www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Submission: On May 20 via api (May 20th 2021, 10:30:26 pm UTC) from US

Summary HTTP 71 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 71 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2a00:1450:400... 2a00:1450:4001:830::2013	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:8e00:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:ba00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	34.255.138.57 34.255.138.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	54.205.171.136 54.205.171.136	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::6815:24db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.32.238.209 23.32.238.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.17.123.64 2.17.123.64	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
71	21

17 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
364bf5fa.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:8e00:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:ba00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.138.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-138-57.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.171.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-171-136.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:24db (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.238.209 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-209.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.123.64 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-123-64.deploy.static.akamaitechnologies.com

kjtbe4qxedxncyfg4lna-pxtq2n-e9b8aa70d-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaqj6abeejrukqce3ygyaaaabqknyw2-pxtq2n-26e2844b2-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	nytimes.com www.nytimes.com samizdat-graphql.nytimes.com a.et.nytimes.com dd.nytimes.com purr.nytimes.com a.nytimes.com	777 KB
15	google.com news.google.com play.google.com adservice.google.com	68 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	136 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	251 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net kjtbe4qxedxncyfg4lna-pxtq2n-e9b8aa70d-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6abeejrukqce3ygyaaaabqknyw2-pxtq2n-26e2844b2-clienttons-s.akamaihd.net	1 KB
4	nyt.com g1.nyt.com a1.nyt.com	51 KB
2	chartbeat.net pnytimes.chartbeat.net	337 B
2	doubleclick.net 1 redirects 5290727.fls.doubleclick.net	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
1	akstat.io 364bf5fa.akstat.io	202 B
1	google.de adservice.google.de	391 B
1	adsrvr.org insight.adsrvr.org	261 B
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	81 KB
71	15

	Domain	Requested by
11	www.nytimes.com	www.nytimes.com
9	a.et.nytimes.com	www.nytimes.com
7	play.google.com	www.gstatic.com
7	news.google.com	www.nytimes.com news.google.com www.gstatic.com
6	www.gstatic.com	news.google.com www.gstatic.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	g1.nyt.com	www.nytimes.com g1.nyt.com
2	iteratehq.com	platform.iteratehq.com
2	pnytimes.chartbeat.net	www.nytimes.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
2	samizdat-graphql.nytimes.com	www.nytimes.com
1	fiaqj6abeejrukqce3ygyaaaabqknyw2-pxtq2n-26e2844b2-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kjtbe4qxedxncyfg4lna-pxtq2n-e9b8aa70d-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	364bf5fa.akstat.io	s.go-mpulse.net
1	adservice.google.de	adservice.google.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	c.go-mpulse.net	s.go-mpulse.net
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	s.go-mpulse.net	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
71	29

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
cn.nytimes.com
cooking.nytimes.com
timesmachine.nytimes.com
store.nytimes.com
nytlicensing.com
help.nytimes.com
eedition.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
a.et.nytimes.com GTS CA 1D2	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
purr.nytimes.com GTS CA 1D2	`2021-03-31` - `2021-06-29`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2021-03-25` - `2021-06-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Frame ID: EF9FD8B9BB2FE82E810417BF93965000
Requests: 49 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450430
Frame ID: ADC22167C5741772AEDEE8D1172B4A5E
Requests: 14 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
Frame ID: EED58328DEF4B11FD771CEA4FCE403F0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
Frame ID: 386BA1D4F0450DB80BD9F8EA2CD65021
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
Frame ID: 6592DD5BED94C4689D80A35150A0571D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Fastly (CDN) Expand

Overall confidence: 100%
Detected patterns

headers vary /Fastly-SSL/i

Page Statistics

71
Requests

100 %
HTTPS

73 %
IPv6

15
Domains

29
Subdomains

21
IPs

3
Countries

1451 kB
Transfer

5126 kB
Size

22
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log in

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文网

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Recipes

Search URL Search Domain Scan URL

URL: https://timesmachine.nytimes.com/browser
Title: TimesMachine

Search URL Search Domain Scan URL

URL: https://store.nytimes.com/
Title: NYT Store

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/seg
Title: Manage My Account

Search URL Search Domain Scan URL

URL: https://nytlicensing.com/
Title: NYTLicensing

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/sections/115003859548-Apps
Title: Mobile Applications

Search URL Search Domain Scan URL

URL: http://eedition.nytimes.com/cgi-bin/signup.cgi?cc=37FYY
Title: Replica Edition

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2021 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html

Request Chain 62

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pxtq2n9i5 HTTP 302
https://kjtbe4qxedxncyfg4lna-pxtq2n-e9b8aa70d-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 63

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pxtq2n9i5 HTTP 302
https://fiaqj6abeejrukqce3ygyaaaabqknyw2-pxtq2n-26e2844b2-clienttons-s.akamaihd.net/eum/results.txt

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request how-to-workfrom-home-if-youve-never-done-it-before.html Show response
www.nytimes.com/2020/03/12/smarter-living/ 91 KB
30 KB 481ms
429ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c7f840f290419b7b7fbf7df3d6b8d41299a1586ba195913b6ff8c9ecc6a62761

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Thu, 20 May 2021 22:29:44 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=10,no-store
x-nyt-route: vi-story
x-datadome-timer: S1621549784.241634,VS0,VE4
x-origin-time: 2021-05-20 22:29:44 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 20 May 2021 22:29:44 GMT
age: 0
x-served-by: cache-lga21942-LGA, cache-hhn4041-HHN
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1621549784.241634,VS0,VE404
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; Expires=Fri, 20 May 2022 22:29:44 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; Max-Age=31536000; Domain=.nytimes.com; Path=/; Secure; SameSite=Lax nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhud; Expires=Fri, 20 May 2022 22:29:44 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure nyt-us=0; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com nyt-geo=FR; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com
x-datadome: protected
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimes3xbfgragh.onion/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload
content-length: 28836

