URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Submission: On January 12 via api from US

Summary

This website contacted 17 IPs in 3 countries across 10 domains to perform 41 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
6 a.et.nytimes.com www.nytimes.com
6 www.nytimes.com www.nytimes.com
5 news.google.com www.nytimes.com
news.google.com
3 platform.iteratehq.com www.nytimes.com
platform.iteratehq.com
3 g1.nyt.com www.nytimes.com
g1.nyt.com
2 iteratehq.com platform.iteratehq.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dd.nytimes.com www.nytimes.com
dd.nytimes.com
2 samizdat-graphql.nytimes.com www.nytimes.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 pnytimes.chartbeat.net
1 a1.nyt.com www.nytimes.com
1 static.chartbeat.com www.nytimes.com
1 a.nytimes.com www.nytimes.com
1 purr.nytimes.com www.nytimes.com
1 www.googletagmanager.com www.nytimes.com
41 19
Subject Issuer Validity Valid
nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-03 -
2022-04-06
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
a.et.nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-18 -
2022-11-16
2 years crt.sh
*.news.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-29 -
2021-04-02
9 months crt.sh
*.doubleclick.net
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2020-06-01 -
2021-06-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
www.google.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
www.google.de
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Frame ID: 125A33EA9EED9724BA1472C928D86DC7
Requests: 37 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=447352
Frame ID: 3BEAA75522C96918BF988DD41A4A961A
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CMbW4OPslu4CFentuwgdvLEGKg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3915250650381;gtm=2wgbu0;auiddc=1379887632.1610470137;u4=;u5=undefined;u6=undefined;u7=7TUcxmPBi7JOg_usSfUlYw;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon
Frame ID: F16981091944DEE79AB2EAFD6966DCEE
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers vary /Fastly-SSL/i

