkWLmNS2SK_Vg5wAADd0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMIUwkP8fb5pqnjCiQkkgfI&google_cver=1

43 B
766 B

30ms
25ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMIUwkP8fb5pqnjCiQkkgfI&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEMIUwkP8fb5pqnjCiQkkgfI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 44E7
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=kBT1fJcS8H2LF6d9khi-esAR8H6LQvB-lhk_Ady3

43 B
632 B

58ms
26ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=kBT1fJcS8H2LF6d9khi-esAR8H6LQvB-lhk_Ady3
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=kBT1fJcS8H2LF6d9khi-esAR8H6LQvB-lhk_Ady3
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 44E7
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DD96F187537B4F3FB867C8937BD66AA5

43 B
632 B

28ms
27ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DD96F187537B4F3FB867C8937BD66AA5
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=DD96F187537B4F3FB867C8937BD66AA5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 30 Aug 2023 04:10:41 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 44E7
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAojU7J4CYAACWigYpAMA&expiration=1694664641

43 B
632 B

28ms
26ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAojU7J4CYAACWigYpAMA&expiration=1694664641
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAojU7J4CYAACWigYpAMA&expiration=1694664641
Date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 44E7 0
0

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 44E7 43 B
479 B 92ms
49ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZPASwa2PkWLmNS2SK_Vg5wAADd0AAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BMDD9NCSSNNCJQBCB506
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame 16E1 241 B
625 B 33ms
33ms XHR
application/json 3.160.5.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.5.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-5-49.cmh68.r.cloudfront.net

Software

DataDome /

Resource Hash

1ad76ff572f2430e62dda52a76066f50234504e314cc07b9752064caeb26f92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
via: 1.1 d6eccaed6bcab76e8b9ccd6b59f866ba.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: DataDome
x-amz-cf-pop: CMH68-P4
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 241
x-amz-cf-id: zY9uF7zwMFwoP3sfiAPMSz9gUsdqGh_tAcAbmaK-InqkpQ-3u65mQQ==
expires: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D8D8 34 KB
10 KB 34ms
33ms Script
text/html 23.205.62.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.62.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-62-23.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1ebb44663fefd0072a3706d370a0067d94186020ae565a6fabfb427b9c1cece8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 04:10:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Aug 2023 06:35:55 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=8689
Connection: keep-alive
Content-Length: 10124
Expires: Thu, 31 Aug 2023 06:35:30 GMT

GET
H2 200 vendors~emailsignup-dc7b4a946356c109bcec.js Show response
www.nytimes.com/vi-assets/static-assets/ 24 KB
8 KB 22ms
21ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~emailsignup-dc7b4a946356c109bcec.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d2b7ce4668e8b38056390d1c15cb120319315f62c77197e807d7bc6fe57a635f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 654848
x-guploader-uploadid: ADPycds-ufwkrk1PNHjnBIZ1y7cx2Bzk7bURPJmVH6CO08kKEDwCGkUS-Xqy-l4v-3tPys_xsepy3fC3oKMoGDxFZVSQEw
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-23 14:16:33 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455041.366107,VS0,VE1
etag: "12817f2d00589d2182453e45c8ffea10"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1692800152652771
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~emailsignup-dc7b4a946356c109bcec.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1446
expires: Thu, 22 Aug 2024 14:16:33 GMT
date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 6661
last-modified: Wed, 23 Aug 2023 14:15:52 GMT
server: UploadServer
x-goog-hash: crc32c=vYXjTA==, md5=EoF/LQBYnSGCRT5FyP/qEA==
x-gdpr: 0
x-goog-stored-content-length: 24499
accept-ranges: bytes

GET
H2 200 emailsignup-8ae1db8c73bd1ebeea8f.js Show response
www.nytimes.com/vi-assets/static-assets/ 3 KB
2 KB 22ms
22ms Script
application/javascript 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/emailsignup-8ae1db8c73bd1ebeea8f.js

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

12c70d99383e260bddf35ff8e8f071b91b96cde22faf1370435d53dd26ee79c6

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 654848
x-guploader-uploadid: ADPycdsS7wkr107y63MyG2EEO0J0yTKdXfGaM3EuMOBUW1YDp2iMGj864XBeOjfP2vk_W0q39fo02mRUSri4vrJNiRf-dP-NfokP
x-goog-stored-content-encoding: identity
x-origin-time: 2023-08-23 14:16:32 UTC
x-served-by: cache-yyz4552-YYZ
x-timer: S1693455041.366317,VS0,VE1
etag: "54a4158a2b09c32c8c7d0277127413d8"
vary: Accept-Encoding, Fastly-SSL
x-goog-generation: 1692800150955779
content-type: application/javascript
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/emailsignup-8ae1db8c73bd1ebeea8f.js
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 1410
expires: Thu, 22 Aug 2024 14:16:32 GMT
date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1345
last-modified: Wed, 23 Aug 2023 14:15:51 GMT
server: UploadServer
x-goog-hash: crc32c=ZR/nlQ==, md5=VKQViisJwyyMfQJ3EnQT2A==
x-gdpr: 0
x-goog-stored-content-length: 3501
accept-ranges: bytes

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame 7AA4 43 B
479 B 120ms
51ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=d28f554a-5108-8a1d-9360-08e3475ccbd8

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TYS3DYZ9EH94HXG5XG50
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1e9e4f73-dd0e-a3ae-62b9-9c81d038cd71
pr-bh.ybp.yahoo.com/sync/openx/ Frame 7AA4 43 B
603 B 107ms
39ms Image
image/gif 2600:1f18:4e9:5a05:dd64:d7a:647:2f6e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/1e9e4f73-dd0e-a3ae-62b9-9c81d038cd71?gdpr=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a05:dd64:d7a:647:2f6e Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 7AA4 43 B
855 B 46ms
44ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=d28f554a-5108-8a1d-9360-08e3475ccbd8

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y9B3BB1CVTDQ6Z2B2KWX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7AA4
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=8a592937-4da2-31e7-536e-8a742f6f0038&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expiration=1696047041&gdpr=0&gdpr_consent=

43 B
632 B

27ms
27ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expiration=1696047041&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expiration=1696047041&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 323

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 7AA4 170 B
243 B 112ms
67ms Image
image/png 172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTYzNmZhZmQtODRkNS02ZjQzLTQ2OGUtZDBjZGU1OGRjZTU4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7AA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtoU_C4J5xRdzRL5ouT438&google_cver=1

43 B
180 B

66ms
55ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtoU_C4J5xRdzRL5ouT438&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDtoU_C4J5xRdzRL5ouT438&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 83ED 2 KB
2 KB 82ms
27ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58489856&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ead36d50fa8628731c60de88ad70edd82a9e74e31e4097c243d866d81cf99ae0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 31 Aug 2023 04:10:40 GMT
content-length: 1736
content-type: text/html; charset=UTF-8

GET
H2 200 container.html Show response
d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 22A0 6 KB
3 KB 45ms
44ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 31 Aug 2023 04:10:41 GMT
expires: Fri, 30 Aug 2024 04:10:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D8D8
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LLYNEMOQ-20-FZ0
https://s.amazon-adsystem.com/ecm3?id=LLYNEMOQ-20-FZ0&ex=d-rubiconproject.com&status=ok

43 B
479 B

61ms
60ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LLYNEMOQ-20-FZ0&ex=d-rubiconproject.com&status=ok

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3G818TJ4RDK943EG7G3V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LLYNEMOQ-20-FZ0&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Expires: 0

POST
H2 200 track
a.et.nytimes.com/ Frame 16E1 0
0 62ms
60ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2023%252F08%252F30%252Fworld%252Fcanada%252Ftravel-warning-us-lgbtq.html&display=newsletter_morning_test&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 22A0 24 KB
7 KB 163ms
52ms Script
text/javascript 2607:f8b0:4020:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
URL: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 01:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 442569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 25 Aug 2024 01:14:32 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 22A0 5 KB
3 KB 158ms
43ms Script
text/html 18.116.227.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079072285&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&w=970&h=250&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssSiOiCOMGiLKRxAdUQsA7lXlLF-uZBNKoJmBYIuM6TeIy8x-Qq4NgQh1wu7uB0vLdqrOyCd9U2A8Y6qDv91WQRSXIYxXvLnYAmPuyK0F3-OkA5ysIdvMhHIhrBcUeytSyxWxmn1ouWsylR8JKIODSgp0IKfQ-tsfT351X0ufcMrfGsrP70YAS5HRdp1varaWw6rPxdl_-UHcNZ4_-cyeoKfDsCJo4XpKYigumEtl9fYWuxSUQx40uLLkAMq_aubT0U00amdQgqsA789Iyw1-QMQlW3Xi1o1jwkHfm2Wu2XkYGE1WqPyagqkSkMUqs1H7vpbApnmFwB&sai=AMfl-YSSOrhjpRXHVTuuYSSq-FsfBdJ-TAkYtyOPfuvlKcWOzyjJEW_5a58SRV60DqmVyG-BAstE-_9Ye45gmlr7MnePJDPsUehayYbPYz_u9D26cF557vpPic-b-1AerY_XMmrQgc_n35qT4ElWvahP&sig=Cg0ArKJSzP4kF2WjUvbnEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=$$&ord=1778901779&ifrm=-1&z=0
Requested by: Host: d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
URL: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.227.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-227-71.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bd4f8f20236beb7e8f7f383fe9ab040d0684344c47944ca4b1ca467fa4d124e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 2221
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22A0 181 KB
57 KB 169ms
73ms Script
text/javascript 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
URL: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 04:10:41 GMT

GET
H2 200 imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2
g1.nyt.com/fonts/family/imperial/ 25 KB
25 KB 20ms
19ms Font
font/woff2 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://g1.nyt.com/fonts/family/imperial/imperial-normal-700.024693f96c8f2c457e4a6a8d02a636b7.woff2

Requested by

Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin: https://www.nytimes.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 08 Jun 2022 10:00:24 GMT
date: Thu, 31 Aug 2023 04:10:41 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; preload; includeSubdomains
age: 7236615
x-guploader-uploadid: ABg5-UzkVU_oLqnykPPw0uQJ8fpgkOnkd5PDfheaQ8sidIMS8JstAIVP7_sGWbkPOSKwPoq_RHJ9lOqX1guSYieDwIk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 25680
x-served-by: cache-yyz4552-YYZ
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1693455042.545246,VS0,VE0
etag: "024693f96c8f2c457e4a6a8d02a636b7"
x-goog-generation: 1617743513622046
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=VQvFEQ==, md5=AkaT+WyPLEV+SmqNAqY2tw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
x-goog-stored-content-length: 25680
accept-ranges: bytes
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 797

