www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2020/03/12/
Submission: On April 30 via api (April 30th 2021, 12:45:56 am UTC) from US

Summary HTTP 62 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 15 domains to perform 62 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:808::2013	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20e8:8000:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 1	2.16.107.184 2.16.107.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.16.107.152 2.16.107.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c8:e400:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.213.189.245 52.213.189.245	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	52.4.50.244 52.4.50.244	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
62	19

12 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6852bd04.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:808::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20e8:8000:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.184 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-184.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.152 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-152.deploy.static.akamaitechnologies.com

yk57wpqccbv3qyelkm2a-p6qii7-c536d79ca-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba13 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

fiaqj6absjkbikqce3ygyaaaabqiwuzu-p6qii7-18ade1ca6-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:e400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.189.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-189-245.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.50.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-50-244.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	nytimes.com www.nytimes.com samizdat-graphql.nytimes.com a.et.nytimes.com purr.nytimes.com a.nytimes.com dd.nytimes.com	480 KB
15	google.com news.google.com play.google.com adservice.google.com	67 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	136 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	250 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net yk57wpqccbv3qyelkm2a-p6qii7-c536d79ca-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqce3ygyaaaabqiwuzu-p6qii7-18ade1ca6-clienttons-s.akamaihd.net	1 KB
4	nyt.com g1.nyt.com a1.nyt.com	51 KB
2	doubleclick.net 1 redirects 5290727.fls.doubleclick.net	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
1	google.de adservice.google.de	877 B
1	chartbeat.net pnytimes.chartbeat.net	169 B
1	adsrvr.org insight.adsrvr.org	261 B
1	chartbeat.com static.chartbeat.com	14 KB
1	akstat.io 6852bd04.akstat.io	202 B
1	googletagmanager.com www.googletagmanager.com	80 KB
62	15

	Domain	Requested by
7	play.google.com	www.gstatic.com
7	news.google.com	www.nytimes.com news.google.com www.gstatic.com
6	www.gstatic.com	news.google.com www.gstatic.com
6	a.et.nytimes.com	www.nytimes.com
6	www.nytimes.com	www.nytimes.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	g1.nyt.com	www.nytimes.com g1.nyt.com
2	iteratehq.com	platform.iteratehq.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
2	samizdat-graphql.nytimes.com	www.nytimes.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	pnytimes.chartbeat.net
1	insight.adsrvr.org
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	fiaqj6absjkbikqce3ygyaaaabqiwuzu-p6qii7-18ade1ca6-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	yk57wpqccbv3qyelkm2a-p6qii7-c536d79ca-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	6852bd04.akstat.io	s.go-mpulse.net
1	fonts.gstatic.com	news.google.com
1	c.go-mpulse.net	s.go-mpulse.net
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	s.go-mpulse.net	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
62	29

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
cn.nytimes.com
cooking.nytimes.com
timesmachine.nytimes.com
store.nytimes.com
nytlicensing.com
help.nytimes.com
eedition.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
a.et.nytimes.com GTS CA 1D2	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
purr.nytimes.com GTS CA 1D2	`2021-03-31` - `2021-06-29`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2021-03-25` - `2021-06-23`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.nytimes.com/2020/03/12/
Frame ID: AD488DD31EEDBEC7D12F0639F7684103
Requests: 40 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=449928
Frame ID: 30501BDB2E96DF7A41FED3E18D1CFB91
Requests: 14 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F
Frame ID: 830FFFE70F86046A4632B597BD50FD42
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F
Frame ID: 6EA34F22583489EA58133B9E47602100
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F
Frame ID: 019553E1F840BFB6A27CB05D24B46FB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i

Fastly (CDN) Expand

Overall confidence: 100%
Detected patterns

headers vary /Fastly-SSL/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

62
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

29
Subdomains

19
IPs

3
Countries

1151 kB
Transfer

3985 kB
Size

9
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log in

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文网

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Recipes

Search URL Search Domain Scan URL

URL: https://timesmachine.nytimes.com/browser
Title: TimesMachine

Search URL Search Domain Scan URL

URL: https://store.nytimes.com/
Title: NYT Store

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/seg
Title: Manage My Account

Search URL Search Domain Scan URL

URL: https://nytlicensing.com/
Title: NYTLicensing

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/sections/115003859548-Apps
Title: Mobile Applications

Search URL Search Domain Scan URL

URL: http://eedition.nytimes.com/cgi-bin/signup.cgi?cc=37FYY
Title: Replica Edition

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2021 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p6qii7zd6 HTTP 302
https://yk57wpqccbv3qyelkm2a-p6qii7-c536d79ca-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 43

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p6qii7zd6 HTTP 302
https://fiaqj6absjkbikqce3ygyaaaabqiwuzu-p6qii7-18ade1ca6-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 45