Page Statistics

41
Requests

100 %
HTTPS

71 %
IPv6

10
Domains

19
Subdomains

17
IPs

3
Countries

915 kB
Transfer

3227 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3915250650381;gtm=2wgbu0;auiddc=1379887632.1610470137;u4=;u5=undefined;u6=undefined;u7=7TUcxmPBi7JOg_usSfUlYw;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CMbW4OPslu4CFentuwgdvLEGKg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3915250650381;gtm=2wgbu0;auiddc=1379887632.1610470137;u4=;u5=undefined;u6=undefined;u7=7TUcxmPBi7JOg_usSfUlYw;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request coronavirus-hair-salon
www.nytimes.com/2020/07/14/health/
68 KB
25 KB
Document
General
Full URL
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea1d85c653de96b8f8484c9365c16db6831d049b8b9253f00a03e7211f1f0ded
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.nytimes.com
:scheme
https
:path
/2020/07/14/health/coronavirus-hair-salon
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
content-type
text/html; charset=utf-8
x-xss-protection
1; mode=block
x-content-type-options
nosniff
content-encoding
gzip
cache-control
s-maxage=10,no-store
x-nyt-route
vi-story
x-datadome-timer
S1610470136.398879,VS0,VE3
x-origin-time
2021-01-12 16:48:56 UTC
fastly-restarts
1
accept-ranges
bytes
date
Tue, 12 Jan 2021 16:48:56 GMT
age
0
x-served-by
cache-lga21977-LGA, cache-fra19147-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1610470136.398879,VS0,VE158
vary
Accept-Encoding, Fastly-SSL
set-cookie
nyt-a=7TUcxmPBi7JOg_usSfUlYw; Expires=Wed, 12 Jan 2022 16:48:56 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure datadome=bPgY5-QbksWlkM2jJZHmd7V4L3K97qdLLKzGBh-yqlgliMPS.ccah7SkOL07~i9Xye6MMeHG1yLUf-qDog9OC27xLGJ-MGFkbsqAmpgbz; Max-Age=31536000; Domain=.nytimes.com; Path=/; Secure; SameSite=Lax nyt-gdpr=1; Expires=Tue, 12 Jan 2021 22:48:56 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhud; Expires=Wed, 12 Jan 2022 16:48:56 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure nyt-us=0; Expires=Tue, 12 Jan 2021 22:48:56 GMT; Path=/; Domain=.nytimes.com nyt-geo=NL; Expires=Tue, 12 Jan 2021 22:48:56 GMT; Path=/; Domain=.nytimes.com
x-datadome
protected
x-gdpr
1
x-frame-options
DENY
onion-location
https://www.nytimes3xbfgragh.onion/2020/07/14/health/coronavirus-hair-salon
x-api-version
F-F-VI
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security
max-age=63072000; preload
content-length
23773
web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
g1.nyt.com/fonts/css/
60 KB
10 KB
Stylesheet
General
Full URL
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg==
date
Tue, 12 Jan 2021 16:48:56 GMT
content-encoding
gzip
age
60425
x-guploader-uploadid
ABg5-UynTuidxt1UEZLpX_GpKaN4FPKKqxwQSsBebSD9TJtMyF84mUtfLboJ5cFvfzFDtlhrkMDwPHfTRQeKYiC9rwoAZPtc3w
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9922
via
1.1 varnish
x-served-by
cache-hhn4057-HHN
accept-ranges
bytes
expires
Wed, 12 Jan 2022 00:01:51 GMT
last-modified
Mon, 16 Nov 2020 16:08:38 GMT
server
UploadServer
x-timer
S1610470137.658378,VS0,VE0
etag
"b3e9eedd81b658bb38d40b91c6568d7a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1605542918957149
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
9922
x-nyt-pagetype
nyt5-asset
content-type
text/css; charset=utf-8
x-cache-hits
2820
global-69acc7c8fb6a313ed7e8641e4a88bf30.css
www.nytimes.com/vi-assets/static-assets/
5 KB
3 KB
Stylesheet
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=xVtu/Q==, md5=8t/i0xcrDEvURwPHlq+SQg==
date
Tue, 12 Jan 2021 16:48:56 GMT
content-encoding
gzip
x-api-version
F-X
age
10289657
x-guploader-uploadid
ABg5-UyR6hTN3_553RntZABThw8A0aJclOKWlGUOGm0-99V4nJrwVaerkX0GAgetsXTZbMgMWVbCExdV1BQuf0YmYw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2020-09-15 14:34:39 UTC
content-length
1832
x-served-by
cache-fra19147-FRA
last-modified
Tue, 15 Sep 2020 12:11:32 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1610470137.595596,VS0,VE1
etag
"f2dfe2d3172b0c4bd44703c796af9242"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
x-goog-generation
1600171892731484
expires
Wed, 15 Sep 2021 14:34:39 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
4669
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
67775
adslot-b0fa802ba475b8b9cb97.js
www.nytimes.com/vi-assets/static-assets/
12 KB
5 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-b0fa802ba475b8b9cb97.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5f331523f340791082278ec917567cfe2dcf3e6a2ba3ecb511ebd8b8b6eafbee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=M6h0QA==, md5=EgnFc0eb9wx1xHtePsLUeg==
date
Tue, 12 Jan 2021 16:48:56 GMT
content-encoding
gzip
x-api-version
F-X
age
517506
x-guploader-uploadid
ABg5-UwIeH64aXmWmQvNYTkaLzwXkCZnBL523rZvILj3Eh55HfAiSiuGDVbv5U3OPJIUEl7FRUd8u9YpNBAEQDt0D-Y
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-01-06 17:03:58 UTC
content-length
4608
x-served-by
cache-fra19147-FRA
last-modified
Wed, 06 Jan 2021 17:00:01 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1610470137.631264,VS0,VE1
etag
"1209c573479bf70c75c47b5e3ec2d47a"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/adslot-b0fa802ba475b8b9cb97.js
x-goog-generation
1609952401634684
expires
Thu, 06 Jan 2022 17:03:50 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
12328
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
18004
vendor-49d3242791a45b83fb41.js
www.nytimes.com/vi-assets/static-assets/
266 KB
81 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-49d3242791a45b83fb41.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b7fc2162b95bcb9fce3c32ddd8f9798b9b84255cc7a239976214b9f552ef216e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=oboXNg==, md5=VwPI3UnDlKlYT2lA0uyKHA==
date
Tue, 12 Jan 2021 16:48:56 GMT
content-encoding
gzip
x-api-version
F-X
age
419692
x-guploader-uploadid
ABg5-Uw870ZYEDgo6l86qxziG536kDSd7lPhdaKc-jIx8bmW-JuilD3z76LRFm41-2KjgCZmlWqh6AxLyqpAKHa-JHuBxyUoyQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-01-07 20:14:04 UTC
content-length
82008
x-served-by
cache-fra19147-FRA
last-modified
Thu, 07 Jan 2021 19:59:40 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1610470137.660825,VS0,VE1
etag
"5703c8dd49c394a9584f6940d2ec8a1c"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendor-49d3242791a45b83fb41.js
x-goog-generation
1610049580054409
expires
Fri, 07 Jan 2022 20:14:04 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
272052
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
17122
main-e4286d91fce0943ab8fe.js
www.nytimes.com/vi-assets/static-assets/
1 MB
315 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-e4286d91fce0943ab8fe.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
232974f7f2144783c4b16ed9757e2bd13d129ea5e768acfba8eec9945835f6ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=wEqdig==, md5=CxW9wN9Hfmu6a+GvkiPMsQ==
date
Tue, 12 Jan 2021 16:48:56 GMT
content-encoding
gzip
x-api-version
F-X
age
342074
x-guploader-uploadid
ABg5-UzgTDTr_JWWenMBGM0f8hbhH8fAl_mN0rirZP1zTTedRbBfHCoVWVvEHllzZn01NS5wdSp3nYb_sK0TKtHRrXGBuuJRyg
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-01-08 17:47:43 UTC
content-length
322018
x-served-by
cache-fra19147-FRA
last-modified
Fri, 08 Jan 2021 17:40:02 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1610470137.689937,VS0,VE1
etag
"0b15bdc0df477e6bba6be1af9223ccb1"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/main-e4286d91fce0943ab8fe.js
x-goog-generation
1610127602188106
expires
Sat, 08 Jan 2022 17:47:42 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
1073365
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1668
gtm.js
www.googletagmanager.com/
327 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
651fb526779425294c4c609860a2f54d13fda868dd7fc032fc9452e920ee7cc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:48:56 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78658
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Other
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-f639af6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
max-age=30
access-control-allow-methods
GET, POST
access-control-max-age
300
access-control-allow-headers
content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin
https://www.nytimes.com
server
samizdat-graphql-f639af6
access-control-allow-credentials
true
via
1.1 google, 1.1 varnish
accept-ranges
bytes
date
Tue, 12 Jan 2021 16:48:56 GMT
age
45
x-nyt-meridiem
PM
x-nyt-continent
EU
x-nyt-country
NL
x-nyt-region
NB
x-nyt-audience-target-flat
EU:PM
x-samizdat-query-exe-id
a156d143710e3273
samizdat-x-instance
a7d918de
x-served-by
cache-ams21041-AMS
x-cache
HIT
x-cache-hits
4
x-timer
S1610470137.840080,VS0,VE1
vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
0
track
a.et.nytimes.com/
0
0
Other
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
v2
samizdat-graphql.nytimes.com/graphql/
148 B
713 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
samizdat-graphql-f639af6 /
Resource Hash
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
nyt-app-version
0.0.5
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
nyt-app-type
project-vi
Content-Type
application/json