GET
H/1.1 200
OK dcm Show response
s.amazon-adsystem.com/ Frame 52C8 43 B
855 B 52ms
48ms Document
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 31 Aug 2023 04:10:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: BN1RMS75GZZKDT72PEBV

GET
H/1.1 200
OK ecm3 Show response
s.amazon-adsystem.com/ Frame A6D8 43 B
479 B 52ms
47ms Document
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 31 Aug 2023 04:10:41 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: BJHMD6JABYPSJ3WHNYG4

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 83ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hPov-IF6S1m069kvb7rKsw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

32ms
32ms

Image
text/html

72.247.71.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 72.247.71.192 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-71-192.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=152011
accept-ranges: bytes
content-length: 5606
expires: Fri, 01 Sep 2023 22:24:12 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 83ED
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=cc1bf55c-1321-4046-85f2-ebbb900a7bb7%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&ttd_puid=cc1bf55c-1321-4046-85f2-ebbb900a7bb7%2C%2C

95 B
124 B

47ms
47ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&ttd_puid=cc1bf55c-1321-4046-85f2-ebbb900a7bb7%2C%2C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&ttd_puid=cc1bf55c-1321-4046-85f2-ebbb900a7bb7%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H/1.1 403
Forbidden FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 83ED 0
0 126ms
37ms Image
text/html 40.76.134.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2084FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&rnd=RND
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 xuid
eb2.3lift.com/ Frame 83ED 37 B
354 B 61ms
50ms Image
image/gif 52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7976&xuid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 31 Aug 2023 04:10:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 83ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODRGQTJGRjgtODE3QS00QjU5LUI0RUItRDkyRjZGQkFDQUIz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

78ms
26ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 31 Aug 2023 04:10:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 83ED
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPXePWRw2TpQoOKnc8KdT4o&google_cver=1

42 B
496 B

78ms
25ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPXePWRw2TpQoOKnc8KdT4o&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 31 Aug 2023 04:10:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPXePWRw2TpQoOKnc8KdT4o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 83ED
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DD96F187537B4F3FB867C8937BD66AA5

42 B
287 B

115ms
27ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DD96F187537B4F3FB867C8937BD66AA5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 31 Aug 2023 04:10:41 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:DD96F187537B4F3FB867C8937BD66AA5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 30 Aug 2023 04:10:41 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 83ED
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9dbf4858-42bb-4265-82a5-eca7a42e7b45&gdpr=0&gdpr_consent=

42 B
509 B

95ms
31ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9dbf4858-42bb-4265-82a5-eca7a42e7b45&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 30 Aug 2023 23:05:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=9dbf4858-42bb-4265-82a5-eca7a42e7b45&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2 200 84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 83ED 43 B
602 B 43ms
34ms Image
image/gif 2600:1f18:4e9:5a05:dd64:d7a:647:2f6e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a05:dd64:d7a:647:2f6e Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

pixel
cm2.adform.net/ Frame D8D8
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
https://x.bidswitch.net/sync?dsp_id=93&user_id=9dbf4858-42bb-4265-82a5-eca7a42e7b45&expires=30&ssp=&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
https://cm2.adform.net/pixel?adform_pid=3&adform_pc=e9e70f66-088c-4c2e-bc14-db03490ae248&adform_v=1

43 B
163 B

210ms
32ms

Image
image/gif

185.167.164.37
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm2.adform.net/pixel?adform_pid=3&adform_pc=e9e70f66-088c-4c2e-bc14-db03490ae248&adform_v=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: H2
Server: 185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:42 GMT
last-modified: Wed, 04 Sep 2019 08:48:11 GMT
server: nginx
accept-ranges: bytes
etag: "5d6f7a4b-2b"
content-length: 43
content-type: image/gif

Redirect headers

Location: //cm2.adform.net/pixel?adform_pid=3&adform_pc=e9e70f66-088c-4c2e-bc14-db03490ae248&adform_v=1
Date: Thu, 31 Aug 2023 04:10:41 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8D8
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA2MjYyYTc4NDc2Zjc1ZjI0Zjg3ODkzNTAxZmE4MmQ2Mzk2ZmQ0MA

170 B
188 B

59ms
58ms

Image
image/png

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA2MjYyYTc4NDc2Zjc1ZjI0Zjg3ODkzNTAxZmE4MmQ2Mzk2ZmQ0MA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTA2MjYyYTc4NDc2Zjc1ZjI0Zjg3ODkzNTAxZmE4MmQ2Mzk2ZmQ0MA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame D8D8 43 B
855 B 523ms
184ms Image
image/gif 67.220.228.203
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2J1GCK5Y8WG3ZKJKCEXS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame D8D8
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLYNEMOQ-20-FZ0

0
512 B

228ms
137ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLYNEMOQ-20-FZ0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 566F6B06DE4D4653B8240998926ACE03 Ref B: NYCEDGE1415 Ref C: 2023-08-31T04:10:41Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEMDo34fR37Wqo8g/toA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLYNEMOQ-20-FZ0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e1bf03b8e0c0366715a8d9abd31b9f35
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D8D8
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExZTkVNT1EtMjAtRlow
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAKX9kNs18jnr6s33DEcwyI&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZTkVNT1EtMjAtRlow&google_push=

170 B
188 B

59ms
59ms

Image
image/png

172.217.13.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZTkVNT1EtMjAtRlow&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

Server

172.217.13.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yul03s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExZTkVNT1EtMjAtRlow&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D8D8
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/3NMo-Lw9b3TumyNHvSxSkw?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-i7HVnMpE2oKfBDjXCPdNBofklX8nE9xVFEvWHA--~A

42 B
702 B

33ms
33ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-i7HVnMpE2oKfBDjXCPdNBofklX8nE9xVFEvWHA--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 31 Aug 2023 04:10:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-i7HVnMpE2oKfBDjXCPdNBofklX8nE9xVFEvWHA--~A
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame D8D8
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PE5E-g6zRDuxcHElpP_4HA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PE5E-g6zRDuxcHElpP_4HA

43 B
479 B

47ms
46ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PE5E-g6zRDuxcHElpP_4HA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:41 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6PF5MR9P35Y9KWE007EV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PE5E-g6zRDuxcHElpP_4HA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame D8D8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECM1S4ZxcYbJFang66HhG70&google_cver=1

42 B
702 B

144ms
33ms

Image
image/gif

8.43.72.97
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECM1S4ZxcYbJFang66HhG70&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol: HTTP/1.1
Server: 8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 9ef75ea4f1dd62e53c52f84d8070c378
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECM1S4ZxcYbJFang66HhG70&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 16E1 6 KB
2 KB 185ms
86ms XHR
application/json 2600:141b:13:79f::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5644850&v=1.720.0&sl=0&si=9faf033f-dbb4-448a-b4bb-189ffa8f0c8e-s08m9t&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13:79f::11a6 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 02f60872e2fa2042b1dce5c059c9a4a99655697e8bc4f39dec66685e29cd8abd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 04:10:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1564

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22A0 0
0 60ms
60ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWnObqIyyCMnxLKWUjQ7BQB8kXacqNgXuUOwtcY0k0SeYJ5_0W1lYwj8lg2ypYa3weZAqPDpv63liq1jAe7qQybK4_Ts2qXCyDwudH0OS_Fptxp_Vh_oHCMJx7bozZW2yZVpavovR-FIM3QKtIXQSKPqZ_4nmmjPvfECDCGsdWR-oQlNGGeXOBlRL7Ni7Gv72utK2hlFilJUFrO1yMUbxCPaC1xu-JoqU5giPeiOOXtCkiJOHQJeHnG7gLWZJI_hKPPsBTf3KSmTrEP9nlWbEfb4CelKkaXKwdJjU5JVlc5EHV8u17ILu1z8RfOKhBRg6-YHp_lqXug-vD&sai=AMfl-YShdabP8tzvKEx1C-Nkq2RkQGsAlLUcbkgVhNFmrGqtETYyLBzo-sdbWowl8qElehziUjIKABQfkRce0lLWCDE0-opwHkdBdr-NsmvgY3Fe2KJTGXEcSqaX_-_DqacNbIUYW0z_WxSgbo2dawsh&sig=Cg0ArKJSzDAB0ek10IX8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
URL: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ebPreServing_ndw.js Show response
secure-ds.serving-sys.com/BurstingScript/ Frame 22A0 44 KB
13 KB 151ms
32ms Script
application/javascript 23.204.152.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?c=28&cn=display&pli=1079072285&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&w=970&h=250&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssSiOiCOMGiLKRxAdUQsA7lXlLF-uZBNKoJmBYIuM6TeIy8x-Qq4NgQh1wu7uB0vLdqrOyCd9U2A8Y6qDv91WQRSXIYxXvLnYAmPuyK0F3-OkA5ysIdvMhHIhrBcUeytSyxWxmn1ouWsylR8JKIODSgp0IKfQ-tsfT351X0ufcMrfGsrP70YAS5HRdp1varaWw6rPxdl_-UHcNZ4_-cyeoKfDsCJo4XpKYigumEtl9fYWuxSUQx40uLLkAMq_aubT0U00amdQgqsA789Iyw1-QMQlW3Xi1o1jwkHfm2Wu2XkYGE1WqPyagqkSkMUqs1H7vpbApnmFwB&sai=AMfl-YSSOrhjpRXHVTuuYSSq-FsfBdJ-TAkYtyOPfuvlKcWOzyjJEW_5a58SRV60DqmVyG-BAstE-_9Ye45gmlr7MnePJDPsUehayYbPYz_u9D26cF557vpPic-b-1AerY_XMmrQgc_n35qT4ElWvahP&sig=Cg0ArKJSzP4kF2WjUvbnEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=$$&ord=1778901779&ifrm=-1&z=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.211 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 287dd0fe35e04fc4c0d9d7d35f759d7e9f47d2974d8e04a583596c9d35152794

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: gzip
x-amz-request-id: HBSKRHPSRSRHR8SS
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
content-length: 12805
x-amz-id-2: QjtoubltmD8s67X/vAN9x8Yi7qzkqDFlyKP3S90ZpUplEpI/rko+v2JtdLtjj2/wHChBbDfnnYA=
pragma: no-cache
last-modified: Tue, 18 Jul 2023 10:49:03 GMT
server: AmazonS3
etag: "d8b518a7e878744b155e46bc72781cd0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: 7Xj7CpNZHlu-7a9PTJe9AKtuOz9qbwoM-y0h81pcolIKuW0lyx7WCQ==
expires: Thu, 31 Aug 2023 04:10:41 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 22A0 8 KB
4 KB 120ms
30ms Script
application/javascript 2600:141b:13::17d7:82bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
URL: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 55edaa6cbccf70e849be599d001404994be37c9f67ae60de2b653e72f0f57de5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 04:10:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Aug 2023 08:01:55 GMT
Server: UploadServer
ETag: "baf62fca725f1cfd7dffb6ed5ade8dbf"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3467
Expires: Thu, 24 Aug 2023 08:18:24 GMT