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 25ms
24ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 3747306
x-guploader-uploadid: ABg5-UxGL-PBXPV31OWbWvfVBy5T6oyN8sQ18osPaQbYfPcr3TsI9RDdgQWGGiake8YWX3S3TeDwvnbVAbPWGu0Oew
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-hhn4041-HHN
accept-ranges: bytes
expires: Thu, 07 Apr 2022 13:34:37 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1621549785.680389,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 64044

GET
H2 200 global-69acc7c8fb6a313ed7e8641e4a88bf30.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
3 KB 27ms
27ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=xVtu/Q== md5=8t/i0xcrDEvURwPHlq+SQg==
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-api-version: F-X
age: 21369379
x-guploader-uploadid: ABg5-UzadwJJVco0UpaJTaU9yrgZMaUz_4aMwQT08kD2RC8WFP2U69rcjJ1SjFhy7-H0mWZMfVmtkBKnVkLIRUioNaU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2020-09-15 14:33:25 UTC
content-length: 1832
x-served-by: cache-hhn4041-HHN
last-modified: Tue, 15 Sep 2020 12:11:32 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549785.680088,VS0,VE1
etag: "f2dfe2d3172b0c4bd44703c796af9242"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
x-goog-generation: 1600171892731484
expires: Wed, 15 Sep 2021 14:33:25 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 4669
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-cache-hits: 64885

GET
H2 200 adslot-f32df753a7f26b792f2b.js Show response
www.nytimes.com/vi-assets/static-assets/ 15 KB
6 KB 26ms
26ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-f32df753a7f26b792f2b.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c02e610c02cda1b4f842eb6d4c6f03d0930607744a10f7735a4d5cb1bae517e3

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/adslot-f32df753a7f26b792f2b.js
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=3mihZg== md5=NunjqyvrhSa8xaH/okSV7w==
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-api-version: F-X
age: 28009
x-guploader-uploadid: ABg5-UyVZrNNZgtepqp9KyQjZZGJc-3gGn_gPClWzjM1Ac6x7wYEvKS0HYEdhUyJGOgzZ0gEUdI1hnfrd1BBCyKINlY
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-05-20 14:42:56 UTC
content-length: 5577
x-served-by: cache-hhn4041-HHN
last-modified: Thu, 20 May 2021 14:34:24 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549785.708952,VS0,VE1
etag: "36e9e3ab2beb8526bcc5a1ffa24495ef"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/adslot-f32df753a7f26b792f2b.js
x-goog-generation: 1621521264778013
expires: Fri, 20 May 2022 14:42:56 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 15342
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 716

GET
H2 200 vendor-361a3a5156942fc91866.js Show response
www.nytimes.com/vi-assets/static-assets/ 269 KB
81 KB 26ms
25ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-361a3a5156942fc91866.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ae919d261439a9f4ed7492e65e205bce6e265b16a7044180632c43da8f9be2c7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendor-361a3a5156942fc91866.js
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=MP5T3Q== md5=LQ+RE/AGsvQ+c1JdKdV0rw==
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-api-version: F-X
age: 1914758
x-guploader-uploadid: ABg5-UyIiEcVYjXTOI07rehhynAXSiAERO0TOGBRIconiMOOyEf_7VxdkxqqNwcyaiyw_hDJTA4uuVhoAX2CSMKmtv8
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-28 18:37:17 UTC
content-length: 82393
x-served-by: cache-hhn4041-HHN
last-modified: Wed, 28 Apr 2021 18:28:34 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549785.708946,VS0,VE1
etag: "2d0f9113f006b2f43e73525d29d574af"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendor-361a3a5156942fc91866.js
x-goog-generation: 1619634514425613
expires: Thu, 28 Apr 2022 18:37:07 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 275429
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 91959

GET
H2 200 story-6c5f7e882bd354fc976e.js Show response
www.nytimes.com/vi-assets/static-assets/ 993 KB
268 KB 26ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-6c5f7e882bd354fc976e.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c12071276b30f7f28367456fb9c0829c43dbf8a3a304beb27c96c0effcaa2e03

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/story-6c5f7e882bd354fc976e.js
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=WDJiIQ== md5=X3cbf+lZ7oh9F+cScf8NwA==
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-api-version: F-X
age: 2797
x-guploader-uploadid: ABg5-UwG4CDtVp4SwW-Y3zM3JiC31vMB5vBVYhZGqxh0unqnB7_s0KMklvoV0USqXzQTQsiLg8mnigMWA26714QAamZR6kC68w
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-05-20 21:43:07 UTC
content-length: 273735
x-served-by: cache-hhn4041-HHN
last-modified: Thu, 20 May 2021 21:24:22 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549785.766248,VS0,VE1
etag: "5f771b7fe959ee887d17e71271ff0dc0"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/story-6c5f7e882bd354fc976e.js
x-goog-generation: 1621545861831351
expires: Fri, 20 May 2022 21:43:06 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1017234
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2

GET
H2 200 main-2dfeebeb480c1f05d50a.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
318 KB 33ms
32ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-2dfeebeb480c1f05d50a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

cf387f02b96979a7c473410242cbe77faa3ebc348873ced5edfd17315d6c8e6d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/main-2dfeebeb480c1f05d50a.js
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=2UMrYw== md5=qjGQdLcsOKi8aQeo/TtP0g==
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-api-version: F-X
age: 2802
x-guploader-uploadid: ABg5-UzIzIwlCWs9CYgyaaM0NV6psgepluWnsWWm9I84ioBVWK29DpUFGk2xNAjYQ7YZCgQuM0_XXJ5z-op9ltpNeg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-05-20 21:43:03 UTC
content-length: 324835
x-served-by: cache-hhn4041-HHN
last-modified: Thu, 20 May 2021 21:24:21 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549785.766402,VS0,VE1
etag: "aa319074b72c38a8bc6907a8fd3b4fd2"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/main-2dfeebeb480c1f05d50a.js
x-goog-generation: 1621545861579890
expires: Fri, 20 May 2022 21:43:02 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1086775
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 42