Response headers

x-samizdat-query-sup-code
date
Tue, 12 Jan 2021 16:48:56 GMT
content-encoding
gzip
x-nyt-meridiem
PM
age
11
x-cache
HIT
samizdat-x-instance
facdebf2
x-samizdat-query-field-errors
0
x-cache-hits
1
x-samizdat-query-exe-id
9ac26e513f9b4e65
content-length
123
x-served-by
cache-ams21067-AMS
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
NB
server
samizdat-graphql-f639af6
x-timer
S1610470137.909535,VS0,VE1
x-nyt-continent
EU
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type
application/json
via
1.1 google, 1.1 varnish
x-nyt-audience-target-flat
EU:PM
cache-control
max-age=30
access-control-allow-credentials
true
x-nyt-country
NL
accept-ranges
bytes
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
swg.js
news.google.com/swg/js/v1/
137 KB
40 KB
Script
General
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e71401436f4debefc9aba1869a2c40aaf122135d6f0e2c13a235e48ba9045a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:13:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Jan 2021 21:34:27 GMT
server
sffe
age
2122
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41063
x-xss-protection
0
expires
Tue, 12 Jan 2021 17:03:34 GMT
franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/
19 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin
https://www.nytimes.com
Referer
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date
Tue, 12 Jan 2021 16:48:56 GMT
via
1.1 varnish
age
4567013
x-guploader-uploadid
ABg5-Uz9nK6_2w5K-0GerMzlnNTbgOC1LOM1ZTMIt8N3zRK0mAlX9ToqD61L94PzercVqaEUUbUnKL9TZPwavvCOYrA
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
19836
x-served-by
cache-hhn4059-HHN
accept-ranges
bytes
expires
Sat, 20 Nov 2021 20:12:03 GMT
last-modified
Mon, 16 Nov 2020 16:08:41 GMT
server
UploadServer
x-timer
S1610470137.862101,VS0,VE0
etag
"d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1605542921495212
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
19836
x-nyt-pagetype
nyt5-asset
content-type
font/woff2
x-cache-hits
140299
franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin
https://www.nytimes.com
Referer
https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date
Tue, 12 Jan 2021 16:48:56 GMT
via
1.1 varnish
age
4564564
x-guploader-uploadid
ABg5-UxXa0UngYu9co6FD9fstlQjc0pmL3nguLYSi46OeoeUSA2h2bJ5z3oqekZVsj8E47o1uxk_vCiFXhQCsBOJsjr99P8GGw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
20312
x-served-by
cache-hhn4059-HHN
accept-ranges
bytes
expires
Sat, 20 Nov 2021 20:52:52 GMT
last-modified
Mon, 16 Nov 2020 16:08:41 GMT
server
UploadServer
x-timer
S1610470137.862226,VS0,VE0
etag
"b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1605542921579365
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
20312
x-nyt-pagetype
nyt5-asset
content-type
font/woff2
x-cache-hits
140018
swg-button.css
news.google.com/swg/js/v1/
19 KB
6 KB
Stylesheet
General
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:13:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 18 Sep 2019 18:02:27 GMT
server
sffe
age
2112
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5809
x-xss-protection
0
expires
Tue, 12 Jan 2021 17:03:44 GMT
serviceiframe
news.google.com/swg/_/ui/v1/ Frame 3BEA
0
0
Document
General
Full URL
https://news.google.com/swg/_/ui/v1/serviceiframe?_=447352
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KBQ06UDxfYhO1VwEfFQwxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-KBQ06UDxfYhO1VwEfFQwxQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
news.google.com
:scheme
https
:path
/swg/_/ui/v1/serviceiframe?_=447352
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon

Response headers

content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible
IE=edge
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 12 Jan 2021 16:48:56 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security
max-age=31536000
content-security-policy
script-src 'report-sample' 'nonce-KBQ06UDxfYhO1VwEfFQwxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-KBQ06UDxfYhO1VwEfFQwxQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
set-cookie
NID=206=CTH3IXPXRLa_RYfVGHaRCJtj5cqao1J4DxwRm3tGTXqvUnVwAu7zm-jmNPUntWwKwM9OJqTajlmr8KghW2gkYPgqjzzvr5X38yRr2uMVXxAxBKvTt-U_835fIzY4YDlAV37oCPbBKiAj58dEO6LZtsY3nMpP1FFR8gx1R8wPM54; expires=Wed, 14-Jul-2021 16:48:56 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
loader.svg
news.google.com/swg/js/v1/
0
1 KB
Other
General
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:20:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
age
1693
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
expires
Tue, 12 Jan 2021 17:10:43 GMT
purr-cache
purr.nytimes.com/v1/
0
0
Fetch
General
Full URL
https://purr.nytimes.com/v1/purr-cache
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e4286d91fce0943ab8fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:48:57 GMT
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
fa64eb764d7532127ffd1e086c4cf2c9
cache-control
private
access-control-allow-credentials
true
content-length
0
expires
Tue, 12 Jan 2021 16:48:57 GMT
data-layer
a.nytimes.com/svc/nyt/
1 KB
1 KB
XHR
General
Full URL
https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon&jkcb=1610470137119
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e4286d91fce0943ab8fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fedacf1327ad23fd5cd5f00e546080c8536f3d7c67ba15f4df3d0c7e4e172cc6