GET
DATA 200
OK truncated
/ Frame 22A0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebb6167f548f8d0fdab63ec71dc867e131fc73e6f2a79c551847cb44b15ecde6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 403 report
csp.dev.nytimes.com/ Frame 16E1 0
0 19ms
18ms Other
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.dev.nytimes.com/report
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 22A0 0
230 B 228ms
40ms XHR
text/plain 3.139.115.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.115.72 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-115-72.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 22A0 13 KB
6 KB 43ms
43ms Script
text/html 18.116.227.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?secCall=1&sessionid=7118933923409096798&usercookie=u2=513c1ccb-d089-4848-a834-133e12904a27&c=28&cn=display&pli=1079072285&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&w=970&h=250&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssSiOiCOMGiLKRxAdUQsA7lXlLF-uZBNKoJmBYIuM6TeIy8x-Qq4NgQh1wu7uB0vLdqrOyCd9U2A8Y6qDv91WQRSXIYxXvLnYAmPuyK0F3-OkA5ysIdvMhHIhrBcUeytSyxWxmn1ouWsylR8JKIODSgp0IKfQ-tsfT351X0ufcMrfGsrP70YAS5HRdp1varaWw6rPxdl_-UHcNZ4_-cyeoKfDsCJo4XpKYigumEtl9fYWuxSUQx40uLLkAMq_aubT0U00amdQgqsA789Iyw1-QMQlW3Xi1o1jwkHfm2Wu2XkYGE1WqPyagqkSkMUqs1H7vpbApnmFwB&sai=AMfl-YSSOrhjpRXHVTuuYSSq-FsfBdJ-TAkYtyOPfuvlKcWOzyjJEW_5a58SRV60DqmVyG-BAstE-_9Ye45gmlr7MnePJDPsUehayYbPYz_u9D26cF557vpPic-b-1AerY_XMmrQgc_n35qT4ElWvahP&sig=Cg0ArKJSzP4kF2WjUvbnEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=$$&ord=1778901779&ifrm=-1&z=0&ccpastatus=1&gdprpurposes=1023&rand=6606164516884925&vurl=$$https%3A%2F%2Fwww.nytimes.com%2F$$&vurlem=3
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.227.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-227-71.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2881e3e2f59d74036a89d756cc225aa1cf3a169758b5d97c425d8d450dd27f0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 5396
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 versionsOH.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/versions/ Frame 22A0 213 B
494 B 33ms
33ms Script
application/javascript 23.204.152.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/versions/versionsOH.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?secCall=1&sessionid=7118933923409096798&usercookie=u2=513c1ccb-d089-4848-a834-133e12904a27&c=28&cn=display&pli=1079072285&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&w=970&h=250&ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssSiOiCOMGiLKRxAdUQsA7lXlLF-uZBNKoJmBYIuM6TeIy8x-Qq4NgQh1wu7uB0vLdqrOyCd9U2A8Y6qDv91WQRSXIYxXvLnYAmPuyK0F3-OkA5ysIdvMhHIhrBcUeytSyxWxmn1ouWsylR8JKIODSgp0IKfQ-tsfT351X0ufcMrfGsrP70YAS5HRdp1varaWw6rPxdl_-UHcNZ4_-cyeoKfDsCJo4XpKYigumEtl9fYWuxSUQx40uLLkAMq_aubT0U00amdQgqsA789Iyw1-QMQlW3Xi1o1jwkHfm2Wu2XkYGE1WqPyagqkSkMUqs1H7vpbApnmFwB&sai=AMfl-YSSOrhjpRXHVTuuYSSq-FsfBdJ-TAkYtyOPfuvlKcWOzyjJEW_5a58SRV60DqmVyG-BAstE-_9Ye45gmlr7MnePJDPsUehayYbPYz_u9D26cF557vpPic-b-1AerY_XMmrQgc_n35qT4ElWvahP&sig=Cg0ArKJSzP4kF2WjUvbnEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=$$&ord=1778901779&ifrm=-1&z=0&ccpastatus=1&gdprpurposes=1023&rand=6606164516884925&vurl=$$https%3A%2F%2Fwww.nytimes.com%2F$$&vurlem=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.211 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 47a8a6f78b6bc5902ca04c5aee6e8a85fafebd0ba5002db63ed4a696f62d3b73

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:48:42 GMT
server: AmazonS3
x-amz-request-id: X4B0QC3FBA3AW1Y6
x-amz-cf-pop: JFK50-P7
etag: "8eb034f9e4568de857489b0930057a57"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Qeo0xm-cvraLn44g45riuhokxV9YNDovJYvCZUJ1zseFmkZ70WJ0sA==
x-amz-id-2: t5o2S/2hlgw6NC34nPtkj5tBNljjzGDqAAEpXZzQ/neE6Xl2dEH+GOtrkV152cnouyK7XPWbdkM=
content-length: 126

GET
H/1.1 200
OK dv-measurements4555.js Show response
cdn.doubleverify.com/ Frame E8CE 421 KB
99 KB 32ms
31ms Script
application/javascript 2600:141b:13::17d7:82bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4555.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6460aca61d3548210f6ca0fc1e4e608ad83744e1b28d78c1fcb83c906559aeb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 04:10:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Aug 2023 05:28:35 GMT
Server: UploadServer
ETag: "90722e72907883cf5bb2b8ef5b20b7d4"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100824
Expires: Fri, 23 Aug 2024 05:29:45 GMT

GET
H2 200 ebStdBannerEx.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ Frame 22A0 292 KB
81 KB 37ms
37ms Script
application/javascript 23.204.152.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/ebPreServing_ndw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.211 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ad45e2d674f6b9b7a6a92375f229b8b6a15b82c481da63af9b99f3dfc16e2650

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:41 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:25:07 GMT
server: AmazonS3
x-amz-request-id: TMBYHWWZAPR6SDCN
x-amz-cf-pop: JFK50-P7
etag: "6aa69677b0acd844ac82b06e371fb347"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: b5Py0-dcgzVTZf6-i2jGWs259ztB3Ezby7L0AYGwo1qUbO8NCoQlSg==
x-amz-id-2: T+aAHaa54R9oW3th4/gqoBP+1Gjv/lS/DlLuZlBlBFKXaCK825lrqX/HM7h3xg6/X8Kgi9xuYV4=
content-length: 82245

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E8CE 694 B
729 B 182ms
62ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=84&ttfrms=21&brid=3&brver=116.0.5845.140&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3FJE%3A%3E6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3FJE%3A%3E6D%5D4%40%3ETar9EEADTbpTauTau5d72f4gda2_f4ha2ghc25af332hh36h5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3FJE%3A%3E6D%5D4%40%3ETaua_abTau_gTaub_TauH%40C%3D5Tau42%3F252TauEC2G6%3D%5CH2C%3F%3A%3F8%5CFD%5C%3D83EB%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&uid=1693455042010889&jsCallback=dvCallback_1693455042010558&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4555&tgjsver=4555&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fd5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=8&brh=2&dvp_epl=369&noc=4&nav_pltfrm=Win32&ctx=20447730&cmp=DV432810&btreg=6354386870138444454632&btadsrv=6354386870138444454632&adsrv=104&unit=970x250&turl=https%3A%2F%2Fwww.nytimes.com%2F2023%2F08%2F30%2Fworld%2Fcanada%2Ftravel-warning-us-lgbtq.html&seltag=1&sadv=4729485078&ord=3173886615&litm=6354386870&scrt=138444454632&splc=/29390238/nyt/world/canada&adu=195795038&spos=top&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&cb=602173583&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=17360657986.540794&dvp_tukv=1014426799.5197552&dvp_strhd=0.40000152587890625&dvpx_strhd=0.40000152587890625&dvp_tuid=1078422498874&jurtd=2671504283
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4555.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 60733937ca68661ecd3b12d19fcd2cf5e3aee7d3cc6c641a181ef2c7e85eb879

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:42 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 08/30/2023 04:10:42

POST
H2 403 report
csp.dev.nytimes.com/ Frame 16E1 0
0 19ms
18ms Other
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.dev.nytimes.com/report
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

GET getdns.txt
trial-eum-clientnsv4-s.akamaihd.net/eum/ Frame 16E1 0
0

POST
H2 403 report
csp.dev.nytimes.com/ Frame 16E1 0
0 18ms
18ms Other
text/html 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://csp.dev.nytimes.com/report
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/csp-report

Response headers

GET getdns.txt
trial-eum-clienttons-s.akamaihd.net/eum/ Frame 16E1 0
0

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_108_0_0/ Frame 22A0 7 KB
2 KB 35ms
35ms Script
application/javascript 23.204.152.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_108_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.211 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:42 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:39:37 GMT
server: AmazonS3
x-amz-request-id: M4JR6J2GBTFMGZPE
x-amz-cf-pop: JFK50-P7
etag: "3470a076f0022d50a41874998110932e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: k1O3hHKBid4XClUgevc90KvXMIgqRKc6BnksV1dYiDBdJTY0kXL9Hg==
x-amz-id-2: OfW1A9Pnu6rVAVj2FkfaC/q/s8qYPMkezQhAQ++IcwRJaYmX3brywhXvoe6Z1lx7OwfmoEC/FD4=
content-length: 1951

GET
H2 200 LiveRamp.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_108_0_0/ Frame 22A0 7 KB
2 KB 33ms
33ms Script
application/javascript 23.204.152.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_108_0_0/LiveRamp.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.211 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4b3c520d9b781fa7d6b4c79228f3a42670be75ba2db7fe78f0c6c2ad7afbeeba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:42 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:39:37 GMT
server: AmazonS3
x-amz-request-id: M4JPTXMDGZ3N7WP4
x-amz-cf-pop: JFK50-P7
etag: "fe0bc494a4d5a6469f13596569c8d59f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: quT8VBpS4MhlhAiFC2ea8x736eJ6MBUQ3b1wQuzSJn-h6q0ud8c1JA==
x-amz-id-2: XVNShpcS+4aiSEG2YkG8sC/EIkcXKxACxtjCYRBHIpIMli2YqlQbd1RPLzz3V/a1Nl5z1OSl4Zc=
content-length: 2100