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request / Show response
www.nytimes.com/2020/03/12/ 89 KB
29 KB 213ms
163ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2020/03/12/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2b96878214ff7ad0ffc64af2873e93f7aea1ad990483fbfb6d1414990a1c23f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /2020/03/12/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=10,no-store
x-nyt-route: vi-story
x-datadome-timer: S1619743539.414851,VS0,VE4
x-origin-time: 2021-04-30 00:45:39 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 30 Apr 2021 00:45:39 GMT
age: 0
x-served-by: cache-lga21939-LGA, cache-hhn4039-HHN
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1619743539.414851,VS0,VE142
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=b39LNm5_9gJ9fZt0vaFjAI; Expires=Sat, 30 Apr 2022 00:45:39 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure datadome=5EvgvlLR4SZKMBg_Tbxek7yys-SXyfKAsapC5nuOzlNaVKSJdAlaWfdlstSuMjtwDflRAbrOyfPgLHQu~s2-~3U0kYUFSzX7kjgX.6Xp25; Max-Age=31536000; Domain=.nytimes.com; Path=/; Secure; SameSite=Lax nyt-gdpr=1; Expires=Fri, 30 Apr 2021 06:45:39 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhud; Expires=Sat, 30 Apr 2022 00:45:39 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure nyt-us=0; Expires=Fri, 30 Apr 2021 06:45:39 GMT; Path=/; Domain=.nytimes.com nyt-geo=BE; Expires=Fri, 30 Apr 2021 06:45:39 GMT; Path=/; Domain=.nytimes.com
x-datadome: protected
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimes3xbfgragh.onion/2020/03/12/
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload
content-length: 28278

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 23ms
21ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Fri, 30 Apr 2021 00:45:39 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 1941062
x-guploader-uploadid: ABg5-UxGL-PBXPV31OWbWvfVBy5T6oyN8sQ18osPaQbYfPcr3TsI9RDdgQWGGiake8YWX3S3TeDwvnbVAbPWGu0Oew
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-hhn4039-HHN
accept-ranges: bytes
expires: Thu, 07 Apr 2022 13:34:37 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1619743540.589204,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 25498

GET
H2 200 global-69acc7c8fb6a313ed7e8641e4a88bf30.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
3 KB 22ms
22ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
pragma: no-cache
cookie: nyt-a=b39LNm5_9gJ9fZt0vaFjAI; datadome=5EvgvlLR4SZKMBg_Tbxek7yys-SXyfKAsapC5nuOzlNaVKSJdAlaWfdlstSuMjtwDflRAbrOyfPgLHQu~s2-~3U0kYUFSzX7kjgX.6Xp25; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=BE
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=xVtu/Q== md5=8t/i0xcrDEvURwPHlq+SQg==
date: Fri, 30 Apr 2021 00:45:39 GMT
content-encoding: gzip
x-api-version: F-X
age: 19563135
x-guploader-uploadid: ABg5-UzadwJJVco0UpaJTaU9yrgZMaUz_4aMwQT08kD2RC8WFP2U69rcjJ1SjFhy7-H0mWZMfVmtkBKnVkLIRUioNaU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2020-09-15 14:33:25 UTC
content-length: 1832
x-served-by: cache-hhn4039-HHN
last-modified: Tue, 15 Sep 2020 12:11:32 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619743540.588104,VS0,VE1
etag: "f2dfe2d3172b0c4bd44703c796af9242"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
x-goog-generation: 1600171892731484
expires: Wed, 15 Sep 2021 14:33:25 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 4669
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 30 Apr 2021 06:45:39 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-cache-hits: 26191

GET
H2 200 adslot-c6799a1fd4a8c46b31aa.js Show response
www.nytimes.com/vi-assets/static-assets/ 15 KB
6 KB 22ms
22ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-c6799a1fd4a8c46b31aa.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eab03af418946d398a1f3e70061688e066cc8833fdd6b13f5210875e68b54de5

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/adslot-c6799a1fd4a8c46b31aa.js
pragma: no-cache
cookie: nyt-a=b39LNm5_9gJ9fZt0vaFjAI; datadome=5EvgvlLR4SZKMBg_Tbxek7yys-SXyfKAsapC5nuOzlNaVKSJdAlaWfdlstSuMjtwDflRAbrOyfPgLHQu~s2-~3U0kYUFSzX7kjgX.6Xp25; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=BE
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=iUlPLw== md5=+52YKcDUTagPJgfrpTOoCA==
date: Fri, 30 Apr 2021 00:45:39 GMT
content-encoding: gzip
x-api-version: F-X
age: 288520
x-guploader-uploadid: ABg5-UytNRZHTCwyA6KU_NiBW-f_9qW0fAQGOuICoLUXOt0AjolX2LK1M7R09s7zuIEGbRkKVmNNxLDe0vjXIv91UXVJIYeYKA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-26 16:37:11 UTC
content-length: 5407
x-served-by: cache-hhn4039-HHN
last-modified: Mon, 26 Apr 2021 16:25:47 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619743540.611499,VS0,VE1
etag: "fb9d9829c0d44da80f2607eba533a808"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/adslot-c6799a1fd4a8c46b31aa.js
x-goog-generation: 1619454347004887
expires: Tue, 26 Apr 2022 16:36:58 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 14917
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 30 Apr 2021 06:45:39 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 14433