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:48:57 GMT
content-encoding
gzip
x-appengine-log-flush-count
1
server
Google Frontend
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
bf04db854ab9f97d67292a2a945da4f3
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
544
expires
Tue, 12 Jan 2021 16:48:57 GMT
entitlements
news.google.com/swg/_/api/v1/publication/nytimes.com/
18 B
260 B
Fetch
General
Full URL
https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
493a22bd0e5be52d106634cdd77c8766dbdf286ddf9ce49e25d3d78b7e199745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:48:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/
0
0
Other
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
tags.js
dd.nytimes.com/
134 KB
22 KB
Script
General
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8a00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
8710069ae70dfeee8bb623f6357f76f3af7b38296d6c0afc524eef6b490db51d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
content-encoding
gzip
etag
"2180b-5b84f3900247d-gzip"
age
411
x-cache
Hit from cloudfront
content-length
21802
access-control-allow-origin
*
last-modified
Thu, 07 Jan 2021 13:14:41 GMT
server
Apache
date
Tue, 12 Jan 2021 16:42:06 GMT
vary
Accept-Encoding
content-type
text/javascript
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
cache-control
max-age=3600, public
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
3WhIJna3iDjMoHvlZkeIrscvHTgpyvLsCu7na_GW2dfs6zteh_NTCg==
expires
Tue, 12 Jan 2021 17:42:06 GMT
track
a.et.nytimes.com/
0
0
Other
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
siteIndexContent-3f7b4d7248072b9af051.js
www.nytimes.com/vi-assets/static-assets/
14 KB
5 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/siteIndexContent-3f7b4d7248072b9af051.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
95aaa78b29a08b88ae756b8e175e3a3762d7cd1e486fe2518d9be116b676df66
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=3+alvA==, md5=L4w+RmLqpOvQMdZWQfNh8w==
date
Tue, 12 Jan 2021 16:48:57 GMT
content-encoding
gzip
x-api-version
F-X
age
517485
x-guploader-uploadid
ABg5-UyNxMaCGTItSHfzy0gOX2Yrq0HgOAnCBulXulp7DWbJ52eAqILi7lPXvg9mU1Sv1JvvIlZqaOKExYiiqjyYCeQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
strict-transport-security
max-age=63072000; preload
x-origin-time
2021-01-06 17:04:12 UTC
content-length
4646
x-served-by
cache-fra19147-FRA
last-modified
Wed, 06 Jan 2021 17:00:02 GMT
server
UploadServer
cache-control
public,max-age=31536000
x-timer
S1610470137.335387,VS0,VE1
etag
"2f8c3e4662eaa4ebd031d65641f361f3"
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/siteIndexContent-3f7b4d7248072b9af051.js
x-goog-generation
1609952402234890
expires
Thu, 06 Jan 2022 17:04:12 GMT
x-gdpr
1
x-nyt-route
vi-assets
x-goog-stored-content-length
14182
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
9622
/
dd.nytimes.com/js/
210 B
543 B
XHR
General
Full URL
https://dd.nytimes.com/js/
Requested by
Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8a00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
DataDome /
Resource Hash
5f2f38630aebe35a62f107d2a72f991ba4c734c68c921e9952b3807b8cffeb2d

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 16:48:57 GMT
via
1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
server
DataDome
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
210
x-amz-cf-id
XyTbHMbDzm4moKkwiFoYISJsaZtm1SNd3Kx8iEaGhdqUVRwsUHrvLQ==
expires
0
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5365
date
Tue, 12 Jan 2021 15:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 12 Jan 2021 17:19:32 GMT
activityi;dc_pre=CMbW4OPslu4CFentuwgdvLEGKg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3915250650381;gtm=2wgbu0;auiddc=1379887632.1610470137;u4=;u5=undefined;u6=undefined;u7=7TUcxmPBi7JOg_usSfUlY...
5290727.fls.doubleclick.net/ Frame F169
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3915250650381;gtm=2wgbu0;auiddc=1379887632.1610470137;u4=;u5=undefined;u6=undefined;u7=7TUcxmPBi7JOg_usSfU...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CMbW4OPslu4CFentuwgdvLEGKg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3915250650381;gtm=2wgbu0;auiddc=1379887632.1610470137;u4=;u5=undefined;u...
0
0
Document
General
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CMbW4OPslu4CFentuwgdvLEGKg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3915250650381;gtm=2wgbu0;auiddc=1379887632.1610470137;u4=;u5=undefined;u6=undefined;u7=7TUcxmPBi7JOg_usSfUlYw;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.206.6 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s20-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5290727.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CMbW4OPslu4CFentuwgdvLEGKg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3915250650381;gtm=2wgbu0;auiddc=1379887632.1610470137;u4=;u5=undefined;u6=undefined;u7=7TUcxmPBi7JOg_usSfUlYw;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jan 2021 16:48:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
488
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 12-Jan-2021 17:03:57 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 12 Jan 2021 16:48:57 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CMbW4OPslu4CFentuwgdvLEGKg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3915250650381;gtm=2wgbu0;auiddc=1379887632.1610470137;u4=;u5=undefined;u6=undefined;u7=7TUcxmPBi7JOg_usSfUlYw;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
chartbeat.js
static.chartbeat.com/js/
36 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2200:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 15:34:08 GMT
content-encoding
gzip
last-modified
Wed, 14 Oct 2020 03:23:55 GMT
server
nginx
age
4488
etag
W/"5f866f4b-8e0b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rkrRtUxcIzmVQjx3CSWcJvBUSJ5bYRiTeqUTvUqmZb-Ubtdy9M5Ljw==
expires
Tue, 12 Jan 2021 17:34:08 GMT
show-ads.js
a1.nyt.com/analytics/
45 B
656 B
Script
General
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date
Tue, 12 Jan 2021 16:48:57 GMT
content-encoding
gzip
age
54371
x-guploader-uploadid
ABg5-Uxiku4DCuL9o9R_qRzSrbafSgL3fiOVogt0rWg1WAX-9W7_66naAp2IEtMuj_LY89aogNtJwzLtq3jprv6LYxU
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
65
via
1.1 varnish
x-served-by
cache-ams21067-AMS
accept-ranges
bytes
expires
Wed, 04 Nov 2020 01:40:29 GMT
last-modified
Thu, 27 Aug 2020 19:39:32 GMT
server
UploadServer
x-timer
S1610470137.482543,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1598557172998247
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
45
x-nyt-pagetype
nyt-dti-analytic
content-type
application/javascript
x-cache-hits
1709
track
a.et.nytimes.com/
0
0
Other
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
loader.js
platform.iteratehq.com/
2 KB
1 KB
Script
General
Full URL
https://platform.iteratehq.com/loader.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2affb8ca1914c1668ca6c665deb7a467f61af3d0a798cb37c1a32fa14fab16b7