GET
H2 200 SafeFrameVisibilityProvider.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_108_0_0/ Frame 22A0 5 KB
2 KB 33ms
33ms Script
application/javascript 23.204.152.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_108_0_0/SafeFrameVisibilityProvider.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.211 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: faa721d01c4b87ec47e7599e746cbd8084a4388759aa382f5ce0c2323d165117

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:42 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 10:39:38 GMT
server: AmazonS3
x-amz-request-id: X4BB74SZGTYTT7NJ
x-amz-cf-pop: JFK50-P7
etag: "c6497d3cfc8448a3f556f5ffbdd68a09"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: oTIDEaQZxsxPmwQGGJ0_gqcJcz12KLESsCyfIda6rxmaT4TZr1CJOA==
x-amz-id-2: 5toDHFbnADeD1/2MYGCG4/b82RxDJ2vDHmSzthZH0tRFSsersdbSHxQESelLR0L0rAFJwKqfZZ4=
content-length: 1671

GET
H2 200 p Show response
sb.scorecardresearch.com/ Frame 22A0 43 B
393 B 57ms
57ms Script
image/gif 3.160.5.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/p?c1=3&c2=6034961&c3=1074590238&c4=1090083182&c5=1079072285&c11=144389&c12=&c16=siz&rn=3199988458635182248&ccr=1&gdpr=${GDPR}&ns__p=7118933923409096798&ns__t=7118933923409096798&ax_pid=&ns_ap_pn=&ns_st_ct=&ns_st_ep=&ns_st_ge=&ns_st_pr=&ns_st_pu=New%2520York%2520Times%2520US&ns_ad_pcd=15&ns_ce_mod=1&ns_ad_event=load&gdpr_consent=${GDPR_CONSENT_77}&ns_ap_device=
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.5.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-5-46.cmh68.r.cloudfront.net
Software: /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:42 GMT
via: 1.1 0eae140cb47e1df2572b33198dae08ca.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CMH68-P4
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: n2-Nw8cMdAlN5W8xx-Erf6_RBFFaARuFzEGsLwB4W2-1TX_7fH0izQ==

GET
H2 200 AMZN_NYY_Evergreen_MLB_970x250_78249156900036579.jpg
secure-ds.serving-sys.com/resources/PROD/asset/1073745536/IMAGE/20230328/ Frame 22A0 80 KB
80 KB 37ms
37ms Image
image/jpeg 23.204.152.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/asset/1073745536/IMAGE/20230328/AMZN_NYY_Evergreen_MLB_970x250_78249156900036579.jpg
Requested by: Host: d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
URL: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.204.152.211 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-204-152-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d3f04855176d0da0a8e35a7b2ec6b5607021c786403cde725b3ce65596f12fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 96rVJEtVDcIU9TDs6YXNf2KikYLoSRxS
date: Thu, 31 Aug 2023 04:10:42 GMT
last-modified: Tue, 28 Mar 2023 20:27:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: "440f0fa11bfa12e6d483ce7f2d782ae0"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 81751
x-amz-cf-id: l-qOEzZ9m1SYyC429ah-rxF5cimUlvdoPgTaKsOCQonyXaY-jEj34Q==
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H/1.1 200
OK dv-measurements4555.js Show response
cdn.doubleverify.com/ Frame 6D7A 421 KB
99 KB 33ms
33ms Script
application/javascript 2600:141b:13::17d7:82bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements4555.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13::17d7:82bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6460aca61d3548210f6ca0fc1e4e608ad83744e1b28d78c1fcb83c906559aeb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Thu, 31 Aug 2023 04:10:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Aug 2023 05:28:35 GMT
Server: UploadServer
ETag: "90722e72907883cf5bb2b8ef5b20b7d4"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: max-age=946080900,no-transform
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100824
Expires: Fri, 23 Aug 2024 05:29:45 GMT

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 22A0 0
230 B 35ms
35ms XHR
text/plain 3.139.115.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.115.72 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-115-72.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 22A0 0
230 B 70ms
35ms XHR
text/plain 3.139.115.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.115.72 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-115-72.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame 22A0 24 B
630 B 38ms
37ms XHR
text/html 18.116.227.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=7118933923409096798&ai=1090083182&usercookie=u2=513c1ccb-d089-4848-a834-133e12904a27&oo=0&clsrc=2&clbv=_2_241_3_0&gdprpurposes=1023&dg=1077773186&sdg=1078875670&ctick=65&ord=0.8766508682455842
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.227.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-227-71.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: private
access-control-allow-credentials: true
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 200 adServer.bs
bs.serving-sys.com/Serving/ Frame 22A0 0
499 B 38ms
37ms Ping
text/html 18.116.227.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&int=1090083182~~0~~1077773186~~7118933923409096798^VsR~0~0~01020~68^VsRAg~0~0~01020~68^VsRAd~0~0~01020~68^AdStart~0~0~01020~68&usercookie=u2=513c1ccb-d089-4848-a834-133e12904a27&rnd=0.2924945798463987&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.227.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-227-71.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 6D7A 724 B
750 B 62ms
62ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?flvr=0&ttmms=66&ttfrms=6&brid=3&brver=116.0.5845.140&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3FJE%3A%3E6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3FJE%3A%3E6D%5D4%40%3ETar9EEADTbpTauTau5d72f4gda2_f4ha2ghc25af332hh36h5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3FJE%3A%3E6D%5D4%40%3ETaua_abTau_gTaub_TauH%40C%3D5Tau42%3F252TauEC2G6%3D%5CH2C%3F%3A%3F8%5CFD%5C%3D83EB%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&uid=1693455042245413&jsCallback=dvCallback_1693455042245479&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=4555&tgjsver=4555&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fd5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=8&brh=2&dvp_epl=369&noc=4&nav_pltfrm=Win32&ctx=10741356&cmp=1074590238&sid=144389&plc=1079072285&crt=1090083182&btreg=1090083182&btadsrv=serving-sys&adsrv=115&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_126}&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=17360657986.540794&dvp_tukv=40712465.63426193&dvp_strhd=0.2999992370605469&dvpx_strhd=0.2999992370605469&dvp_tuid=1118347616828&jurtd=789621189
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4555.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: df19f38b8131eebecfae523e63fe95cd9f4b2eb8860105990af1d27b9e72495b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:42 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 08/30/2023 04:10:42

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22A0 0
0 128ms
58ms Fetch
image/gif 2607:f8b0:4020:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTUGHhfROgMQSnIQ1bZNkY3Gc7sIV7Oe7VHhPNivr4xTA5n8u8tX93zdU5d4qfoasxdkmuvGf7VqjY4FeNN3UdptbPMH76yCu0wZjJ8chFCiJaFTHAiufsLGCyKVdTyZkA4JniB-93RbeYy7sySslTEEauc-fW57NyRIcE5WkuDQhP_tynjhqEWs1H_p7URVwHEZjg_-CcAfiFjTSn_5295RIaGNcbrkvfBy30qzaIlVtX-2N-_gR2jhvCXgVPBXS3uhOYgqpSrNgBKMmfcuY4yvMa21r1F6hgGzo7FZyy8Qz8QH6n7d1qBD6mTqGQofmKq0k8xJEheDC97bg&sai=AMfl-YTwSU9iT--PJkyReSvtwQociixeQiq7p0ajVlW63CJ9uqvD2ZePOTss6omJW0NubuCE3eZ-xWUiGqTYF7T9_aWIFAg6M6NAF6kmhF69-ouuJiTzvHpoTcmHHTfIZaL-v2CUJA_PxeR_hPUfzOi3&sig=Cg0ArKJSzBiQ4qRlmJCKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 31 Aug 2023 04:10:42 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 22A0 0
406 B 39ms
39ms XHR
text/html 18.116.227.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1090083182~~0~~1077773186~~7118933923409096798%5EActualSize~970x250x0x1x0000x0x0x970x250~0~01020~163$$&usercookie=u2=513c1ccb-d089-4848-a834-133e12904a27&rnd=0.5012760361990534&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.227.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-227-71.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 22A0 0
406 B 39ms
39ms XHR
text/html 18.116.227.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1090083182~~0~~1077773186~~7118933923409096798%5EAdParams~ifr%3D2%26loc%3D0x0%26size%3D970x250%26cb%3D0%26env%3D0%26vsbp%3D2%26bi%3D-1%26idx%3D1~0~01020~164$$&usercookie=u2=513c1ccb-d089-4848-a834-133e12904a27&rnd=0.4814086787204199&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.227.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-227-71.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 pd
nytimes-d.openx.net/w/1.0/ 43 B
123 B 88ms
54ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nytimes-d.openx.net/w/1.0/pd
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:43 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
https://r.bidswitch.net/sync?bidswitch_ssp_id=medianet&bsw_custom_parameter=e9e70f66-088c-4c2e-bc14-db03490ae248
https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=e9e70f66-088c-4c2e-bc14-db03490ae248&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dcc1bf55c-1321-4046-85f2-ebbb900a7bb7%252Chttps%2525...
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=5030693220957059315&pt=cc1bf55c-1321-4046-85f2-ebbb900a7bb7%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id...
https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=medianet&bsw_param=e9e70f66-088c-4c2e-bc14-db03490ae248
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=&gdpr_consent=&gdpr_pd=

53 B
464 B

95ms
95ms

Image
image/gif

23.205.60.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Server

23.205.60.185 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-60-185.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 31 Aug 2023 04:10:43 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Thu, 31 Aug 2023 04:10:43 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 31 Aug 2023 04:10:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=163427
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&redir=true&gdpr=-1&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uiT_j3hE2uVoL07YVXMxOTJJj.valdk-~A&gdpr=-1

0
260 B

114ms
32ms

Image
text/plain

8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uiT_j3hE2uVoL07YVXMxOTJJj.valdk-~A&gdpr=-1
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:43 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-uiT_j3hE2uVoL07YVXMxOTJJj.valdk-~A&gdpr=-1
date: Thu, 31 Aug 2023 04:10:43 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=995821&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625790456431156

43 B
632 B

313ms
85ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625790456431156
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=968625790456431156
Date: Thu, 31 Aug 2023 04:10:43 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=724bea2e-6726-4a1e-b74d-841cc6a0f4ac

53 B
614 B

202ms
114ms

Image
image/gif

23.205.60.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=724bea2e-6726-4a1e-b74d-841cc6a0f4ac

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html

Protocol

Server

23.205.60.185 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-60-185.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 31 Aug 2023 04:10:43 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Thu, 31 Aug 2023 04:10:43 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:42 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=724bea2e-6726-4a1e-b74d-841cc6a0f4ac
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 872639
content-length: 0
expires: Thu, 31 Aug 2023 00:00:00 GMT