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 345 KB
81 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

211d5ce0166273b5ad6e71bc3d260d9187cc9f3882802fb8ddbb75df414ee392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82803
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 76ms
24ms Preflight 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-cloud-trace-context: d5271c12bd03f8eec37c46cd79760d76/4661281150183592479
access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-max-age: 300
access-control-expose-headers: x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Thu, 20 May 2021 22:29:44 GMT
age: 826
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: FR
x-nyt-region: NAQ
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: b63ed9675e341241
x-served-by: cache-hhn4082-HHN
x-cache: HIT
x-cache-hits: 18
x-timer: S1621549785.814978,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
timing-allow-origin: *
content-length: 0

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 22ms
8ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 19:50:49 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ 0
0 125ms
103ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
756 B 124ms
123ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-f8741f6 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-nyt-meridiem: AM
age: 0
x-cache: MISS
samizdat-x-instance: b9937172
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 34cfbf7d927c0c0f
content-length: 123
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: NAQ
server: samizdat-graphql-f8741f6
x-timer: S1621549785.841486,VS0,VE100
x-nyt-continent: EU
x-served-by: cache-hhn4041-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: FR
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 148 KB
44 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ec6c5b115f5737ef8a927489c8f3f06049c7752fd7ab8b37746ca4a5ce8e39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:12:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 16:58:08 GMT
server: sffe
age: 1033
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44971
x-xss-protection: 0
expires: Thu, 20 May 2021 23:02:31 GMT

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 77ms
24ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Thu, 20 May 2021 22:29:44 GMT
via: 1.1 varnish
content-type: font/woff2
age: 15646661
x-guploader-uploadid: ABg5-Uz9nK6_2w5K-0GerMzlnNTbgOC1LOM1ZTMIt8N3zRK0mAlX9ToqD61L94PzercVqaEUUbUnKL9TZPwavvCOYrA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4031-HHN
accept-ranges: bytes
expires: Sat, 20 Nov 2021 20:12:03 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1621549785.831411,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921495212
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2727

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 92ms
39ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Thu, 20 May 2021 22:29:44 GMT
via: 1.1 varnish
content-type: font/woff2
age: 686112
x-guploader-uploadid: ABg5-UzeLqz2qAYdghiAYsWqMMLFVooHslmirP-ItyNBdjWA_y2eGVi3h_mrgCcEEls47pJJTxvpW6fu7ZoTqSE6vIkri77luw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4031-HHN
accept-ranges: bytes
expires: Thu, 12 May 2022 23:54:33 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1621549785.831387,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513200253
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2715

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 22ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 21:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2319
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Thu, 20 May 2021 22:41:05 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame ADC2 25 KB
8 KB 77ms
67ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=450430

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83ccbf2f8e9ee6e4153a9b06478eb432010f87a7d565da01c05c2d296c37f9d6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-twR+oxrAMxlk5mtRa7oQ7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-twR+oxrAMxlk5mtRa7oQ7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=450430
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 20 May 2021 22:29:44 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-twR+oxrAMxlk5mtRa7oQ7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-twR+oxrAMxlk5mtRa7oQ7w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=216=mUaR6vbZkXnCoOXDGAfx04lSuf-G9uSR07Wv3zko9qbKIcYS3wlwTRHXkhuejr973BvzRg50T3OxH2h_EduoTBeoVaRUUNWJWybpcOjmKSd5CMIRCccqe8WRCMY8Mycrz2U-5ir93OZr13VzvF7dSJkSP-EJEHWJgc2r1iDb6eg; expires=Fri, 19-Nov-2021 22:29:44 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 16ms
7ms Other
image/svg+xml 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 1351
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Thu, 20 May 2021 22:57:13 GMT

GET
H3-29 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
58 B 58ms
58ms Fetch
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-f20b8abb6fb69f9d7185.js Show response
www.nytimes.com/vi-assets/static-assets/ 71 KB
15 KB 25ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-f20b8abb6fb69f9d7185.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5244e9c6a6aaf4dae3d8686565870c0c7fd319a267bce612e21816e4581e33a8

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-f20b8abb6fb69f9d7185.js
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=wvVlOA== md5=9yrleltmmf/qW9PLW7rk1Q==
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-api-version: F-X
age: 1914747
x-guploader-uploadid: ABg5-Ux12uduB7Xpfx1Y_d_22vKLTG6IJtFga4tAsOwbeB6bKrz0-hsmIj3nnkHxcAZ9vm6RqxLAqdkpA_FX20BNeJs
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-28 18:37:17 UTC
content-length: 13914
x-served-by: cache-hhn4041-HHN
last-modified: Wed, 28 Apr 2021 18:28:34 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549785.976357,VS0,VE1
etag: "f72ae57a5b6699ffea5bd3cb5bbae4d5"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-f20b8abb6fb69f9d7185.js
x-goog-generation: 1619634514403299
expires: Thu, 28 Apr 2022 18:37:17 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 72907
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 79432

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-596ae37870af61daa675.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
5 KB 26ms
25ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-596ae37870af61daa675.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

110a392ca8298c0e09bd9b10968b3790ae9058936ea8b98a0f10b953d84a686d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-596ae37870af61daa675.js
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=3AN1/w== md5=vUhOx5oAEPTMsypd4RuVIw==
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-api-version: F-X
age: 3617016
x-guploader-uploadid: ABg5-UyzJo6Cs6eby3IRBPxGL4tkmJ4TGEhQrW2QmA2FUAMm_XlxOvERmqu8a9NnxjC2PqVVUnNWTmNes4IW5ZGIQKs
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-09 01:46:09 UTC
content-length: 4756
x-served-by: cache-hhn4041-HHN
last-modified: Fri, 09 Apr 2021 01:13:39 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549785.976620,VS0,VE1
etag: "bd484ec79a0010f4ccb32a5de11b9523"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-596ae37870af61daa675.js
x-goog-generation: 1617738080500082
expires: Sat, 09 Apr 2022 01:46:09 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 20255
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 72271