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:48:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
427
x-amz-request-id
5505A4E1B8465487
x-amz-id-2
tU2zN96VyCGyZRJl9qRZdes33BEBohQAksUTVSo3R2fli5D++1v9abl3vOR30067fQxAJuCrYT0=
last-modified
Thu, 17 Dec 2020 21:18:03 GMT
server
cloudflare
etag
W/"1a8af9b6d25886bd8169b16ca3c83bb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H53YyHnrr8wDmsJf9bRetkkRqQwGKe3FyR7K%2BEgFXkG3rlMXKSgpoMDakGKVLN%2Fs06GdiSnB2MP3PTpwOtowZs0h4bYtvMn7xWwkPi%2BkqSo7ze7OwdrsAsVVlS3RysiDBpw2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-request-id
07991936920000c2ef9c0ea000000001
cf-ray
61085e3748b3c2ef-FRA
collect
www.google-analytics.com/j/
2 B
66 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=706169017&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon&dr=&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1244758366&gjid=1118263364&cid=836883501.1610470137&tid=UA-58630905-2&_gid=1198556113.1610470137&_r=1&gtm=2wgbu0P528B3&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon&cd2=https%3A%2F%2Fwww.nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon&cd3=&cd9=9&cd10=null&cd13=null&cd14=science_desk&cd15=earned&cd16=referring_links&cd21=NotFound&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd37=0&cd42=nyt-vi&cd48=null&cd49=blurb_under_100&cd51=nyt-vi&cd52=&cd54=science_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd63=7TUcxmPBi7JOg_usSfUlYw&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=7TUcxmPBi7JOg_usSfUlYw&z=1274598195
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 16:48:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pnytimes.chartbeat.net/
43 B
169 B
Image
General
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2020%2F07%2F14%2Fhealth%2Fcoronavirus-hair-salon&u=553roBIjRUzCDL9_o&d=nytimes.com&g=16698&g0=science_desk&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1083&t=BgOorxBWv1k6BQRv5_Bh68nuDPG15-&V=121&i=Not%20Found%20-%20The%20New%20York%20Times&tz=-60&_acct=anon&sn=1&sv=BCmXgXC4lyOgC0qo6sDrPZHFMT6L_&sd=1&im=06070403&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.176.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-176-138.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 16:48:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
collect
stats.g.doubleclick.net/j/
4 B
88 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-58630905-2&cid=836883501.1610470137&jid=1244758366&gjid=1118263364&_gid=1198556113.1610470137&_u=YEBAAEAAAAAAAC~&z=1897008114
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 12 Jan 2021 16:48:57 GMT
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk-prod-89dd536618e1017e1771.js
platform.iteratehq.com/
868 KB
235 KB
Script
General
Full URL
https://platform.iteratehq.com/sdk-prod-89dd536618e1017e1771.js
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
658c58a786ac3dc928ec26e91d10f11773ea290ccfc4a62189a7e1e6ad43f73c

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:48:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2229881
x-amz-request-id
2A296F264F750FF8
x-amz-id-2
qVKUcHnKpmemLNWNOKsRt0ynrFdoLAa6cD7qPHet3ntBz7JKtGV++SVqJ5PEI0YcdI3ludLLSNA=
last-modified
Thu, 17 Dec 2020 21:17:58 GMT
server
cloudflare
etag
W/"34edb9b13abf1b26b172f7666dd9bc6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3bMxhFtv2K3Lb2mZQ9jEYzHa0hK9X5ARbpRe3eATkUrvCLJO%2FGnO28czyvGTlj1tqWRbBBRJiRfu4wjO9r82zenwujnARrdYkyMddjeNP1paKsreSxw1CvAVyQ4fkmxAIoEz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-request-id
07991936b50000c2ef62885000000001
cf-ray
61085e378922c2ef-FRA
style-a2ee416f5a50b5fbecb2.css
platform.iteratehq.com/
145 KB
11 KB
Stylesheet
General
Full URL
https://platform.iteratehq.com/style-a2ee416f5a50b5fbecb2.css
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
716944a6a61521f63d67a670e7f8a92a852c2257d72476b7f4eec37c2591d477