GET
H/1.1 200
OK cksync.php
cs.media.net/ 52 B
418 B 43ms
42ms Image
image/gif 23.52.158.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-158-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:43 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 52
x-mnet-hl2: E
Expires: Thu, 31 Aug 2023 04:10:43 GMT

GET
H/1.1

200
OK

cksync.php
cs.media.net/
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=77ALcbX21QBz115

53 B
631 B

61ms
60ms

Image
image/gif

23.52.158.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=77ALcbX21QBz115
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: HTTP/1.1
Server: 23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-158-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:43 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 53
x-mnet-hl2: E
Expires: Thu, 31 Aug 2023 04:10:43 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:42 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-091c1306f472977d0@us-east-1d@dxedge-app-us-east-1-prod-asg
Location: https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=77ALcbX21QBz115
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cksync.php
cs.media.net/
Redirect Chain

https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=72d7b123d13a1026&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovs...
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAL1cehU4KWCQMjb2aNAAAAAAA&expiration=1693541443&is_secure=true

53 B
643 B

128ms
71ms

Image
image/gif

23.52.158.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAL1cehU4KWCQMjb2aNAAAAAAA&expiration=1693541443&is_secure=true
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: HTTP/1.1
Server: 23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-52-158-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:43 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 53
x-mnet-hl2: E
Expires: Thu, 31 Aug 2023 04:10:43 GMT

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:43 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAAL1cehU4KWCQMjb2aNAAAAAAA&expiration=1693541443&is_secure=true
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
354 B

54ms
53ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 31 Aug 2023 04:10:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:43 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://eb2.3lift.com/xuid?mid=3658&xuid=9dbf4858-42bb-4265-82a5-eca7a42e7b45&dongle=0cfd&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 251

POST
H2 200 adServer.bs
bs.serving-sys.com/Serving/ Frame 22A0 0
507 B 38ms
37ms Ping
text/html 18.116.227.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&int=1090083182~~0~~1077773186~~7118933923409096798^VsIAB~0~0~01020~1072&usercookie=u2=513c1ccb-d089-4848-a834-133e12904a27&rnd=0.06452619094225498&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.116.227.71 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-116-227-71.us-east-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:43 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 22A0 42 B
404 B 174ms
72ms Fetch
image/gif 2607:f8b0:4020:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss-5VnTphRKcPObFbcUmiqgStT-rwG2Dpt74Bn77As2Du0JTZ258wpCvCjI-ov65p3etEbxGXvmyeblVoct4RfryeI_87iQKynL9y_7JBL1Sf6y7lBIvay66kZHpzyy&sig=Cg0ArKJSzIHGb1bouNwsEAE&id=lidar2&mcvt=1000&p=76,315,326,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3762408111&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693455041424&rpt=889&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 83ED 0
130 B 53ms
52ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 23:09:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 83ED 1 KB
2 KB 42ms
42ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55596595&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 830d86f8ec049ff5d0fddaf86c94a30c79e4d3b1b46fdc4cc8c298ac7262df81

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 31 Aug 2023 04:10:43 GMT
content-length: 1470
content-type: text/html; charset=UTF-8

POST
H2 200 track
a.et.nytimes.com/ 0
0 88ms
88ms Ping
text/plain 44.211.112.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.211.112.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-211-112-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame D699
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBb2pVN0o0Q1lBQUNXaWdZcEFNQQ&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?ev=AAAojU7J4CYAACWigYpAMA&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_cur...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAAojU7J4CYAACWigYpAMA&pid=558502&do=add&gd...
https://sync.technoratimedia.com/services?uid=AAAojU7J4CYAACWigYpAMA&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_syn...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
https://rtb-csync.smartadserver.com/redir?partneruserid=AAAojU7J4CYAACWigYpAMA&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5522376985850362459&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAojU7J4CYAACWigYpAMA&gdpr=0&gdpr_consent=

42 B
278 B

45ms
45ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAojU7J4CYAACWigYpAMA&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 31 Aug 2023 04:10:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 31 Aug 2023 04:10:46 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAojU7J4CYAACWigYpAMA&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

204

CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame CE72
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5030693220957059315&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=

0
0

169ms
60ms

Document
text/plain

3.95.46.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.46.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-46-247.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

date: Thu, 31 Aug 2023 04:10:44 GMT

Redirect headers

content-length: 95
content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 04:10:43 GMT
location: https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK ecm3 Show response
s.amazon-adsystem.com/ Frame 3913 43 B
479 B 77ms
75ms Document
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 31 Aug 2023 04:10:44 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: EQQ21K33ZSB2Q9KX63EV

GET
H2

200

insync
thrtle.com/ Frame 83ED
Redirect Chain

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&gdpr=0&gdpr_consent=
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3a060369-e270-4d79-a147-2ee0a9579e45

43 B
295 B

65ms
65ms

Image
image/gif

54.172.83.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3a060369-e270-4d79-a147-2ee0a9579e45
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 54.172.83.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-83-15.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p: CP="NOI OUR BUS UNI COM NAV"
date: Thu, 31 Aug 2023 04:10:45 GMT
content-length: 43
content-type: image/gif

Redirect headers

location: https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&vxii_pid=12&vxii_pid1=10067&vxii_rcid=3a060369-e270-4d79-a147-2ee0a9579e45
date: Thu, 31 Aug 2023 04:10:45 GMT
content-type: text/html; charset=utf-8
content-length: 211
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H3 200 sd
us-u.openx.net/w/1.0/ Frame 83ED 43 B
61 B 72ms
68ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=540245193&val=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:44 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Martin
crb.kargo.com/api/v1/dsync/ Frame 83ED 43 B
359 B 191ms
48ms Image
image/gif 107.22.235.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/Martin?exid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.22.235.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-22-235-237.compute-1.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:44 GMT
x-accel-expires: 0
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 204 sync
sync.bfmio.com/ Frame 83ED 0
425 B 834ms
67ms Image
text/plain 44.217.245.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=187&uid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.217.245.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-217-245-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 31 Aug 2023 04:10:45 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 83ED
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=54a1c36f-ab5d-4197-8d0f-a4d5145a0e21&gdpr=0&gdpr_consent=

1 B
237 B

52ms
52ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=54a1c36f-ab5d-4197-8d0f-a4d5145a0e21&gdpr=0&gdpr_consent=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 04:10:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=54a1c36f-ab5d-4197-8d0f-a4d5145a0e21&gdpr=0&gdpr_consent=
Date: Thu, 31 Aug 2023 04:10:44 GMT
Connection: keep-alive
X-CI-RTID: d4187f2f-6e9b-4965-9d8f-225f5d758a9d
Content-Length: 205
Content-Type: text/html; charset=utf-8

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 83ED
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=1206918bbf2f1026&is_secure=true&networkId=17100&version=1&nuid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL1cehU4KWPQNW98HHAAAAAAA&expiration=1693541444&nuid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&...

42 B
375 B

59ms
59ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL1cehU4KWPQNW98HHAAAAAAA&expiration=1693541444&nuid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 31 Aug 2023 04:10:44 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 31 Aug 2023 04:10:44 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAL1cehU4KWPQNW98HHAAAAAAA&expiration=1693541444&nuid=84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 83ED
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4320071910749590713&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}

0
157 B

50ms
49ms

Image
text/plain

8.28.7.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date: Wed, 30 Aug 2023 23:10:48 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 83ED
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=0&gdpr_consent=&gdp...
https://x.bidswitch.net/sync?dsp_id=445&user_id=f762f856-7aad-3c70-a164-10c74dda50ad&ssp=pubmatic&bsw_param=e9e70f66-088c-4c2e-bc14-db03490ae248
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=&gdpr_consent=&gdpr_pd=

1 B
184 B

58ms
58ms

Image
text/html

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_rbd_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 31 Aug 2023 04:10:43 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e9e70f66-088c-4c2e-bc14-db03490ae248&gdpr=&gdpr_consent=&gdpr_pd=
Date: Thu, 31 Aug 2023 04:10:45 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame E8CE 0
234 B 170ms
70ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=11147181b0f145efba3c51963bf2a1e3&flavor=0&gdpr=&gdpr_consent=&ee_dp_seltagmals=1&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&ee_dp_asmm=1&ee_dp_tskt=ctdetms%2C88%2C7%3Biabletms%2C97%2C3%3Biadletms%2C100%2C0%3Biadcetms%2C100%2C1%3Bal64%2C101%2C3%3Bal8192%2C104%2C1%3Bal128%2C105%2C1%3Bal256%2C105%2C116%3Bialeetms%2C101%2C121%3Bicifdetms%2C221%2C0%3Btsetms%2C73%2C148%3Bmietms%2C74%2C13%3Bprvietms%2C73%2C23%3Bfvietms%2C95%2C2%3Bpovietms%2C97%2C124%3Bimaetms%2C87%2C134%3Biesuimestms%2C73%2C14%3Bimeetms%2C97%2C124%3Bsrbf%2C0%2C1%3Bal128%2C1106%2C0%3Bal128%2C2106%2C1&vdur=183&eoid=19&te_exec=0&msrjs=4555&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=9&msltms=63&vltms=183&sei=290&vetms=5&tuviims=106&tuviems=294&engms=1&engisel=1&ee_dp_noalsu=1&dvp_dtcov=6&mascid=11147181b0f145efba3c51963bf2a1e3&msrcanlm=8640&msrcannum=3&ee_dp_tmads=3130&ismms=30&isumms=29&nvr=6&isgmmims=30&isgmv4mims=30&elmtp=3&isbxdms=3130&b0=231&b11=3000&adhgt=250&adwdth=970&norwdth=970&norhgt=250&vsos=13&dvp_vsosnmr=16&lftb=3231&sftb=3231&msrdp=1&naral=8256&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1130&isuiabvms=1130&isgmpims=29&isgmv4dpims=1130&ispmxpms=1130&engalms=28&dvp_dpr=1&vstsz=735&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3208&cbust=1693455045199540
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4555.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:45 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 08/30/2023 04:10:45