GET
H2 200 vendor-361a3a5156942fc91866.js Show response
www.nytimes.com/vi-assets/static-assets/ 269 KB
81 KB 22ms
22ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-361a3a5156942fc91866.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ae919d261439a9f4ed7492e65e205bce6e265b16a7044180632c43da8f9be2c7

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendor-361a3a5156942fc91866.js
pragma: no-cache
cookie: nyt-a=b39LNm5_9gJ9fZt0vaFjAI; datadome=5EvgvlLR4SZKMBg_Tbxek7yys-SXyfKAsapC5nuOzlNaVKSJdAlaWfdlstSuMjtwDflRAbrOyfPgLHQu~s2-~3U0kYUFSzX7kjgX.6Xp25; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=BE
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=MP5T3Q== md5=LQ+RE/AGsvQ+c1JdKdV0rw==
date: Fri, 30 Apr 2021 00:45:39 GMT
content-encoding: gzip
x-api-version: F-X
age: 108513
x-guploader-uploadid: ABg5-UyIiEcVYjXTOI07rehhynAXSiAERO0TOGBRIconiMOOyEf_7VxdkxqqNwcyaiyw_hDJTA4uuVhoAX2CSMKmtv8
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-28 18:37:17 UTC
content-length: 82393
x-served-by: cache-hhn4039-HHN
last-modified: Wed, 28 Apr 2021 18:28:34 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619743540.612950,VS0,VE0
etag: "2d0f9113f006b2f43e73525d29d574af"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendor-361a3a5156942fc91866.js
x-goog-generation: 1619634514425613
expires: Thu, 28 Apr 2022 18:37:07 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 275429
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 30 Apr 2021 06:45:39 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 6525

GET
H2 200 main-7b3ff51ca042be7808ca.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
319 KB 23ms
22ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-7b3ff51ca042be7808ca.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0ac05a28855ab8967ae4e179a05dcbd46a3e37158a32a93a7ae406f4efa71eb1

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/main-7b3ff51ca042be7808ca.js
pragma: no-cache
cookie: nyt-a=b39LNm5_9gJ9fZt0vaFjAI; datadome=5EvgvlLR4SZKMBg_Tbxek7yys-SXyfKAsapC5nuOzlNaVKSJdAlaWfdlstSuMjtwDflRAbrOyfPgLHQu~s2-~3U0kYUFSzX7kjgX.6Xp25; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=BE
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=WIQnqQ== md5=FkQ70Ms1cpz6RJLmB7nzew==
date: Fri, 30 Apr 2021 00:45:39 GMT
content-encoding: gzip
x-api-version: F-X
age: 209113
x-guploader-uploadid: ABg5-UySFg1KQjQq0DrevTGWvLNIHswTMioEKhq83_FnSmiwnvfvl0AWqrjIIOBhLOdhN6Ek7jNjkkOif1fhU0evPA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-27 14:40:26 UTC
content-length: 325589
x-served-by: cache-hhn4039-HHN
last-modified: Tue, 27 Apr 2021 14:34:31 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619743540.680338,VS0,VE1
etag: "16443bd0cb35729cfa4492e607b9f37b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/main-7b3ff51ca042be7808ca.js
x-goog-generation: 1619534071605893
expires: Wed, 27 Apr 2022 14:40:26 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1086977
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 30 Apr 2021 06:45:39 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 7

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 338 KB
80 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2315e7399432153dc2087635db94d844e2f4edabf668371dd5820a7dd3f9f785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:45:39 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81641
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 70ms
22ms Preflight 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-cab6cf9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-cab6cf9
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 30 Apr 2021 00:45:39 GMT
age: 32
x-nyt-meridiem: AM
x-nyt-continent: EU
x-nyt-country: BE
x-nyt-region: VAN
x-nyt-audience-target-flat: EU:AM
x-samizdat-query-exe-id: 970591b64845827e
samizdat-x-instance: 033fa374
samizdat-x-canary: false
x-served-by: cache-hhn4068-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1619743540.726383,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 22ms
6ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:45:39 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 19:50:49 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ 0
0 122ms
100ms Ping
application/json 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
673 B 22ms
22ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-cab6cf9 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Fri, 30 Apr 2021 00:45:39 GMT
content-encoding: gzip
x-nyt-meridiem: AM
age: 52
x-cache: HIT
samizdat-x-instance: 56014cf9
x-samizdat-query-field-errors: 0
x-cache-hits: 2
x-samizdat-query-exe-id: a4c1c90aaa5229f5
content-length: 123
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: VAN
server: samizdat-graphql-cab6cf9
x-timer: S1619743540.749452,VS0,VE0
x-nyt-continent: EU
x-served-by: cache-hhn4039-HHN
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: BE
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 146 KB
44 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb22c2388b634085e3894ec6ea83cb5299bafd835c24956d0972b7637db1cca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:34:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 21:26:22 GMT
server: sffe
age: 668
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44367
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:24:31 GMT

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 68ms
21ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Fri, 30 Apr 2021 00:45:39 GMT
via: 1.1 varnish
content-type: font/woff2
age: 13840417
x-guploader-uploadid: ABg5-Uz9nK6_2w5K-0GerMzlnNTbgOC1LOM1ZTMIt8N3zRK0mAlX9ToqD61L94PzercVqaEUUbUnKL9TZPwavvCOYrA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Sat, 20 Nov 2021 20:12:03 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1619743540.738251,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921495212
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2685