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 16:48:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3862635
x-amz-request-id
CA98D0791EEB3716
x-amz-id-2
g/qeOjXuHTjbaZIAeGLu0sbv6HsomKN7CFXoY4sPP0ad4CTrcq3PIhUbFz2oiC5WAZGIWinhj50=
last-modified
Wed, 25 Nov 2020 18:50:04 GMT
server
cloudflare
etag
W/"e0666b4c1c33e24398a8e3088a82b257"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Kl1lvEQ%2B8q2RyvaGExC6qjm7kJhME5%2F2CRx7QObDD0NrZGs8stom7EhcLLfTElOlDJAH4wurVqLk0NpvDwF4qeQaM4239K8fHxxaiHqzHbaL%2Bw0fUwHKenJEAkDbftOZCg1R"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-request-id
07991936b50000c2ef589db000000001
cf-ray
61085e37891fc2ef-FRA
ga-audiences
www.google.com/ads/
42 B
109 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-58630905-2&cid=836883501.1610470137&jid=1244758366&_u=YEBAAEAAAAAAAC~&z=562290724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 16:48:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-58630905-2&cid=836883501.1610470137&jid=1244758366&_u=YEBAAEAAAAAAAC~&z=562290724
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 16:48:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed
iteratehq.com/api/v1/surveys/
298 B
779 B
Fetch
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-89dd536618e1017e1771.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5ede3970287dde80c93418deba4e7d6d4d74f0b6dcc96c6f42293a6001b66e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type
application/json

Response headers

date
Tue, 12 Jan 2021 16:48:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kzQptth1YbdsY6Wa%2F7bBpGLZA35VoOxO371u1p8CHzafXL54xnL51ad0uKgGKGuQVyXLHwLJlmKtZZzeOYMPSjohL7GK7YJ5BdwlCMeh1N5MSRaC9Y9B4kQ3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache="set-cookie"
access-control-allow-credentials
true
cf-ray
61085e3a8d83d70d-FRA
cf-request-id
07991938990000d70d4ab99000000001
embed
iteratehq.com/api/v1/surveys/ Frame
0
0
Other
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Server
2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization,content-type
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 12 Jan 2021 16:48:58 GMT
content-length
0
access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
cache-control
no-cache="set-cookie"
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status
DYNAMIC
cf-request-id
07991937c90000d70d53082000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UCgwWg7Yys2ReuGepXUKfH5Z%2FAHg%2FyW7u%2FEExy41YmIpaBMk54f0%2B1hCvxoar0kobQo%2Be74WAzhDiOkby0we8Ryf1CdWzMirHEdsx9ikr9lf0xpE4XLlfQ64"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
61085e394ab2d70d-FRA
track
a.et.nytimes.com/
0
0
Other
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
track
a.et.nytimes.com/
0
0
Other
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2020/07/14/health/coronavirus-hair-salon
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, x-requested-by, *
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| marks object| observer number| viHeadScriptSize object| NYTD object| vi function| nyt_et object| UnifiedTracking function| Abra object| swgUserInfoXhrObject object| dataLayer object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge boolean| SwGEntitlement function| onInitNativeAds object| webpackJsonp object| AdSlot4 object| AdSlot object| __preloadedData object| SUBSCRIPTIONS object| SWG object| UrlCache object| regeneratorRuntime function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __SECRET_LIGHTS__ boolean| NYT_VI_RENDERED boolean| initialDeviceTypeResizeCallback object| google_tag_manager object| nytAnalytics string| ddjskey object| ddoptions object| _0x17c5 function| _0x3782 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed object| ddAnalyzerData boolean| notprod object| google_tag_data string| GoogleAnalyticsObject function| ga object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript object| iterateSettings string| IterateObjectName function| Iterate string| subscriberInfo string| uType string| eduSubscriber string| userType object| params object| gaplugins object| gaGlobal object| gaData object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY boolean| adBlockDetected function| setImmediate function| clearImmediate undefined| Raven object| iterateprovider