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-9919df76c1dc23f31e32.js Show response
www.nytimes.com/vi-assets/static-assets/ 30 KB
7 KB 26ms
26ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-9919df76c1dc23f31e32.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b705360a40c45dacbecc3b0a349d5c15120e497a80b2d32700dd16f512a7dea7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-9919df76c1dc23f31e32.js
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=18qUIA== md5=dmQ6Y9ikJ5rib0kycmVmPg==
date: Thu, 20 May 2021 22:29:44 GMT
content-encoding: gzip
x-api-version: F-X
age: 3088635
x-guploader-uploadid: ABg5-Uyb6el5Hjd0i46BOfNvLSzNWxWHOCnuukMnl9FlGVeQX7SDYiPST6llyPSdSe458vRApKYS94QU8s-4nxjxfkpN8VsAlg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-15 04:32:30 UTC
content-length: 6145
x-served-by: cache-hhn4041-HHN
last-modified: Thu, 15 Apr 2021 01:37:26 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549785.976862,VS0,VE1
etag: "76643a63d8a4279ae26f49327265663e"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-9919df76c1dc23f31e32.js
x-goog-generation: 1618450646208382
expires: Fri, 15 Apr 2022 04:32:29 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 30824
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:44 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 72459

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
115ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
dd.nytimes.com/ 226 KB
34 KB 58ms
7ms Script
text/javascript 2600:9000:214f:8e00:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:8e00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

777eeadfa99729f21fb6aae66847f30967a46f1fd6f9e58e142eeb6d36db6729

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:02:59 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 1606
x-cache: Hit from cloudfront
content-length: 34468
access-control-allow-origin: *
last-modified: Wed, 12 May 2021 13:02:17 GMT
server: Apache
etag: "38886-5c2219ece1587-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: yU-WY9nZ95Kbxb_knKCupDddS_MYtrbCpv8kUJomMTb9ZJhkbhwlSw==
expires: Thu, 20 May 2021 23:02:59 GMT

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ Frame ADC2 21 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450430

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 21:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 20:16:39 GMT
server: sffe
age: 2320
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0
expires: Thu, 20 May 2021 22:41:05 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI59R... Frame ADC2 146 KB
52 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI59RDpV1Vft3Fv0LhOSEY67Bzp6PQ/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d036d53c46333b09fd05f85cff3bf81f9f7ede4da246a19817777dca5efd8c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 19:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 23:53:24 GMT
server: sffe
age: 96996
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52541
x-xss-protection: 0
expires: Thu, 19 May 2022 19:33:09 GMT

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 132ms
110ms Fetch
text/html 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-2dfeebeb480c1f05d50a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:29:45 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 9c1e04bd7d1206d5f2c87c6687a21d1b
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 20 May 2021 22:29:45 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 1 KB
1 KB 152ms
130ms XHR
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&jkcb=1621549785434
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-2dfeebeb480c1f05d50a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4b4ca8135464997515e99a28a600f260d942b00092cf16448bc4a646583d5f0b

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:29:45 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 93491ade3a9bdeedc2d14a235a4192d5
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 566
expires: Thu, 20 May 2021 22:29:45 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
99ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 defaultSiteIndexData-8bf073c6f40c9e51b6f6.js Show response
www.nytimes.com/vi-assets/static-assets/ 4 KB
2 KB 24ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/defaultSiteIndexData-8bf073c6f40c9e51b6f6.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e4532e7dfaffe2a6cc704d7050574cda971fa3817bc02690609308dc607b54fd

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/defaultSiteIndexData-8bf073c6f40c9e51b6f6.js
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; purr-cache=<K0<r<C_<G_<S0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Xrq3/w== md5=8WH2L0loklbzk3TteounbA==
date: Thu, 20 May 2021 22:29:45 GMT
content-encoding: gzip
x-api-version: F-X
age: 27977
x-guploader-uploadid: ABg5-UwZPN1p9GokiXNJ9JagNQsw2sjlU4pIih0qrVSdQOIMLjW1LdyoZG2rempEjydPuMpYBEXZLoTP2U0EqAJHUhw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-05-20 14:43:27 UTC
content-length: 1397
x-served-by: cache-hhn4041-HHN
last-modified: Thu, 20 May 2021 14:34:25 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549786.578386,VS0,VE1
etag: "f161f62f49689256f39374ed7a8ba76c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/defaultSiteIndexData-8bf073c6f40c9e51b6f6.js
x-goog-generation: 1621521265006988
expires: Fri, 20 May 2022 14:43:27 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 3961
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:45 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 362

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.-AYoUkRe0QQ.L... Frame ADC2 36 KB
13 KB 23ms
10ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI59RDpV1Vft3Fv0LhOSEY67Bzp6PQ/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3644da664b0eb3ef4d8a8ed6d90529ac2f7c439e3f7c04dfe4e9c598e9b8dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 19:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 23:53:24 GMT
server: sffe
age: 96647
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13430
x-xss-protection: 0
expires: Thu, 19 May 2022 19:38:58 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame ADC2 21 KB
21 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=450430

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 09:39:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 564628
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Sat, 14 May 2022 09:39:17 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.-AYoUkRe0QQ.L... Frame ADC2 96 KB
32 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.-AYoUkRe0QQ.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7rTd_0Tsuh6kjMIGwvPUuo3AJlgQ/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69214a03a54a753131d48ad3f4ee01924f0dbf700314e549b53f2f313d656bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 19:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 23:53:24 GMT
server: sffe
age: 96647
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33190
x-xss-protection: 0
expires: Thu, 19 May 2022 19:38:58 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 210 B
552 B 32ms
16ms XHR
application/json 2600:9000:214f:8e00:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8e00:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: fa02ecdb00ed671d0e2fa49934e30896a671256fa57a67694d7211599d3d510a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 20 May 2021 22:29:45 GMT
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 210
x-amz-cf-id: wBqlHEnSfSzBEfIrcqPtiG6-f-JKE709vB7oFeQLkwQbt13QSomC-Q==
expires: 0