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 82ms
35ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Fri, 30 Apr 2021 00:45:39 GMT
via: 1.1 varnish
content-type: font/woff2
age: 1814504
x-guploader-uploadid: ABg5-UxKDR_MAZOVmp53NfxPXS0Fmfbdp0jJxprIMOLgQDgpmuiL9tecqvch9sXgvAexjw82y-IBTkV9gno1ayULpyg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4025-HHN
accept-ranges: bytes
expires: Sat, 09 Apr 2022 00:43:56 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1619743540.738451,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513200253
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2685

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 20 KB
6 KB 20ms
6ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e38cee6f27ca78fbc78c1652257f91aad7d5b09179950e02fbcd33f3ee7d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 03:22:53 GMT
server: sffe
age: 2022
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6175
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:01:57 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 3050 25 KB
8 KB 77ms
69ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=449928

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8270f889508502702e313a3e4a68233ce02ff49740507cf1c98599724845e2c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hHLUopQy2NCssVN+aBCGbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-hHLUopQy2NCssVN+aBCGbQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=449928
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 Apr 2021 00:45:39 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-hHLUopQy2NCssVN+aBCGbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-hHLUopQy2NCssVN+aBCGbQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=214=PpDM3e-VOit7Gg0DzyM38TcFhL-AumzS6ibpwhpq3knyhmWjm3ITA2GUg5kThMoGASF9ax-2xvEMebVwi_Oe4RwBrVRmqHIgCUuH6wWAxCWCpFbr0GhsFSMl5DJTxxWuSezES7Y9gW9SelzvydaRRGUNPZRu0YFRFDLJMqp2_j4; expires=Sat, 30-Oct-2021 00:45:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 15ms
7ms Other
image/svg+xml 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:19:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 1554
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:09:45 GMT

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 138ms
113ms Fetch
text/html 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7b3ff51ca042be7808ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: cebb072b7f01db7020ecb16f5a36b4b2
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Fri, 30 Apr 2021 00:45:40 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 994 B
1 KB 715ms
691ms XHR
application/json 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F&jkcb=1619743539952
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-7b3ff51ca042be7808ca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: fde844e4b22c4c10308bb9cdddb30ddaf6e6124d790a6d99064f919bb8d160cd

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: a9426c3fafcc689bd8d26c13f2c6f7f1
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 518
expires: Fri, 30 Apr 2021 00:45:40 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 117ms
117ms Ping
application/json 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
dd.nytimes.com/ 223 KB
34 KB 41ms
13ms Script
text/javascript 2600:9000:20e8:8000:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8000:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

5838aab3ebf87569d34a0305721a8da6b0719d7564a60e046c1358e30c4f97e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "37bdc-5c118be96f24d-gzip"
age: 2602
x-cache: Hit from cloudfront
content-length: 34080
access-control-allow-origin: *
last-modified: Thu, 29 Apr 2021 09:01:44 GMT
server: Apache
date: Fri, 30 Apr 2021 00:02:58 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 b88825ad151091557d336c3519215162.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
x-amz-cf-id: mgPpjGjlMAa87cbnNEEhsf02pBSlHYJNkpG6WHYHQlW-QnAoPxA-iQ==
expires: Fri, 30 Apr 2021 01:02:18 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
100ms Ping
application/json 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-29 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
55 B 35ms
34ms Fetch
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 siteIndexContent-c85d2ec43291262abe5f.js Show response
www.nytimes.com/vi-assets/static-assets/ 14 KB
6 KB 22ms
22ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/siteIndexContent-c85d2ec43291262abe5f.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0af3410caa0b8ae6596ddad7f219343fee290019348e6c545789c9dd790dcd1a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/siteIndexContent-c85d2ec43291262abe5f.js
pragma: no-cache
cookie: nyt-a=b39LNm5_9gJ9fZt0vaFjAI; datadome=5EvgvlLR4SZKMBg_Tbxek7yys-SXyfKAsapC5nuOzlNaVKSJdAlaWfdlstSuMjtwDflRAbrOyfPgLHQu~s2-~3U0kYUFSzX7kjgX.6Xp25; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=BE; purr-cache=<K0<r<C_<G_<S0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2020/03/12/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2020/03/12/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=+CcAwQ== md5=+ruXCidYcz9QOMyx1Tbu0w==
date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: gzip
x-api-version: F-X
age: 811232
x-guploader-uploadid: ABg5-Uz8sDfcSjUhdhC8cBThAnE6DSkX28ktyCN-yqdFJwuQRb3wZOtNIzBATZ143O4TKrmJ1Tmlbq3H4MXva7T7zXTg9plm5g
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-20 15:25:08 UTC
content-length: 4698
x-served-by: cache-hhn4039-HHN
last-modified: Tue, 20 Apr 2021 15:20:10 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1619743540.181249,VS0,VE1
etag: "fabb970a2758733f5038ccb1d536eed3"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/siteIndexContent-c85d2ec43291262abe5f.js
x-goog-generation: 1618932010213317
expires: Wed, 20 Apr 2022 15:25:08 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 14284
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Fri, 30 Apr 2021 06:45:40 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 19006