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame 6D7A 0
234 B 381ms
323ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=c3e6d2bed6304d0fafc23df24a5b96d9&flavor=0&gdpr=%24%7BGDPR%7D&gdpr_consent=%24%7BGDPR_CONSENT_126%7D&ee_dp_adlst=2&dvp_gdpr_Error=3&dvp_gdv2_Error=3&ee_dp_lngtks=1&vdur=63&eoid=16&te_exec=0&msrjs=4555&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=7&msltms=43&vltms=63&sei=290&vetms=2&tuviims=72&tuviems=137&engms=1&engisel=1&mascid=11147181b0f145efba3c51963bf2a1e3&dvp_dtcov=6&sadv=4729485078&ord=3173886615&litm=6354386870&scrt=138444454632&splc=%2F29390238%2Fnyt%2Fworld%2Fcanada&adu=195795038&spos=top&ee_dp_asmm=1&msrcanlm=456&msrcannum=3&ee_dp_tmads=2172&ismms=11&isumms=10&nvr=6&elmtp=6&isbxdms=2110&b0=100&b11=2100&adhgt=250&adwdth=970&norwdth=970&norhgt=250&vsos=13&dvp_vsosnmr=16&lftb=2200&sftb=2200&msrdp=0&naral=192&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1010&isuiabvms=1010&ispmxpms=1010&engalms=10&dvp_dpr=1&vstsz=756&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3071&cbust=1693455045311603
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements4555.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 31 Aug 2023 04:10:45 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 08/30/2023 04:10:45

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 83ED 0
128 B 50ms
50ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 04:10:45 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H/1.1 200
OK int Show response
lm.serving-sys.com/lm/ Frame 22A0 0
230 B 156ms
37ms XHR
text/plain 3.139.115.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/int
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_241_3_0/ebStdBannerEx.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.115.72 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-115-72.us-east-2.compute.amazonaws.com
Software: LogModule 0.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.6
Content-Length: 0
Content-Type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D

Domain: trial-eum-clientnsv4-s.akamaihd.net
URL: https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pcbt4s73k

Domain: trial-eum-clienttons-s.akamaihd.net
URL: https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pcbt4s73k

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

99 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 16:33:51	Name: sync Value: CgkIOhCPlaXOpDE=
.nytimes.com/	1970-01-20 23:09:51	Name: nyt-a Value: 5sJL6olKZ2fnpOos2DCKnd
.nytimes.com/	1970-01-20 14:24:36	Name: nyt-gdpr Value: 0
.nytimes.com/	1970-01-20 23:09:51	Name: nyt-purr Value: cfhhcfhhhckfhdfs
.nytimes.com/	1970-01-20 14:24:36	Name: nyt-us Value: 1
.nytimes.com/	1970-01-20 14:24:36	Name: nyt-geo Value: US
.nytimes.com/	1970-01-20 14:24:15	Name: nyt.et.dd Value: iv=CEFCCF311B3F4E54BE2B403BFFE1B091&val=bYntyMJ98r++OWeiOwryOIXkkdCh4Nix7iQFhLbVLEcsVg6Df6rb1NRv/0QbjUERDiMNhoaosZrZuwpLbvlvr0mPM2l2G+jxN9RzN+ZzXB8SkK8XX5y4skH5qzcvlhX/bkouSg+vH33qSM/nCCax24/WoHkCJRTIUBux5N+8tfpZ6pZhTEj2jhjG4rZJY3eFWNUK0olBz0J1MX2Yz5PYpNasziLn4zdM+OkxaGZpkHDvpT17PwUHXekBwYTFZuWAIW46sacyUOn/nAQsPmCX2BvBsmhiMxS1baav3r1eIXOAT1BwOTevSJdlotKf7BmPDeXKiyzOCIVWPj1/Qt4QmhW7sVpVzAsErYqeuoSG5ea9nonxCglh43Q4hD+Itzy9CPzoBiuGz2RBvU5OQ+kBAriKvfwP5Oe0NbaGJyWS6EHctzVm37gMlc8+btQYoI1NQnO+v+ZfmLat6pgLWs1UkA==
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: 569d16ed895d4ab081cd1e1f238466c8
.et.nytimes.com/	1970-01-20 14:24:16	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 23:09:51	Name: sessionIndex Value: 1\|1693455038646\|5sJL6olKZ2fnpOos2DCKnd\|1693455038646
.rubiconproject.com/	1970-01-20 23:09:51	Name: khaos Value: LLYNEMOQ-20-FZ0
.scorecardresearch.com/	1970-01-21 00:00:15	Name: UID Value: 17B3226464b9b1d6dd90cf31693455039
.adnxs.com/	1970-01-20 16:33:51	Name: icu Value: ChgIkbx3EAoYASABKAEwv6XApwY4AUABSAEQv6XApwYYAA..
.adnxs.com/	1970-01-20 16:33:51	Name: uuid2 Value: 5030693220957059315
.nytimes.com/	1970-01-20 23:53:45	Name: purr-cache Value: <K0<r<C_<G_<S0<a0<ua
a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1693455039658&isNew=1&pageIndex=1
a.nytimes.com/	1970-01-20 23:09:51	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 14:25:26	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 14:25:26	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 23:09:51	Name: nyt-jkidd Value: uid=0&lastRequest=1693455039658&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
.amazon-adsystem.com/	1970-01-20 19:32:24	Name: ad-id Value: A0F3od33TkDylUsKEMSfHQo
.amazon-adsystem.com/	1970-01-21 00:00:15	Name: ad-privacy Value: 0
.nytimes.com/	1970-01-20 16:33:51	Name: _gcl_au Value: 1.1.1985050255.1693455041
.adsrvr.org/	1970-01-20 23:11:17	Name: TDID Value: 9dbf4858-42bb-4265-82a5-eca7a42e7b45
.www.nytimes.com/	1970-01-20 23:09:51	Name: datadome Value: 4nbC-7w9vVFYcaPbryL-9h~651hvdTrlr7OzBvbCrEkA1ybCLlu4IlXwEdo48VhBiNym9e5iTG2Ox-3s6oZn4IonItZDkXEV2TIsoIOP4yHOnD_QZyChf-_g5qbWmPDV
.nytimes.com/	1970-01-20 23:53:03	Name: _cb Value: DD9I0SBq7alt6RMnh
.nytimes.com/	1970-01-20 23:53:03	Name: _chartbeat2 Value: .1693455041021.1693455041021.1.-kq9IZEWjnDXfJwmDCTwb9M0ujY.1
.nytimes.com/	1970-01-20 14:24:16	Name: _cb_svref Value: null
.casalemedia.com/	1970-01-20 23:09:51	Name: CMID Value: ZPASwa2PkWLmNS2SK-Vg5wAA
.casalemedia.com/	1970-01-20 16:33:51	Name: CMPS Value: 3549
.casalemedia.com/	1970-01-20 16:33:51	Name: CMPRO Value: 3549
.media.net/	1970-01-20 23:09:51	Name: visitor-id Value: 3364566416634816000V10
.3lift.com/	1970-01-20 16:33:51	Name: tluid Value: 1665468086573620011276
.openx.net/	1970-01-20 23:09:51	Name: i Value: 59f5166e-e425-0e10-09b8-429c4b4833c5\|1693455041
.yahoo.com/	1970-01-20 23:10:12	Name: A3 Value: d=AQABBMES8GQCEJ2SIQGV_M-u4it138MNXL0FEgEBAQFk8WT5ZNxH0iMA_eMAAA&S=AQAAAlD5wLJUegU6jrQOLV4FeXs
.et.nytimes.com/	1970-01-20 14:25:41	Name: et-ppvid Value: https://myaccount.nytimes.com/auth/iframe/enter-email=I-BRw5e-pRdPKUWn2q6z252Q^https://www.nytimes.com/2023/08/30/world/canada/travel-warning-us-lgbtq.html=GfFaY5Lr_c6qiL8AznhrVqAO
.openx.net/	1970-01-20 14:45:51	Name: pd Value: v2\|1693455041\|vMgavPkWgy
.myaccount.nytimes.com/	1970-01-20 23:09:51	Name: datadome Value: 0JNjHiP9QV2z1GM6amUst3qQ4hGdV-6Ovp5rtgrj2Cgq8SuVkjKpHoRZ~u4Upl7BO3vqFLw9xG7oBEoFfHeo1~g0MlubEC2K0cbwXHze4bKEbGaukl9bIy~aqhfVOTVW
.nytimes.com/	1970-01-20 23:45:51	Name: __gads Value: ID=91731ed1e804ad3b:T=1693455040:RT=1693455040:S=ALNI_MYJJRf_g5F41TYKJn76OMltXwtdwQ