GET
H2 200 siteIndexContent-c70d94512d7707a9bc27.js Show response
www.nytimes.com/vi-assets/static-assets/ 15 KB
6 KB 24ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/siteIndexContent-c70d94512d7707a9bc27.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7a5d29eabf126e519a38c09e2cd53c9b449e8c52ecdc20bf6253866e524fe7e7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/siteIndexContent-c70d94512d7707a9bc27.js
pragma: no-cache
cookie: nyt-a=KnlbMhcYH9EQyfxoknb48S; datadome=Wt.XK3naubtdipjU1_t2kdTCe3oMtpW5ccyaJvvRmwF6Wv-IVO.uYDmw7CKfCjowFHiOxTpmX.4agbQfRwxqN8Me1bmtucRoZ5Eqlg2qIv; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; purr-cache=<K0<r<C_<G_<S0; b2b_cig_opt=%7B%22isCorpUser%22%3Afalse%7D; edu_cig_opt=%7B%22isEduUser%22%3Afalse%7D; nyt-jkidd=uid=0&lastRequest=1621549785512&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e2WnfQ== md5=jJl6qvo8T1RjUeTIGh/rkQ==
date: Thu, 20 May 2021 22:29:45 GMT
content-encoding: gzip
x-api-version: F-X
age: 27952
x-guploader-uploadid: ABg5-UxiggB-pj9RKJTmY7oaTlCBr9pgowIglSu1UZ8fP_FeN211IWIDxXuxwYmepcGe6vZwqkaMXxgpPV2o5ctusIOegMjoqA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-05-20 14:43:54 UTC
content-length: 5125
x-served-by: cache-hhn4041-HHN
last-modified: Thu, 20 May 2021 14:43:31 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1621549786.625865,VS0,VE1
etag: "8c997aaafa3c4f546351e4c81a1feb91"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/siteIndexContent-c70d94512d7707a9bc27.js
x-goog-generation: 1621521811603247
expires: Fri, 20 May 2022 14:43:54 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 15836
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 21 May 2021 04:29:45 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 331

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3589
date: Thu, 20 May 2021 21:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 20 May 2021 23:29:56 GMT

GET
H3-29

200

activityi;dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48... Show response
5290727.fls.doubleclick.net/ Frame EED5
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u...

839 B
542 B

66ms
34ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

38e0cc7f2cd939b0a8994ea4a19d562575312696244f723fe724c113a5e03bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 May 2021 22:29:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 517
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-May-2021 22:44:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 May 2021 22:29:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 23ms
7ms Script
application/x-javascript 2600:9000:2057:ba00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:ba00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 15:20:46 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 25739
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: hEMJCzhfjBm1MUc6vd4L4xtodmjaFRlJASC-1Kpqwp0dHU6yoKOLFw==
expires: Fri, 21 May 2021 15:20:46 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
561 B 25ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Thu, 20 May 2021 22:29:45 GMT
content-encoding: gzip
content-type: application/javascript
age: 76759
x-guploader-uploadid: ABg5-UwpP2QQiRZ4mhzZ1WDzSXZgXi33g7tLM6ErmPRjeL-mN82b9L8HaVdknnICFnQ4d5J0zL1aHvXKtqaKr_nu5ukiITF2yA
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4041-HHN
accept-ranges: bytes
expires: Fri, 29 Jan 2021 01:07:11 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1621549786.654952,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 3034

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 98ms
32ms Image
image/gif 34.255.138.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=715627232
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.138.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-138-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 22:29:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2111816055&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&dr=&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1906970182&gjid=528530472&cid=27652390.1621549786&tid=UA-58630905-2&_gid=804782714.1621549786&_r=1&gtm=2wg5j0P528B3&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&cd3=&cd9=9&cd10=null&cd13=null&cd14=null&cd15=earned&cd16=referring_links&cd21=NotFound&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd37=0&cd42=nyt-vi&cd48=null&cd49=blurb_under_100&cd51=nyt-vi&cd52=&cd54=null&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd63=KnlbMhcYH9EQyfxoknb48S&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=KnlbMhcYH9EQyfxoknb48S&z=1340093245

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 May 2021 22:29:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame ADC2 236 B
221 B 70ms
70ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=5970059146226515293&bl=boq_subscribewithgoogleclientserver_20210518.10_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=1786&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bd7081968dc02f58fb136c2b04b17a3d0e1e3f11f2457ac6aba9c4ed48bad7a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 May 2021 22:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.-AYoUkRe0QQ.L... Frame ADC2 46 KB
17 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.-AYoUkRe0QQ.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7rTd_0Tsuh6kjMIGwvPUuo3AJlgQ/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1635dba56e4177e9fc2d2820792e290f5aee61585e201a18e3c338e5811993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 19:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 23:53:24 GMT
server: sffe
age: 96647
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17690
x-xss-protection: 0
expires: Thu, 19 May 2022 19:38:58 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.-AYoUkRe0QQ.L... Frame ADC2 236 B
183 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.-AYoUkRe0QQ.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7rTd_0Tsuh6kjMIGwvPUuo3AJlgQ/m=lwddkf

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 19:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 23:53:24 GMT
server: sffe
age: 96647
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Thu, 19 May 2022 19:38:58 GMT