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ Frame 3050 20 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=449928

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e38cee6f27ca78fbc78c1652257f91aad7d5b09179950e02fbcd33f3ee7d1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 03:22:53 GMT
server: sffe
age: 2023
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6175
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:01:57 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6B-... Frame 3050 143 KB
51 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6B-yNTC-X8pSoVfA9qbyTsko5jJg/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=449928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15eba5734b999985ea15768d67af275f9510dd0e244989b4951b31c2f0865258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 13:53:29 GMT
server: sffe
age: 17783
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51888
x-xss-protection: 0
expires: Fri, 29 Apr 2022 19:49:17 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 8 KB
2 KB 32ms
18ms XHR
application/json 2a02:26f0:6c00:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=www.nytimes.com&t=5399145&v=1.720.0&sl=0&si=d297e9b7-c9e8-4b98-9712-1a47e2619c29-qscq43&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b0a6b0977cfe36e3670d7a308e980f05a4c546546e5931387b8d5b5a68168625

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 00:45:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1906

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 3050 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=449928

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 398522
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 210 B
542 B 98ms
71ms XHR
application/json 2600:9000:20e8:8000:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8000:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: ee195053feb9b56670ecc40c4b5a45b970902c4c541647a804fa0cfb51bf94af

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 00:45:40 GMT
via: 1.1 1d9f9231888e03b204a8691cc95e7c61.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: TXL52-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 210
x-amz-cf-id: A1CA6BaFFnOcjXLq7amxW5PUd8-F2O0T9whu8yAjTinnopJfKdl6rg==
expires: 0

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FktQl1qJR1Q.L... Frame 3050 36 KB
13 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/am=AkA/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6B-yNTC-X8pSoVfA9qbyTsko5jJg/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07acb30cc57ee98cf5ba8a41422e5d8b0c4dfbd750f2f85b7abd6dec8f6ca6c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:53:13 GMT
server: sffe
age: 17783
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13434
x-xss-protection: 0
expires: Fri, 29 Apr 2022 19:49:17 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FktQl1qJR1Q.L... Frame 3050 96 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FktQl1qJR1Q.L.B1.O/am=AkA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7poLpwVeUleWxzZAkA4aWc6jIfoA/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7888ef55d432c3e8e7df5bb4085426320171f9ef347f1a21cb70910ae0f9835c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:53:13 GMT
server: sffe
age: 17783
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Fri, 29 Apr 2022 19:49:17 GMT

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 3050 236 B
224 B 39ms
39ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=2049408055155689481&bl=boq_subscribewithgoogleclientserver_20210428.09_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=9941&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

542387643b5f91351c74cc94ea34f3e6e5b4ecea4d492f8d939571bc7eb7ba3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FktQl1qJR1Q.L... Frame 3050 46 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FktQl1qJR1Q.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7poLpwVeUleWxzZAkA4aWc6jIfoA/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ab7ab6f78c9f980c5a56499cef9cfadf7e26d0c9fc07389d3ff95f4dd840a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:53:13 GMT
server: sffe
age: 17782
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17649
x-xss-protection: 0
expires: Fri, 29 Apr 2022 19:49:18 GMT

GET
H3-29 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FktQl1qJR1Q.L... Frame 3050 236 B
183 B 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FktQl1qJR1Q.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7poLpwVeUleWxzZAkA4aWc6jIfoA/m=lwddkf

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:53:13 GMT
server: sffe
age: 17782
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Fri, 29 Apr 2022 19:49:18 GMT

GET
H3-29 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FktQl1qJR1Q.L... Frame 3050 796 B
467 B 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.hEoATfwA9ZE.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.FktQl1qJR1Q.L.B1.O/am=AkA/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,lwddkf,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI7poLpwVeUleWxzZAkA4aWc6jIfoA/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

814fe533bd6bc38507bfb18351c4c1aabb345084c8b839aeaafdf326c387d5ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:53:13 GMT
server: sffe
age: 17782
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 444
x-xss-protection: 0
expires: Fri, 29 Apr 2022 19:49:18 GMT

POST
H2 204 /
6852bd04.akstat.io/ 0
202 B 18ms
16ms Ping
image/gif 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://6852bd04.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 00:45:40 GMT
content-type: image/gif
access-control-allow-origin: https://www.nytimes.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Fri, 30 Apr 2021 00:45:40 GMT

POST
H2 200 log Show response
play.google.com/ Frame 3050 131 B
638 B 62ms
40ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 30 Apr 2021 00:45:40 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame 3050 131 B
154 B 57ms
44ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 30 Apr 2021 00:45:40 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 57ms
39ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 30 Apr 2021 00:45:40 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 00:45:40 GMT
cache-control: private

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 55ms
38ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 30 Apr 2021 00:45:40 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 00:45:40 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 3050 131 B
154 B 53ms
40ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 30 Apr 2021 00:45:40 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame 3050 131 B
154 B 54ms
40ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 30 Apr 2021 00:45:40 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 52ms
38ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 30 Apr 2021 00:45:40 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 00:45:40 GMT
cache-control: private