.nytimes.com/	1970-01-20 23:45:51	Name: __gpi Value: UID=00000d8f01ab5f29:T=1693455040:RT=1693455040:S=ALNI_MYg9vFYrohzvuuI72iDR3eorf9dSw
.simpli.fi/	1970-01-20 23:11:17	Name: suid Value: DD96F187537B4F3FB867C8937BD66AA5
.pubmatic.com/	1970-01-20 23:09:51	Name: KADUSERCOOKIE Value: 84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3
.quantserve.com/	1970-01-20 16:33:51	Name: d Value: EDkBDQHrKbjvsQA
.quantserve.com/	1970-01-20 23:54:29	Name: mc Value: 64f012c1-74148-6f1c2-bc209
.doubleclick.net/	1970-01-21 00:00:15	Name: IDE Value: AHWqTUmCwhiS6YzRYArLL1kML4rbqMtJdr0p2dEL660t3AJUYz4Himk8F2K-ob5ggf0
.bidr.io/	1970-01-20 23:52:48	Name: bito Value: AAAojU7J4CYAACWigYpAMA
.bidr.io/	1970-01-20 23:52:48	Name: bitoIsSecure Value: ok
.tapad.com/	1970-01-20 15:50:39	Name: TapAd_TS Value: 1693455041670
.tapad.com/	1970-01-20 15:50:39	Name: TapAd_DID Value: cc1bf55c-1321-4046-85f2-ebbb900a7bb7
.pubmatic.com/	1970-01-20 16:33:51	Name: KRTBCOOKIE_80 Value: 22987-CAESEPXePWRw2TpQoOKnc8KdT4o&KRTB&23025-CAESEPXePWRw2TpQoOKnc8KdT4o&KRTB&23386-CAESEPXePWRw2TpQoOKnc8KdT4o
.pubmatic.com/	1970-01-20 15:07:27	Name: KRTBCOOKIE_148 Value: 19421-uid:DD96F187537B4F3FB867C8937BD66AA5&KRTB&23486-uid:DD96F187537B4F3FB867C8937BD66AA5&KRTB&23489-uid:DD96F187537B4F3FB867C8937BD66AA5
.pubmatic.com/	1970-01-20 16:33:51	Name: KRTBCOOKIE_377 Value: 6810-9dbf4858-42bb-4265-82a5-eca7a42e7b45&KRTB&22918-9dbf4858-42bb-4265-82a5-eca7a42e7b45&KRTB&23031-9dbf4858-42bb-4265-82a5-eca7a42e7b45
.bidswitch.net/	1970-01-20 23:09:51	Name: c Value: 1693455041
.bidswitch.net/	1970-01-20 23:09:51	Name: tuuid_lu Value: 1693455041
.bidswitch.net/	1970-01-20 23:09:51	Name: tuuid Value: e9e70f66-088c-4c2e-bc14-db03490ae248
.nytimes.com/	1970-01-20 14:34:19	Name: RT Value: "z=1&dm=nytimes.com&si=0aef6a30-e8a3-4d9e-ad03-0eaa8d1016d6&ss=llyneodg&sl=1&tt=a9&bcn=%2F%2F173bf10c.akstat.io%2F&ld=m5"
.rubiconproject.com/	1970-01-20 23:09:51	Name: audit Value: 1\|tcR/wBEzWcI5VwpkvXOo+FYvo2XO8wv+z0QnGM0pmGQpFQkGbpMNqLapK5MZ1VIlCi3FSi6NIV6p7VtEw4brJOCAnekPgJibDVXYmBCGE1Absm1clVNMrQ==
.serving-sys.com/	1970-01-20 15:07:27	Name: u2 Value: 513c1ccb-d089-4848-a834-133e12904a274Og07g
.linkedin.com/	1970-01-20 23:09:51	Name: bcookie Value: "v=2&8a94fc7b-b150-4b18-8424-2decd6ca8a5c"
.linkedin.com/	1970-01-20 14:25:41	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=3035:u=1:x=1:i=1693455041:t=1693541441:v=2:sig=AQFbwUjUoi88TY5Yd5Ds_n94G_5b7dZy"
.serving-sys.com/	1970-01-20 15:07:27	Name: eyeblaster Value: RES=32
.serving-sys.com/	1970-01-20 15:07:27	Name: A6 Value: 10+lBKzr.q1006G200001zr.q
.criteo.com/	1970-01-20 23:45:51	Name: uid Value: 724bea2e-6726-4a1e-b74d-841cc6a0f4ac
.adsrvr.org/	1970-01-20 23:11:17	Name: TDCPM Value: CAESFwoIYXBwbmV4dXMSCwj4ibDayPiUPBAFEhkKCnJpZ2h0bWVkaWESCwj4ibDayPiUPBAFEhUKBmdvb2dsZRILCILtx9_I-JQ8EAUSFQoGY2FzYWxlEgsIoKmq3sj4lDwQBRIYCgliaWRzd2l0Y2gSCwjGwYTiyPiUPBAFEhQKBXRhcGFkEgsI5Nm84cj4lDwQBRIWCgdzdng5dDUwEgsIjP6878j4lDwQBRgBIAEoAjILCIz2v5zf-JQ8EAU4AVoHc3Z4OXQ1MGAC
.analytics.yahoo.com/	1970-01-20 23:09:51	Name: IDSYNC Value: "18y3~2dng:1769~2dng:19e0~2dng:18z8~2dng"
.w55c.net/	1970-01-20 23:54:29	Name: wfivefivec Value: 77ALcbX21QBz115
.w55c.net/	1970-01-20 15:07:27	Name: matchmedianet Value: 5
.media.net/	1970-01-20 23:08:24	Name: data-xu Value: 77ALcbX21QBz115~~8
.media.net/	1970-01-20 15:07:27	Name: data-c Value: 724bea2e-6726-4a1e-b74d-841cc6a0f4ac~~1
.media.net/	1970-01-20 15:07:27	Name: data-c-ts Value: 1693455043
.media.net/	1970-01-20 23:08:24	Name: data-co Value: AAAL1cehU4KWCQMjb2aNAAAAAAA~~8
.tapad.com/	1970-01-20 15:50:39	Name: TapAd_3WAY_SYNCS Value: 1!5836-2!5836
.rfihub.com/	1970-01-20 23:45:51	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmlsYmpqYGJsamoOAJ-nSKoQAAAA
.rfihub.com/	1970-01-20 23:45:51	Name: rud Value: H4sIAAAAAAAA_-MSsjSzMDMyNbc0MDE1MzE2NDQ1E-Iz1K1M9SwPyTHIyQkwTQEA5cETvCQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjSzMDMyNbc0MDE1MzE2NDQ1E-Iz1K1M9SwPyTHIyQkwTQEA5cETvCQAAAA
.pubmatic.com/	1970-01-20 15:07:27	Name: SPugT Value: 1693436996
.media.net/	1970-01-20 23:08:24	Name: data-bs Value: e9e70f66-088c-4c2e-bc14-db03490ae248~~1
.ads.pubmatic.com/	1970-01-20 14:25:41	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 16:33:51	Name: DPSync3 Value: 1694649600%3A259_201_263_262_261_260%7C1693526400%3A248%7C1694044800%3A265
.dotomi.com/	1970-01-20 14:24:15	Name: DotomiTest Value: 1206918bbf2f1026
.pubmatic.com/	1970-01-20 16:33:51	Name: KRTBCOOKIE_57 Value: 22776-5030693220957059315&KRTB&23339-5030693220957059315
.pubmatic.com/	1970-01-20 16:33:51	Name: SyncRTB3 Value: 1694649600%3A71_13_178_104_21_250_166_3_220_54%7C1694044800%3A2_223_15%7C1694304000%3A63
.pubmatic.com/	1970-01-20 14:25:41	Name: pi Value: 163427:3
.kargo.com/	1970-01-20 23:09:51	Name: ktcid Value: 6b205665-59aa-0eea-581e-e990604af4d1
.turn.com/	1970-01-20 18:43:27	Name: uid Value: 4320071910749590713
.pubmatic.com/	1970-01-20 15:07:27	Name: KRTBCOOKIE_22 Value: 14911-4320071910749590713&KRTB&23150-4320071910749590713
.pubmatic.com/	1970-01-20 16:33:51	Name: chkChromeAb67Sec Value: 5
.pubmatic.com/	1970-01-20 16:33:51	Name: KRTBCOOKIE_32 Value: 11175-AAAL1cehU4KWPQNW98HHAAAAAAA&KRTB&22713-AAAL1cehU4KWPQNW98HHAAAAAAA&KRTB&22715-AAAL1cehU4KWPQNW98HHAAAAAAA&KRTB&23519-AAAL1cehU4KWPQNW98HHAAAAAAA
.contextweb.com/	1970-01-20 23:02:39	Name: V Value: i30Z7w3abtiM
.contextweb.com/	1970-01-20 23:09:51	Name: pb_rtb_ev Value: 3-1mlb\|7dN.0.AAAojU7J4CYAACWigYpAMA
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 821457ce52ef2443
.aralego.com/	1970-01-20 19:38:28	Name: sspid Value: f762f856-7aad-3c70-a164-10c74dda50ad
.pubmatic.com/	1970-01-20 16:33:51	Name: KRTBCOOKIE_466 Value: 16530-e9e70f66-088c-4c2e-bc14-db03490ae248
.ipredictive.com/	1970-01-20 23:09:51	Name: cu Value: 54a1c36f-ab5d-4197-8d0f-a4d5145a0e21\|1693455044984
.pubmatic.com/	1970-01-20 15:07:27	Name: KRTBCOOKIE_279 Value: 22890-54a1c36f-ab5d-4197-8d0f-a4d5145a0e21&KRTB&23011-54a1c36f-ab5d-4197-8d0f-a4d5145a0e21&KRTB&23355-54a1c36f-ab5d-4197-8d0f-a4d5145a0e21
.pubmatic.com/	1970-01-20 15:07:27	Name: PugT Value: 1693455044
.thrtle.com/	1970-01-20 19:12:15	Name: mc Value: eyJpZCI6IjNhMDYwMzY5LWUyNzAtNGQ3OS1hMTQ3LTJlZTBhOTU3OWU0NSIsImwiOjE2OTM0NTUwNDUzMzQsInQiOjF9
.bfmio.com/	1970-01-20 23:09:51	Name: __187_cid Value: 84FA2FF8-817A-4B59-B4EB-D92F6FBACAB3
.bfmio.com/	1970-01-20 23:09:51	Name: __io_cid Value: 3b77cc396b8ca3e6ac6f518eaba9f573dee70718