GET
H3-29 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.-AYoUkRe0QQ.L... Frame ADC2 796 B
471 B 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.tmyypK_H9GQ.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.-AYoUkRe0QQ.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lfpdyf,lsjVmc,lwddkf,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7rTd_0Tsuh6kjMIGwvPUuo3AJlgQ/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4de8ec6921f880f49c016bd5f71b0e7719e39269e950bbde719421506ab1391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 19:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 23:53:24 GMT
server: sffe
age: 96647
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 448
x-xss-protection: 0
expires: Thu, 19 May 2022 19:38:58 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
169 B 293ms
94ms Image
image/gif 54.205.171.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&u=BTBIofDbxrJHDOpzVX&d=nytimes.com&g=16698&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1540&t=BcusNMBPe_m7DnbWdoCggAscCDeopz&V=126&i=Not%20Found%20-%20The%20New%20York%20Times&tz=-120&_acct=anon&sn=1&sv=BFTUALBjkuv7Bi4mH8CE4ah0BaRVRn&sd=1&im=06070403&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.171.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-171-136.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 22:29:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 log Show response
play.google.com/ Frame ADC2 131 B
644 B 67ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 May 2021 22:29:45 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 20 May 2021 22:29:45 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 8 KB
2 KB 51ms
37ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=www.nytimes.com&t=5405166&v=1.720.0&sl=0&si=34d4f46d-befc-4823-9667-4225830bebc1-qtfftk&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bc3ec9b5a475174a552d4940e5493ccdaae7ae7bcf552de7d95728a4449ea81f

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 22:29:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1905

POST
H3-29 200 log Show response
play.google.com/ Frame ADC2 131 B
154 B 41ms
40ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 May 2021 22:29:45 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 20 May 2021 22:29:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 56ms
38ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 20 May 2021 22:29:45 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 May 2021 22:29:45 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame ADC2 131 B
154 B 41ms
41ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 May 2021 22:29:45 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 20 May 2021 22:29:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 56ms
38ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 20 May 2021 22:29:45 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 May 2021 22:29:45 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame ADC2 131 B
154 B 42ms
42ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 20 May 2021 22:29:45 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Thu, 20 May 2021 22:29:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 55ms
38ms Preflight
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Thu, 20 May 2021 22:29:45 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 May 2021 22:29:45 GMT
cache-control: private

GET
H2 200 dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=... Show response
adservice.google.com/ddm/fls/i/ Frame 386B 838 B
608 B 44ms
44ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ea4cabe0b8179f6915ae5c5b1e5a04801f8f1893bd6052d648e37b7f27bd32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5290727.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=216=mUaR6vbZkXnCoOXDGAfx04lSuf-G9uSR07Wv3zko9qbKIcYS3wlwTRHXkhuejr973BvzRg50T3OxH2h_EduoTBeoVaRUUNWJWybpcOjmKSd5CMIRCccqe8WRCMY8Mycrz2U-5ir93OZr13VzvF7dSJkSP-EJEHWJgc2r1iDb6eg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5290727.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 May 2021 22:29:45 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 519
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=... Show response
adservice.google.de/ddm/fls/i/ Frame 6592 194 B
391 B 42ms
41ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CJmI2ten2fACFSeZ3godxpUDUQ;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=3179626548212;gtm=2wg5j0;auiddc=2103875930.1621549786;u4=;u5=undefined;u6=undefined;u7=KnlbMhcYH9EQyfxoknb48S;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 20 May 2021 22:29:45 GMT
expires: Thu, 20 May 2021 22:29:45 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 34ms
12ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ce3c76cd9f595b2329803b2f1d4f6c5dca3b3e0a813314bc1c0cf71351d837

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:29:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 257
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 4HWHH4ADKHSP7R03
x-amz-id-2: S687GOk1cpyfR7pd50OUilFsORVuz1q9cMPUswQlBgVMZSIAIGsPdWgUwfZf2iTgGvSKTqQldkI=
last-modified: Wed, 19 May 2021 19:44:06 GMT
server: cloudflare
etag: W/"b1a3bbc899698c8bb58607328f95bd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C1y83XDbGT7OBa8v31L6N95mhP0OxJmfHVxqrzyR5VWQDV%2F%2B4p9F2lidhIsz1lH78BQHHzecxVo7dIU6uYAUhY6V3fn1qglkVwCBOuI%2FDXdmwG9yP2YcL4gtm%2BE0cv5s20u7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-request-id: 0a2d7f3bb600004a6dc0a87000000001
cf-ray: 65290172b9254a6d-FRA

POST
H2 204 /
364bf5fa.akstat.io/ 0
202 B 46ms
44ms Ping
image/gif 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://364bf5fa.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 20 May 2021 22:29:46 GMT
content-type: image/gif
access-control-allow-origin: https://www.nytimes.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Thu, 20 May 2021 22:29:46 GMT

GET
H3-29 200 sdk-prod-3876f9b0a93f7c373056.js Show response
platform.iteratehq.com/ 874 KB
237 KB 48ms
38ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-3876f9b0a93f7c373056.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f526a7ff25b453a5db6de226e027a84dff2f25738488c810f69cd1d2eaa12c1

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:29:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 95924
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 55BFE4A7SMDJYEN0
x-amz-id-2: SkhfyFSwkafzBfALaMN1DnDkWtI8lR0/Nw1RTnBT9D6puLaK3MIqRb/78N6df0W8Ntw/Teb4HXw=
last-modified: Wed, 19 May 2021 19:44:00 GMT
server: cloudflare
etag: W/"ce9de1de954efaea3926845463148509"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bm1q%2FDZA8kuPX3jOQH53tR1xs2dTqJngc5BYQ5L0%2FJg%2BCHvfbSbf37mF%2FuYesVWTCLOF%2BaKBldi6IhYgZDAOemueVb71nlIwFtcnzhuZULoyf4dT8LyHqfvxQLifoXAZ8gHo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-request-id: 0a2d7f3bcf00004e5639072000000001
cf-ray: 65290172eac54e56-FRA

