www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Submission: On March 12 via api (March 12th 2021, 4:51:19 pm UTC) from US

Summary HTTP 61 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 12 domains to perform 61 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:827::2013	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:1600:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:a200:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1	52.50.124.20 52.50.124.20	16509 (AMAZON-02) (AMAZON-02)
1	54.83.119.165 54.83.119.165	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3037::6815:24db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	18

13 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:1600:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:a200:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.124.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-124-20.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.119.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-119-165.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:24db (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	nytimes.com www.nytimes.com samizdat-graphql.nytimes.com a.et.nytimes.com dd.nytimes.com purr.nytimes.com a.nytimes.com	728 KB
15	google.com news.google.com play.google.com adservice.google.com	67 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	136 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	249 KB
4	nyt.com g1.nyt.com a1.nyt.com	52 KB
2	doubleclick.net 1 redirects 5290727.fls.doubleclick.net	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	google.de adservice.google.de	877 B
1	chartbeat.net pnytimes.chartbeat.net	169 B
1	adsrvr.org insight.adsrvr.org	261 B
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	79 KB
61	12

	Domain	Requested by
10	www.nytimes.com	www.nytimes.com
7	play.google.com	www.gstatic.com
7	news.google.com	www.nytimes.com news.google.com www.gstatic.com
6	www.gstatic.com	news.google.com www.gstatic.com
6	a.et.nytimes.com	www.nytimes.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	g1.nyt.com	www.nytimes.com g1.nyt.com
2	iteratehq.com	platform.iteratehq.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
2	samizdat-graphql.nytimes.com	www.nytimes.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	5290727.fls.doubleclick.net
1	pnytimes.chartbeat.net	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
61	22

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
cn.nytimes.com
cooking.nytimes.com
timesmachine.nytimes.com
store.nytimes.com
nytlicensing.com
help.nytimes.com
eedition.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
a.et.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-18` - `2022-11-16`	2 years	crt.sh
*.news.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Frame ID: 5B9A15155E10DD56943869B936A5239C
Requests: 39 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448768
Frame ID: 9D75B9B15276B88F2C8B15473A76C66F
Requests: 14 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
Frame ID: 35CCFFF2B837C42A12903F20AD748009
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
Frame ID: 35A77DA35DA7370F50B90FF40773D4A8
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
Frame ID: EEE21E1C62E51DD266E122AEE9EDA04F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i

Fastly (CDN) Expand

Overall confidence: 100%
Detected patterns

headers vary /Fastly-SSL/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

61
Requests

100 %
HTTPS

72 %
IPv6

12
Domains

22
Subdomains

18
IPs

3
Countries

1346 kB
Transfer

4658 kB
Size

20
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log in

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文网

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Recipes

Search URL Search Domain Scan URL

URL: https://timesmachine.nytimes.com/browser
Title: TimesMachine

Search URL Search Domain Scan URL

URL: https://store.nytimes.com/
Title: NYT Store

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/seg
Title: Manage My Account

Search URL Search Domain Scan URL

URL: https://nytlicensing.com/
Title: NYTLicensing

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/sections/115003859548-Apps
Title: Mobile Applications

Search URL Search Domain Scan URL

URL: http://eedition.nytimes.com/cgi-bin/signup.cgi?cc=37FYY
Title: Replica Edition

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2021 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request how-to-workfrom-home-if-youve-never-done-it-before.html Show response
www.nytimes.com/2020/03/12/smarter-living/ 79 KB
26 KB 1062ms
1015ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e5e8f34315ba4c5fdc9bbe1dca3de9b81f2d3d45e4858763bfb04a5fc5adc39f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Fri, 12 Mar 2021 16:51:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=10,no-store
x-nyt-route: vi-story
x-datadome-timer: S1615567859.298852,VS0,VE16
x-origin-time: 2021-03-12 16:51:00 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Fri, 12 Mar 2021 16:51:00 GMT
age: 0
x-served-by: cache-lga21945-LGA, cache-hhn4040-HHN
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1615567859.298852,VS0,VE987
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=U9YcCCv9sC9uHJy4_ECbOl; Expires=Sat, 12 Mar 2022 16:51:00 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure datadome=At2HjZneMlbWqtFkui6Yhy58x06dLo1RPRUeaOpNNXIfRN6z3DMr26UqMyFVRPMnOtAW5UqWGwBqiFn1b9NZf3ENTcOIgxrSMhx8jUym3s; Max-Age=31536000; Domain=.nytimes.com; Path=/; Secure; SameSite=Lax nyt-gdpr=1; Expires=Fri, 12 Mar 2021 22:51:00 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhud; Expires=Sat, 12 Mar 2022 16:51:00 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure nyt-us=0; Expires=Fri, 12 Mar 2021 22:51:00 GMT; Path=/; Domain=.nytimes.com nyt-geo=NL; Expires=Fri, 12 Mar 2021 22:51:00 GMT; Path=/; Domain=.nytimes.com
x-datadome: protected
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimes3xbfgragh.onion/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload
content-length: 25687