19 Cookies

Domain/Path Name / Value
www.nytimes.com/ Name: _cb
Value: 553roBIjRUzCDL9_o
www.nytimes.com/ Name: _cb_ls
Value: 1
.google.com/ Name: NID
Value: 206=CTH3IXPXRLa_RYfVGHaRCJtj5cqao1J4DxwRm3tGTXqvUnVwAu7zm-jmNPUntWwKwM9OJqTajlmr8KghW2gkYPgqjzzvr5X38yRr2uMVXxAxBKvTt-U_835fIzY4YDlAV37oCPbBKiAj58dEO6LZtsY3nMpP1FFR8gx1R8wPM54
.nytimes.com/ Name: _gat_UA-58630905-2
Value: 1
.nytimes.com/ Name: walley_gid
Value: GA1.2.1198556113.1610470137
.nytimes.com/ Name: _gcl_au
Value: 1.1.1379887632.1610470137
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
www.nytimes.com/ Name: _cb_svref
Value: null
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
www.nytimes.com/ Name: _chartbeat2
Value: .1610470137511.1610470137511.1.BCmXgXC4lyOgC0qo6sDrPZHFMT6L_.1
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1610470137197&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/ Name: datadome
Value: bPgY5-QbksWlkM2jJZHmd7V4L3K97qdLLKzGBh-yqlgliMPS.ccah7SkOL07~i9Xye6MMeHG1yLUf-qDog9OC27xLGJ-MGFkbsqAmpgbz
.nytimes.com/ Name: nyt-geo
Value: NL
.nytimes.com/ Name: nyt-a
Value: 7TUcxmPBi7JOg_usSfUlYw
.nytimes.com/ Name: nyt-us
Value: 0
.nytimes.com/ Name: nyt-gdpr
Value: 1
.nytimes.com/ Name: nyt-purr
Value: cfhspnahhud
.nytimes.com/ Name: walley
Value: GA1.2.836883501.1610470137
.nytimes.com/ Name: purr-cache
Value: <K0<r<C_<G_<S0

6 Console Messages

Source Level URL
Text
console-api log URL: https://news.google.com/swg/js/v1/swg.js(Line 34)
Message:
Subscriptions Runtime: 0.1.22.140
console-api log URL: https://www.nytimes.com/vi-assets/static-assets/main-e4286d91fce0943ab8fe.js(Line 33)
Message:
<!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api warning (Line 2)
Message:
et2 snippet should only load once per page
console-api warning URL: https://news.google.com/swg/js/v1/swg.js(Line 34)
Message:
SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api warning URL: https://news.google.com/swg/js/v1/swg.js(Line 34)
Message:
SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api log URL: https://www.nytimes.com/vi-assets/static-assets/main-e4286d91fce0943ab8fe.js(Line 51)
Message:
Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
dd.nytimes.com
g1.nyt.com
iteratehq.com
news.google.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
static.chartbeat.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nytimes.com
151.101.113.164
151.101.13.164
151.101.193.164
216.58.206.6
2600:9000:206f:8a00:a:a8c5:a040:93a1
2600:9000:2156:2200:18:1fcd:34e:d2a1
2606:4700:3032::6812:216c
2606:4700:3032::ac43:c7c7
2a00:1450:4001:802::2013
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:817::2004
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2013
2a00:1450:400c:c0c::9b
52.1.176.138
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
232974f7f2144783c4b16ed9757e2bd13d129ea5e768acfba8eec9945835f6ea
2affb8ca1914c1668ca6c665deb7a467f61af3d0a798cb37c1a32fa14fab16b7
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
493a22bd0e5be52d106634cdd77c8766dbdf286ddf9ce49e25d3d78b7e199745
4e71401436f4debefc9aba1869a2c40aaf122135d6f0e2c13a235e48ba9045a4
5f2f38630aebe35a62f107d2a72f991ba4c734c68c921e9952b3807b8cffeb2d
5f331523f340791082278ec917567cfe2dcf3e6a2ba3ecb511ebd8b8b6eafbee
5f5ede3970287dde80c93418deba4e7d6d4d74f0b6dcc96c6f42293a6001b66e
651fb526779425294c4c609860a2f54d13fda868dd7fc032fc9452e920ee7cc0
658c58a786ac3dc928ec26e91d10f11773ea290ccfc4a62189a7e1e6ad43f73c
716944a6a61521f63d67a670e7f8a92a852c2257d72476b7f4eec37c2591d477
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8710069ae70dfeee8bb623f6357f76f3af7b38296d6c0afc524eef6b490db51d
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
95aaa78b29a08b88ae756b8e175e3a3762d7cd1e486fe2518d9be116b676df66
b7fc2162b95bcb9fce3c32ddd8f9798b9b84255cc7a239976214b9f552ef216e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5132eb4775fe5c85d515453cb238727620936adc84e5f727d495f8fefa2eba3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ea1d85c653de96b8f8484c9365c16db6831d049b8b9253f00a03e7211f1f0ded
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fedacf1327ad23fd5cd5f00e546080c8536f3d7c67ba15f4df3d0c7e4e172cc6