GET
H/1.1

200
OK

results.txt Show response
yk57wpqccbv3qyelkm2a-p6qii7-c536d79ca-clientnsv4-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p6qii7zd6
https://yk57wpqccbv3qyelkm2a-p6qii7-c536d79ca-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

117ms
22ms

XHR
text/plain

2.16.107.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://yk57wpqccbv3qyelkm2a-p6qii7-c536d79ca-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.152 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-152.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 00:45:40 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://yk57wpqccbv3qyelkm2a-p6qii7-c536d79ca-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Fri, 30 Apr 2021 00:45:40 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqce3ygyaaaabqiwuzu-p6qii7-18ade1ca6-clienttons-s.akamaihd.net/eum/
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p6qii7zd6
https://fiaqj6absjkbikqce3ygyaaaabqiwuzu-p6qii7-18ade1ca6-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

61ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqce3ygyaaaabqiwuzu-p6qii7-18ade1ca6-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Apr 2021 00:45:40 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqce3ygyaaaabqiwuzu-p6qii7-18ade1ca6-clienttons-s.akamaihd.net/eum/results.txt
Date: Fri, 30 Apr 2021 00:45:40 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4545
date: Thu, 29 Apr 2021 23:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 30 Apr 2021 01:29:55 GMT

GET
H3-29

200

activityi;dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI... Show response
5290727.fls.doubleclick.net/ Frame 830F
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFj...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6...

694 B
493 B

65ms
34ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

c2eb8d8bb5cded8cdf39952ae4b5c8e8420bd50f29e99456d6abadef09335725

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Apr 2021 00:45:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 468
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Apr-2021 01:00:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Apr 2021 00:45:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 118ms
42ms Script
application/x-javascript 2600:9000:20c8:e400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:e400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 16:24:50 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 30050
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: s0SDOdGifYLDlg7q-2y4trDnGwXk-HNq8_EY3i_bfbsURlUVPYEWxw==
expires: Fri, 30 Apr 2021 16:24:50 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
514 B 25ms
23ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: gzip
content-type: application/javascript
age: 84951
x-guploader-uploadid: ABg5-UwpP2QQiRZ4mhzZ1WDzSXZgXi33g7tLM6ErmPRjeL-mN82b9L8HaVdknnICFnQ4d5J0zL1aHvXKtqaKr_nu5ukiITF2yA
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4039-HHN
accept-ranges: bytes
expires: Fri, 29 Jan 2021 01:07:11 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1619743541.716267,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 2633

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
107ms Ping
application/json 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
2 KB 38ms
13ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4906740d9458419140aba8a6fc1d404cf0df4d6000f624bfa9c92ad7cd978569

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 51
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YEWSHTA97YTGRZZE
x-amz-id-2: Y6W/KqZuHLHPUtc0jiK507iA9DPdemHFkggnDkf33Qk63CEC/Gv5vYGUBEwa5IXgeVT8Ku2FAGo=
last-modified: Wed, 28 Apr 2021 21:20:20 GMT
server: cloudflare
etag: W/"2acc501f55580701e69c1720dcd4c1de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HugK6gaDC8k%2Fx5dgoftexiyO0hKEaijAeLhxijKwMKK0fTxqy9Gnmp68cFKhOY8TOCnQmo8d6jOXb%2BCPhLP93T27TfKnrilONr3IC8%2F9rhTKkw5hd%2FJ7bnpg49ogUQjL%2FkIr"}]}
content-type: application/javascript
cache-control: max-age=1800
cf-request-id: 09c1d61dfe00003244b4b61000000001
cf-ray: 647cbfa99bbe3244-FRA

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 116ms
36ms Image
image/gif 52.213.189.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=2115579946
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.189.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-189-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 00:45:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=306787002&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F&dr=&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1274887970&gjid=56503222&cid=142315879.1619743541&tid=UA-58630905-2&_gid=1187294942.1619743541&_r=1&gtm=2wg4l3P528B3&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F&cd2=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F&cd3=&cd9=9&cd10=null&cd13=null&cd14=null&cd15=earned&cd16=referring_links&cd21=NotFound&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd37=0&cd42=nyt-vi&cd48=null&cd49=blurb_under_100&cd51=nyt-vi&cd52=&cd54=null&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd63=b39LNm5_9gJ9fZt0vaFjAI&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=b39LNm5_9gJ9fZt0vaFjAI&z=1977361670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 00:45:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sdk-prod-f7de2bd957ce898c2a7d.js Show response
platform.iteratehq.com/ 870 KB
236 KB 43ms
34ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-f7de2bd957ce898c2a7d.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2278434d5ab1751fd432468adfd1b6587ab3bd888715b3520257c77b153e14e8