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network	error	URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2084FA2FF8-817A-4B59-B4EB-D92F6FBACAB3&rnd=RND Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://173bf10c.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pcbt4s73k' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pcbt4s73k' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Message: Refused to execute script from 'https://sb.scorecardresearch.com/p?c1=3&c2=6034961&c3=1074590238&c4=1090083182&c5=1079072285&c11=144389&c12=&c16=siz&rn=3199988458635182248&ccr=1&gdpr=${GDPR}&ns__p=7118933923409096798&ns__t=7118933923409096798&ax_pid=&ns_ap_pn=&ns_st_ct=&ns_st_ep=&ns_st_ge=&ns_st_pr=&ns_st_pu=New%2520York%2520Times%2520US&ns_ad_pcd=15&ns_ce_mod=1&ns_ad_event=load&gdpr_consent=${GDPR_CONSENT_77}&ns_ap_device=' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
als-svc.nytimes.com
bh.contextweb.com
bs.serving-sys.com
c.amazon-adsystem.com
c.go-mpulse.net
cdn.brandmetrics.com
cdn.doubleverify.com
cm.g.doubleclick.net
cm2.adform.net
cms.quantserve.com
collector.brandmetrics.com
contextual.media.net
crb.kargo.com
cs.media.net
csp.dev.nytimes.com
d5fa7c852a07c92a894ad27bba99be9d.safeframe.googlesyndication.com
dd.nytimes.com
dis.criteo.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
edge.microsoft.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g1.nyt.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
insight.adsrvr.org
lm.serving-sys.com
match.adsrvr.org
match.prod.bidr.io
medianet-match.dotomi.com
mwcm.nytimes.com
myaccount.nytimes.com
nytimes-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pnytimes.chartbeat.net
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
purr.nytimes.com
px.ads.linkedin.com
r.bidswitch.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.openx.net
rumcdn.geoedge.be
s.amazon-adsystem.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.chartbeat.com
static01.nyt.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.aralego.com
sync.bfmio.com
sync.ipredictive.com
sync.technoratimedia.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
typeface.nyt.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
x.bidswitch.net
sync-tm.everesttech.net
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
104.126.116.136
104.18.39.155
104.36.115.111
104.36.115.113
107.22.235.237
108.156.180.227
151.101.129.164
151.101.193.164
162.210.196.208
162.248.18.37
172.217.13.162
172.217.13.198
18.116.227.71
185.167.164.37
192.40.39.223
198.148.27.131
199.38.167.130
20.40.202.2
23.105.14.106
23.204.152.211
23.205.60.185
23.205.62.23
23.52.158.180
2600:141b:13:78d::11a6
2600:141b:13:79f::11a6
2600:141b:13::17d7:82bb
2600:1f18:4e9:5a05:dd64:d7a:647:2f6e
2600:9000:25f3:7800:18:1fcd:353:c61
2600:9000:25f5:1600:4:b37b:9440:93a1
2602:803:c002:200::113
2603:c020:400d:3000:67b7:1059:7283:c690
2606:4700:10::ac43:8ae
2606:4700:20::681a:d12
2606:ae80:1451:20::1690
2607:f8b0:4006:80f::2008
2607:f8b0:4020:805::2002
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2002
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:13::239
2620:1ec:21::14
3.139.115.72
3.160.3.135
3.160.5.46
3.160.5.49
3.225.218.10
3.33.220.150
3.95.46.247
34.107.148.139
34.111.113.62
34.117.228.201
34.98.64.218
35.186.253.211
35.194.66.159
35.211.118.13
35.211.178.172
40.76.134.238
44.211.112.71
44.217.245.111
52.203.232.146
52.223.22.214
52.23.46.39
52.3.42.214
52.46.143.56
54.159.93.151
54.172.83.15
54.197.82.237
54.86.50.125
67.220.228.203
68.67.161.208
72.247.71.192
74.119.119.150
8.28.7.82
8.28.7.83
8.28.7.84
8.43.72.97
8.43.72.98
02f60872e2fa2042b1dce5c059c9a4a99655697e8bc4f39dec66685e29cd8abd
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
09aa7f7c7362d9a3e857f26697ec5dba6fa4ec905e692508e90ea68ab8cda780
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0c0a7285ed036be8256201d3c67316edca620628c6127491b445ada02108eb83
0c6f3473b5540696e2d4a19deb3c4d15d22d5bb7e63e66b68a6614a21acb38d1
12c70d99383e260bddf35ff8e8f071b91b96cde22faf1370435d53dd26ee79c6
1539e622314283cafce7ae0993d6eff4203c1905b5f0649c0f072fd28dae5d19
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ad76ff572f2430e62dda52a76066f50234504e314cc07b9752064caeb26f92c
1ebb44663fefd0072a3706d370a0067d94186020ae565a6fabfb427b9c1cece8
21de32a31b934126535d48ccc684d18827d937d7e08d68cb68149a894b914d62
270a1dc91f3fad5b959d0b9bc0134dae3673261d223be455b95445a42f1b13a7
2782077960d32ab496c552d67fc90a0fb6be85e9d0327adbb1ad612db2b9d1d3
27c682d8ada5ec7f410a24aa53762c06865e73a5940122e70feb9d6415220af0
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
287dd0fe35e04fc4c0d9d7d35f759d7e9f47d2974d8e04a583596c9d35152794
2881e3e2f59d74036a89d756cc225aa1cf3a169758b5d97c425d8d450dd27f0c
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
347578fb26bb96ea3a7a4bb63bfdb835879d6be712f2dc01e83a12cbd0a86c2d
35ebaaa5ccc5200a59dc83791e3776a844a14a3ab52fb7994442652b4b2729e0
3aa024cab2301d9fb5a7f0c62363d750c4357de9b2fbfd89b89f2dc6bd64a94f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cf42b16cd67da90ec7a8988b2b5fe60202c713f380844d131f2630ca1309c7
47a8a6f78b6bc5902ca04c5aee6e8a85fafebd0ba5002db63ed4a696f62d3b73
481e5f79ab64d2d83e0ba60b05a04530da21727427b1e51a897b888e46ec1f50
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4b3c520d9b781fa7d6b4c79228f3a42670be75ba2db7fe78f0c6c2ad7afbeeba
4dee9664b03123274f4b1cc7a451f40e243cedfbce0677fa300616d55991e58e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544ed8a2237cda1e785970350873b4f66c28a2d83cefd3851f9b109447c2b997
55edaa6cbccf70e849be599d001404994be37c9f67ae60de2b653e72f0f57de5
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f386fe37226c8d198bb37c12efaf092d0180f8373e48ca1195339754e47f095
5f94b6f21a8454838f720253db7c575bcc22709566a5bd69f241eea05e1e316a
60733937ca68661ecd3b12d19fcd2cf5e3aee7d3cc6c641a181ef2c7e85eb879
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
6460aca61d3548210f6ca0fc1e4e608ad83744e1b28d78c1fcb83c906559aeb7
647b59a59956c45e64f7f8de426b20e1bc47ac34e436a6810455696503c7b16f
6e2b0107d24f74703fbd7e96d44cfdaccaa4276cb44419639fca9c423130fb7f
70aa624490254933ce93ad1e43ae57ae8711214b4ac417ae50d8a9f948d1c2e2
71326419a7b2f7719eafcb33f5788a91143b0e610d21e4692567f0101d7f4fb7
7492be4c328161c49e5c9ceab0ceb11dbd06476e8f944d767552ecd079c118eb
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
78d8cc59c9ed4972a6bb11cf6cff27ae0ebd4423e84209163abc54de1f36af95
7d185a68ec7c2c52fd808d2eefd86e68264830af4cf3f1fa8946607b16b56907
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
7f7a59853253bbc5058f572cc17306584d5d17bf8c62aaca6bb4c5150ad5f10f
830d86f8ec049ff5d0fddaf86c94a30c79e4d3b1b46fdc4cc8c298ac7262df81
833359d13aea0ad98683d677fed4666098f07c8110786404aa59a6b4d1fc89cf
85bee2e512beeb93c704c13381735ed93c26e12188e1f8225f50c6bce230793c
8913ac71a147abf2b101b5897784c75617de4bda026f1aff4341564a49ac6867
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
91cf683ee0db61e475ee4f5c12ba9281256db5662fd80f2b812067fd9d39b691
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9863e497691733db74131fb61099b6d3aad4198f442b261fd589ab6a96ab13d9
9c9d166e09f2a6ea6e6ea254b42931bc255204d240d0974249bd780724b0832e
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a931fed0c94dffa9e7b8c2211bbef72da62d20b73cd718be5d515bd8962cf078
aa4f0f9be3b9e9ef9b6f3e58524ff8db98779ac79abaff58f9ed2594dd0153fc
acb668be89d79ba1948ccfe97aba7776587a0a15da4367a112c885c0bf053758
ad45e2d674f6b9b7a6a92375f229b8b6a15b82c481da63af9b99f3dfc16e2650
adc3b4e4bea5e7683ee6cb00a9c97bdfa5112b7d53017395c7a945cbef9a07a9
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
ae9b323a51fd7a855a734fe337692c97c406bf49762cc7275f51d69ec13cf67e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2064442f57238d5e04d61bacad93794e723f91204f928f6980801c400b7bea6
b2c585dbc02e10454674c96ff836cb750660b3a743e33c149ba0485290ff1466
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b8f37cfe110d9dfc109eee82cc1e3d4b14f4e6fea7263af85bae9b86ed097195
b949c1104020bde23047aa08b0bd820d649164eab0c934a5e1533d71df44b9c1
baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbae609af99b790c585b5a6158652a2e56880714bc3781a0da865cea61d52530
bcfed2bbd7649e072e11645c35100d59794197bc9f506b995c5d0df8056e674a
bd4f8f20236beb7e8f7f383fe9ab040d0684344c47944ca4b1ca467fa4d124e2
c08f3636e93d83836b62f1cd5f16c66ab4eec24b1fd0667e00e6dbb11dd95ef8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f
c283b4ae8ddaf80d88262ef609b62e763bc54f965018d5f5d4677c6b35535c9f
c4546975a6365d5ff6b339702c72dec934ba7488ceaf905d1d930382a994c4d7
c736b1aa57870326bbc4e52d12de6ed4dee4d58a140f3561d86b4e7c6f74c1e6
c81f14e2bb3209ad75981c1843043f0a465d4c090f2313d0aa5398a7767ca9ba
c9b1491324d9bd544f7efcb44707814ca4dc668408ca8479a91add96ff63ae89
caaaef55b5f5f2f1b7b3b5d965182bb263232219872bd215a92ea0fdaa0829ae
cdb934826cb47d3a906197985e2597dc81a19bc472dcd9a595b691dc0d4b8491
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06bc3be6f257223f59418f75c9958e0b70007f3e99b299780c2b2912dfdf838
d235d239ed7dcc804c2ec2f66533abcbdb7d2959a68a207a43730dde3367da5a
d2b7ce4668e8b38056390d1c15cb120319315f62c77197e807d7bc6fe57a635f
d3f04855176d0da0a8e35a7b2ec6b5607021c786403cde725b3ce65596f12fa7
d57cdc47f635d0573f2ffd7afe1ef996c81373cddc10fa4ab69cbbad71903ed2
d702442ef75845d666d532a09cf0c8b210566a3c7c4db4ed3731b9411248ec94
d8ca07a1064ddcee74223a91e27f83a88d713db4271a7701d035888742b48a8b
d98343ecf3d7a8376c290efd52232bd2104038037439aa9c0c0ad4b79644be38
d9be6900f3e340348a2ac7423d9120a7161334e911bdc0d7e632d4c929d36e00
de2fb7fd3a533c10e58a8054b788190cfd242b5b95be9db2a5d7882f5112abd9
df19f38b8131eebecfae523e63fe95cd9f4b2eb8860105990af1d27b9e72495b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e5d08de3a186ac525eab279e5a38acfad14727d9f3fbc47cf0c2dd85e374422a
e6cd6b6f43f96bd4c3354f06decae0ef3cda623a3224a26afd80ed77e1e3a379
ead36d50fa8628731c60de88ad70edd82a9e74e31e4097c243d866d81cf99ae0
ebb6167f548f8d0fdab63ec71dc867e131fc73e6f2a79c551847cb44b15ecde6
ed218aa225ee16f2c665766383630d048f6091e8190d4e7b7983c985a6642ef6
ee0f41779de25e74b1add03fa28d5a8ca7c36d714ab62e85043b3ca9c103b7e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c1c845c89c874b2591f22632c10ff9bcd507d7ac6b69d6eb7ccc37ceb4478c
f2c65f5216f7a60f74523e4c0be8018e8b4edff033a9a250c78c4e1762a7ad72
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
faa721d01c4b87ec47e7599e746cbd8084a4388759aa382f5ce0c2323d165117
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

www.nytimes.com Open in urlscan Pro 151.101.129.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

217 Requests

82 %HTTPS

26 %IPv6

52 Domains

103 Subdomains

63 IPs

5 Countries

3836 kBTransfer

11030 kBSize

99 Cookies

16 Outgoing links

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.129.164 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

82 %
HTTPS

26 %
IPv6

52
Domains

103
Subdomains

63
IPs

5
Countries

3836 kB
Transfer

11030 kB
Size

99
Cookies

217 HTTP transactions
1 data transactions