GET
H3-29 200 style-49e408b8c1e44beafa1b.css
platform.iteratehq.com/ 145 KB
12 KB 28ms
19ms Stylesheet
text/css 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-49e408b8c1e44beafa1b.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 22:29:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5103083
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FS8Y3QFKEWCAR432
x-amz-id-2: zuPrV/sxaKvRGft7FRGAaA+c7tjWDeGnX7Sc8f7EcyMAXbebjwfQDXjINrquIBhcIpb6Ah6Yd1o=
last-modified: Wed, 10 Mar 2021 16:57:40 GMT
server: cloudflare
etag: W/"03c7fa2d3d6a28098dd43eb9b903eced"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CmGsnmbTt2sn5nRjii4JIkyzX0uRy34By4j08Qia0Srii0kl6fCiBiCG4vmgOtLgKGlRJRJv%2BIbPPIWY5PWDc7ibFiFqN7J37s7GH2PSgIu7lmsJnQgMOAnfLJWmlRNA55wq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-request-id: 0a2d7f3bcf00004e5616083000000001
cf-ray: 65290172eac34e56-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 247ms
224ms Preflight 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Server: 2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 20 May 2021 22:29:46 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
cf-request-id: 0a2d7f3c7900004a55c982b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JRD1w4wsw0dzKYeBRxj%2FuF0qVlTDuJ0B3GfM6JLcHc%2B7L%2Fo10aEr7aVKWS1MYn%2BTdrbodgwwaBhpurh1ImJ4EpzaCw9y8nEx2liU6FaC7rd5WmnuOV11UgRO"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 65290173f93f4a55-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3-29 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
944 B 257ms
247ms Fetch
application/json 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-3876f9b0a93f7c373056.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626b5016545c87d9f082215c4419cee3a4a5ca1028e14141f3ab006dc585803a

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 22:29:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qs%2FaWr%2FTjSBGp03A%2BGcK80oMBm7BWRnENR5a8DVqv7GPJWDzfE0g9d6TKAb6f1umdpsqcOjSXx4oThKnAwdZKfmebO9ZWGnmRJkWMZdcs6%2BqnOLKwWcQzN24"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 652901756dd305c4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2d7f3d62000005c4d6272000000001

GET
H/1.1

200
OK

results.txt Show response
kjtbe4qxedxncyfg4lna-pxtq2n-e9b8aa70d-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pxtq2n9i5
https://kjtbe4qxedxncyfg4lna-pxtq2n-e9b8aa70d-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

183ms
23ms

XHR
text/plain

2.17.123.64
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kjtbe4qxedxncyfg4lna-pxtq2n-e9b8aa70d-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.17.123.64 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-123-64.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 22:29:46 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kjtbe4qxedxncyfg4lna-pxtq2n-e9b8aa70d-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Thu, 20 May 2021 22:29:46 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6abeejrukqce3ygyaaaabqknyw2-pxtq2n-26e2844b2-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pxtq2n9i5
https://fiaqj6abeejrukqce3ygyaaaabqknyw2-pxtq2n-26e2844b2-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

46ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6abeejrukqce3ygyaaaabqknyw2-pxtq2n-26e2844b2-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba13 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 22:29:46 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6abeejrukqce3ygyaaaabqknyw2-pxtq2n-26e2844b2-clienttons-s.akamaihd.net/eum/results.txt
Date: Thu, 20 May 2021 22:29:46 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
99ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
99ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
99ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
168 B 94ms
94ms Image
image/gif 54.205.171.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&u=BTBIofDbxrJHDOpzVX&d=nytimes.com&g=16698&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=1200&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1540&t=BcusNMBPe_m7DnbWdoCggAscCDeopz&V=126&tz=-120&_acct=anon&sn=2&sv=BFTUALBjkuv7Bi4mH8CE4ah0BaRVRn&sd=1&im=06070403&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.171.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-171-136.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 22:30:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 99ms
99ms Ping
application/json 2a00:1450:4001:830::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.nytimes.com/	1970-01-20 03:54:37	Name: _cb Value: BTBIofDbxrJHDOpzVX
.nytimes.com/	1970-01-19 18:35:54	Name: RT Value: "z=1&dm=nytimes.com&si=c3e187d6-27ae-415f-8d9b-7f027e65ea10&ss=koxgvh4j&sl=1&tt=1f3&bcn=%2F%2F364bf5fa.akstat.io%2F&ld=1f7"
www.nytimes.com/	1970-01-20 03:54:37	Name: _cb_ls Value: 1
.google.com/	1970-01-19 22:49:20	Name: NID Value: 216=mUaR6vbZkXnCoOXDGAfx04lSuf-G9uSR07Wv3zko9qbKIcYS3wlwTRHXkhuejr973BvzRg50T3OxH2h_EduoTBeoVaRUUNWJWybpcOjmKSd5CMIRCccqe8WRCMY8Mycrz2U-5ir93OZr13VzvF7dSJkSP-EJEHWJgc2r1iDb6eg
.nytimes.com/	1970-01-23 10:01:49	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MGE2ZTJkYTAxZTM4MzAwMDFhMjhlYzAiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjIxNTQ5Nzg2fQ.xltKEgNbqm2XIOBlg_CgqJCIisFCUZooK58gXnPaMdc
.nytimes.com/	1970-01-19 18:25:49	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-19 18:27:16	Name: walley_gid Value: GA1.2.804782714.1621549786
.nytimes.com/	1970-01-19 20:35:25	Name: _gcl_au Value: 1.1.2103875930.1621549786
www.nytimes.com/	1970-01-20 03:54:37	Name: _chartbeat2 Value: .1621549785711.1621549785711.1.BFTUALBjkuv7Bi4mH8CE4ah0BaRVRn.1
.nytimes.com/	1970-01-20 03:11:25	Name: nyt-jkidd Value: uid=0&lastRequest=1621549785512&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-19 18:25:55	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
www.nytimes.com/	1970-01-19 18:25:51	Name: _cb_svref Value: null
.nytimes.com/	1970-01-19 18:25:55	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.doubleclick.net/	1970-01-19 18:25:50	Name: test_cookie Value: CheckForPermission
.nytimes.com/	1970-01-20 03:11:25	Name: datadome Value: XYkzP1gL732Rk2_wvxxgc.-rTfBN8ynRMK5Jxe~bpI4DVy39q4AQ17vVBOCjvyYif7QlV1OI39gs~I34fYm_3ypNZO6B-yEuZvGhSkFHqW
.nytimes.com/	1970-01-19 18:26:11	Name: nyt-geo Value: FR
.nytimes.com/	1970-01-20 03:11:25	Name: nyt-a Value: KnlbMhcYH9EQyfxoknb48S
.nytimes.com/	1970-01-19 18:26:11	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 03:11:25	Name: nyt-purr Value: cfhspnahhud
.nytimes.com/	1970-01-19 18:26:11	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 11:57:01	Name: walley Value: GA1.2.27652390.1621549786
.nytimes.com/	1970-01-20 03:55:19	Name: purr-cache Value: <K0<r<C_<G_<S0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 10) Message: Subscriptions Runtime: 0.1.22.166
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-2dfeebeb480c1f05d50a.js(Line 33) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 10) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 10) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-2dfeebeb480c1f05d50a.js(Line 51) Message: Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