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 98626
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YEWSMC2E9Q7TCRVM
x-amz-id-2: SHKlc2jY+gBvr0Se7enNzXESuGEU+QImWuYqon++bR1cyqMGtAQwLbawWmJI84SpGPSJL3pzFCk=
last-modified: Wed, 28 Apr 2021 21:20:14 GMT
server: cloudflare
etag: W/"d480de136f3dda36c9d5898663f49964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NRulNWGcJPiTSY2QsCYe255ziLvEeKS%2Ft1gFQSlK6jwYliQ9FdUj1xrFyiUuhzG9SUhTzWhgI99FnYmfkIQEsanI0Oh5goAnMOO335BdD%2BTHCSiIvkdG8RA%2FOVVBlD1uPi3y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-request-id: 09c1d61e1e00004e8b429f7000000001
cf-ray: 647cbfa9cec04e8b-FRA

GET
H3-29 200 style-49e408b8c1e44beafa1b.css
platform.iteratehq.com/ 145 KB
12 KB 23ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-49e408b8c1e44beafa1b.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:45:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3296837
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: FS8Y3QFKEWCAR432
x-amz-id-2: zuPrV/sxaKvRGft7FRGAaA+c7tjWDeGnX7Sc8f7EcyMAXbebjwfQDXjINrquIBhcIpb6Ah6Yd1o=
last-modified: Wed, 10 Mar 2021 16:57:40 GMT
server: cloudflare
etag: W/"03c7fa2d3d6a28098dd43eb9b903eced"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ilUgyuuqLdMdOcpPU5NRurK2qjvfHc7x5LEWTbPMROCI%2FFaysSf9PoTs9PwzEytcYT6IUCMOWZzHs3T%2Bk7qV4tp5%2Fw4%2F8hEvpEvWsyzVOBmEEKwRBF0G8OKIQVv1tI%2FIAiXT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-request-id: 09c1d61e1f00004e8b6a922000000001
cf-ray: 647cbfa9cec24e8b-FRA

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
169 B 314ms
102ms Image
image/gif 52.4.50.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2020%2F03%2F12%2F&u=CdpGCnC2qDYjC510ew&d=nytimes.com&g=16698&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=986&t=BQsW4NDiCRgB9dCqrCuIaqfqFTYf&V=126&i=Not%20Found%20-%20The%20New%20York%20Times&tz=-120&_acct=anon&sn=1&sv=mQKEFBMwB592pHBtucL2rDlzNaB&sd=1&im=06070403&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.50.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-50-244.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 00:45:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H3-29 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 133ms
124ms Fetch
application/json 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-f7de2bd957ce898c2a7d.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee47df8a04057dc142a43ade2079a0dc7f40447919ca0e944025783e8e0bf47e

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Fri, 30 Apr 2021 00:45:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eZh5Nul%2FU88dgv2SOd24S81s7lOQnhlFYfY1NElmL%2BAL4N2ttzNWbR1pDQcTMD29DPyzIFmsKk7SrW%2BsjQhsPIdDhy1ni5XSBJNw82kCx9ymvbCQO4eNAKo1"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 647cbfabea744e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c1d61f7200004e92fbbc7000000001

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 154ms
123ms Preflight 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 30 Apr 2021 00:45:41 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
cf-request-id: 09c1d61eee0000dfd326a7c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XHopsYDFnyOX1YJhyB%2BGJLH7Of1ezpVJPutYkxoPv%2FUthGId4%2FcznlxZmF4MBJ7q692Jc0fVrLU6UhJXzN1Xm2u2oP%2BK98GkeLkJAw7fFdgHNH15vjAns53r"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 647cbfab1df8dfd3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;... Show response
adservice.google.com/ddm/fls/i/ Frame 6EA3 693 B
941 B 50ms
30ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96e359993c053a69a30d0dbbbce5cfb982a6e6607f5c87c89065aeb062d59ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5290727.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=214=PpDM3e-VOit7Gg0DzyM38TcFhL-AumzS6ibpwhpq3knyhmWjm3ITA2GUg5kThMoGASF9ax-2xvEMebVwi_Oe4RwBrVRmqHIgCUuH6wWAxCWCpFbr0GhsFSMl5DJTxxWuSezES7Y9gW9SelzvydaRRGUNPZRu0YFRFDLJMqp2_j4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5290727.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Apr 2021 00:45:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 468
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;... Show response
adservice.google.de/ddm/fls/i/ Frame 0195 194 B
877 B 38ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CIPOgPPepPACFQrmuwgdwiwJzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9443841903515;gtm=2wg4l3;auiddc=536400200.1619743541;u4=;u5=undefined;u6=undefined;u7=b39LNm5_9gJ9fZt0vaFjAI;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Apr 2021 00:45:41 GMT
expires: Fri, 30 Apr 2021 00:45:41 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
100ms Ping
application/json 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 100ms
100ms Ping
application/json 2a00:1450:4001:808::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 22:19:14	Name: NID Value: 214=PpDM3e-VOit7Gg0DzyM38TcFhL-AumzS6ibpwhpq3knyhmWjm3ITA2GUg5kThMoGASF9ax-2xvEMebVwi_Oe4RwBrVRmqHIgCUuH6wWAxCWCpFbr0GhsFSMl5DJTxxWuSezES7Y9gW9SelzvydaRRGUNPZRu0YFRFDLJMqp2_j4
.nytimes.com/	1970-01-19 18:05:48	Name: RT Value: "z=1&dm=nytimes.com&si=180019ad-2670-4de1-9249-57c29dfc8681&ss=ko3lhdp6&sl=1&tt=ri&bcn=%2F%2F6852bd04.akstat.io%2F&ld=rq"
.nytimes.com/	1970-01-19 17:56:05	Name: nyt-geo Value: BE
.nytimes.com/	1970-01-19 17:56:05	Name: nyt-us Value: 0
.nytimes.com/	1970-01-19 17:56:05	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 02:41:19	Name: datadome Value: 5EvgvlLR4SZKMBg_Tbxek7yys-SXyfKAsapC5nuOzlNaVKSJdAlaWfdlstSuMjtwDflRAbrOyfPgLHQu~s2-~3U0kYUFSzX7kjgX.6Xp25
.nytimes.com/	1970-01-20 02:41:19	Name: nyt-purr Value: cfhspnahhud
.nytimes.com/	1970-01-20 03:25:13	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-20 02:41:19	Name: nyt-a Value: b39LNm5_9gJ9fZt0vaFjAI

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 38) Message: Subscriptions Runtime: 0.1.22.161
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-7b3ff51ca042be7808ca.js(Line 33) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 38) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 38) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-7b3ff51ca042be7808ca.js(Line 51) Message: Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
6852bd04.akstat.io
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
c.go-mpulse.net
dd.nytimes.com
fiaqj6absjkbikqce3ygyaaaabqiwuzu-p6qii7-18ade1ca6-clienttons-s.akamaihd.net
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
news.google.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
static.chartbeat.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
yk57wpqccbv3qyelkm2a-p6qii7-c536d79ca-clientnsv4-s.akamaihd.net
142.250.185.198
151.101.113.164
2.16.107.152
2.16.107.184
2600:9000:20c8:e400:18:1fcd:34e:d2a1
2600:9000:20e8:8000:a:a8c5:a040:93a1
2606:4700:3032::ac43:c7c7
2a00:1450:4001:801::2003
2a00:1450:4001:808::2013
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a02:26f0:6c00:1b8::11a6
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba19
52.213.189.245
52.4.50.244
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
07acb30cc57ee98cf5ba8a41422e5d8b0c4dfbd750f2f85b7abd6dec8f6ca6c7
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ab7ab6f78c9f980c5a56499cef9cfadf7e26d0c9fc07389d3ff95f4dd840a93
0ac05a28855ab8967ae4e179a05dcbd46a3e37158a32a93a7ae406f4efa71eb1
0af3410caa0b8ae6596ddad7f219343fee290019348e6c545789c9dd790dcd1a
0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
15eba5734b999985ea15768d67af275f9510dd0e244989b4951b31c2f0865258
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
2278434d5ab1751fd432468adfd1b6587ab3bd888715b3520257c77b153e14e8
2315e7399432153dc2087635db94d844e2f4edabf668371dd5820a7dd3f9f785
2b96878214ff7ad0ffc64af2873e93f7aea1ad990483fbfb6d1414990a1c23f9
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4906740d9458419140aba8a6fc1d404cf0df4d6000f624bfa9c92ad7cd978569
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
542387643b5f91351c74cc94ea34f3e6e5b4ecea4d492f8d939571bc7eb7ba3b
5838aab3ebf87569d34a0305721a8da6b0719d7564a60e046c1358e30c4f97e6
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
7888ef55d432c3e8e7df5bb4085426320171f9ef347f1a21cb70910ae0f9835c
814fe533bd6bc38507bfb18351c4c1aabb345084c8b839aeaafdf326c387d5ff
8270f889508502702e313a3e4a68233ce02ff49740507cf1c98599724845e2c7
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
96e359993c053a69a30d0dbbbce5cfb982a6e6607f5c87c89065aeb062d59ce3
ae919d261439a9f4ed7492e65e205bce6e265b16a7044180632c43da8f9be2c7
b0a6b0977cfe36e3670d7a308e980f05a4c546546e5931387b8d5b5a68168625
bb22c2388b634085e3894ec6ea83cb5299bafd835c24956d0972b7637db1cca6
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c2e38cee6f27ca78fbc78c1652257f91aad7d5b09179950e02fbcd33f3ee7d1f
c2eb8d8bb5cded8cdf39952ae4b5c8e8420bd50f29e99456d6abadef09335725
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab03af418946d398a1f3e70061688e066cc8833fdd6b13f5210875e68b54de5
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ee195053feb9b56670ecc40c4b5a45b970902c4c541647a804fa0cfb51bf94af
ee47df8a04057dc142a43ade2079a0dc7f40447919ca0e944025783e8e0bf47e
fde844e4b22c4c10308bb9cdddb30ddaf6e6124d790a6d99064f919bb8d160cd

www.nytimes.com Open in urlscan Pro 151.101.113.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

71 %IPv6

15 Domains

29 Subdomains

19 IPs

3 Countries

1151 kBTransfer

3985 kBSize

9 Cookies

19 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

29
Subdomains

19
IPs

3
Countries

1151 kB
Transfer

3985 kB
Size

9
Cookies

62 HTTP transactions
0 data transactions