364bf5fa.akstat.io
5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
c.go-mpulse.net
dd.nytimes.com
fiaqj6abeejrukqce3ygyaaaabqknyw2-pxtq2n-26e2844b2-clienttons-s.akamaihd.net
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
kjtbe4qxedxncyfg4lna-pxtq2n-e9b8aa70d-clientnsv4-s.akamaihd.net
news.google.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
static.chartbeat.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
142.250.185.70
151.101.113.164
2.17.123.64
23.32.238.209
2600:9000:2057:ba00:18:1fcd:34f:cdc1
2600:9000:214f:8e00:a:a8c5:a040:93a1
2606:4700:3032::ac43:c7c7
2606:4700:3037::6815:24db
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2013
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:ba13
34.255.138.57
54.205.171.136
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536
110a392ca8298c0e09bd9b10968b3790ae9058936ea8b98a0f10b953d84a686d
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
211d5ce0166273b5ad6e71bc3d260d9187cc9f3882802fb8ddbb75df414ee392
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
38e0cc7f2cd939b0a8994ea4a19d562575312696244f723fe724c113a5e03bd4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b4ca8135464997515e99a28a600f260d942b00092cf16448bc4a646583d5f0b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5244e9c6a6aaf4dae3d8686565870c0c7fd319a267bce612e21816e4581e33a8
626b5016545c87d9f082215c4419cee3a4a5ca1028e14141f3ab006dc585803a
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
67ce3c76cd9f595b2329803b2f1d4f6c5dca3b3e0a813314bc1c0cf71351d837
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
69214a03a54a753131d48ad3f4ee01924f0dbf700314e549b53f2f313d656bde
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
777eeadfa99729f21fb6aae66847f30967a46f1fd6f9e58e142eeb6d36db6729
7a5d29eabf126e519a38c09e2cd53c9b449e8c52ecdc20bf6253866e524fe7e7
83ccbf2f8e9ee6e4153a9b06478eb432010f87a7d565da01c05c2d296c37f9d6
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8bd7081968dc02f58fb136c2b04b17a3d0e1e3f11f2457ac6aba9c4ed48bad7a
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec6c5b115f5737ef8a927489c8f3f06049c7752fd7ab8b37746ca4a5ce8e39e
9ea4cabe0b8179f6915ae5c5b1e5a04801f8f1893bd6052d648e37b7f27bd32f
9f526a7ff25b453a5db6de226e027a84dff2f25738488c810f69cd1d2eaa12c1
aa1635dba56e4177e9fc2d2820792e290f5aee61585e201a18e3c338e5811993
ae919d261439a9f4ed7492e65e205bce6e265b16a7044180632c43da8f9be2c7
b705360a40c45dacbecc3b0a349d5c15120e497a80b2d32700dd16f512a7dea7
bc3ec9b5a475174a552d4940e5493ccdaae7ae7bcf552de7d95728a4449ea81f
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c02e610c02cda1b4f842eb6d4c6f03d0930607744a10f7735a4d5cb1bae517e3
c12071276b30f7f28367456fb9c0829c43dbf8a3a304beb27c96c0effcaa2e03
c7f840f290419b7b7fbf7df3d6b8d41299a1586ba195913b6ff8c9ecc6a62761
cf387f02b96979a7c473410242cbe77faa3ebc348873ced5edfd17315d6c8e6d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d036d53c46333b09fd05f85cff3bf81f9f7ede4da246a19817777dca5efd8c39
d3644da664b0eb3ef4d8a8ed6d90529ac2f7c439e3f7c04dfe4e9c598e9b8dd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4532e7dfaffe2a6cc704d7050574cda971fa3817bc02690609308dc607b54fd
e4de8ec6921f880f49c016bd5f71b0e7719e39269e950bbde719421506ab1391
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
f1d6939b69c7c48fff939cbc3945f84ae8427d167c394857f6840377ce1b252a
fa02ecdb00ed671d0e2fa49934e30896a671256fa57a67694d7211599d3d510a

www.nytimes.com Open in urlscan Pro 151.101.113.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

71 Requests

100 %HTTPS

73 %IPv6

15 Domains

29 Subdomains

21 IPs

3 Countries

1451 kBTransfer

5126 kBSize

22 Cookies

19 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

100 %
HTTPS

73 %
IPv6

15
Domains

29
Subdomains

21
IPs

3
Countries

1451 kB
Transfer

5126 kB
Size

22
Cookies

71 HTTP transactions
0 data transactions