GET
H2 200 web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
g1.nyt.com/fonts/css/ 60 KB
11 KB 23ms
21ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg==
date: Fri, 12 Mar 2021 16:51:00 GMT
content-encoding: gzip
x-guploader-response-body-transformations: gunzipped
age: 1345455
x-guploader-uploadid: ABg5-UwreIjhBOZawxHwhZZ1Gu6zk7uPmTB9M5ISVQMMykCpM87UUC4M_9SW8FER9c0D_uFnRC7bLmB_5rxSOXPXHjW4ufVV6g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 10772
via: 1.1 varnish
x-served-by: cache-hhn4040-HHN
accept-ranges: bytes
expires: Fri, 25 Feb 2022 03:06:45 GMT
last-modified: Thu, 21 Jan 2021 20:59:32 GMT
server: UploadServer
x-timer: S1615567861.925581,VS0,VE0
etag: W/"b3e9eedd81b658bb38d40b91c6568d7a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611262772377885
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 9922
x-nyt-pagetype: web-font
content-type: text/css; charset=utf-8
warning: 214 UploadServer gunzipped
x-cache-hits: 23870

GET
H2 200 global-69acc7c8fb6a313ed7e8641e4a88bf30.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
3 KB 25ms
25ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=xVtu/Q==, md5=8t/i0xcrDEvURwPHlq+SQg==
date: Fri, 12 Mar 2021 16:51:00 GMT
content-encoding: gzip
x-api-version: F-X
age: 15387456
x-guploader-uploadid: ABg5-UzadwJJVco0UpaJTaU9yrgZMaUz_4aMwQT08kD2RC8WFP2U69rcjJ1SjFhy7-H0mWZMfVmtkBKnVkLIRUioNaU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2020-09-15 14:33:25 UTC
content-length: 1832
x-served-by: cache-hhn4040-HHN
last-modified: Tue, 15 Sep 2020 12:11:32 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1615567861.925590,VS0,VE1
etag: "f2dfe2d3172b0c4bd44703c796af9242"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
x-goog-generation: 1600171892731484
expires: Wed, 15 Sep 2021 14:33:25 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 4669
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-cache-hits: 24596

GET
H2 200 adslot-0143cf0ebd4a25e92fa3.js Show response
www.nytimes.com/vi-assets/static-assets/ 12 KB
5 KB 24ms
23ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-0143cf0ebd4a25e92fa3.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7e928abd48aac1c748e229c5fcfb0aac8f579e9244cd829dba6bab098e35c096

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=1fIT8g==, md5=yPwAIrV4hh+qAB6Qiw1vKQ==
date: Fri, 12 Mar 2021 16:51:00 GMT
content-encoding: gzip
x-api-version: F-X
age: 135924
x-guploader-uploadid: ABg5-UxXYQi1VixKKUsJo4FhEg2bSYTBxsgBpJzLcRpt7QKQr8ksmothLSx3KvudifM6al6LhPAOfRm-7-DAPgFi6bkqfbsGSQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-03-11 03:05:37 UTC
content-length: 4643
x-served-by: cache-hhn4040-HHN
last-modified: Thu, 11 Mar 2021 02:30:35 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1615567861.952681,VS0,VE1
etag: "c8fc0022b578861faa001e908b0d6f29"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/adslot-0143cf0ebd4a25e92fa3.js
x-goog-generation: 1615354345607344
expires: Fri, 11 Mar 2022 03:05:37 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 12586
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3884

GET
H2 200 vendor-17a9adf2356293d8e546.js Show response
www.nytimes.com/vi-assets/static-assets/ 264 KB
80 KB 24ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-17a9adf2356293d8e546.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

37a935193ed4464e5c839bff0d0595357be3ee051367180194f1aa2434df9459

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=yXFSsQ==, md5=BAbKqpTlpfUdUXCbD42/tg==
date: Fri, 12 Mar 2021 16:51:00 GMT
content-encoding: gzip
x-api-version: F-X
age: 259483
x-guploader-uploadid: ABg5-Uz5Z8EpD8MUkQdmxRhcm6EHHLqFgaRWm2Yd61PlykmfR651QS9W32bzM1IcLCAe6-cSjJL7pGJKJIhWHB53OJ8
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-03-09 16:46:17 UTC
content-length: 81190
x-served-by: cache-hhn4040-HHN
last-modified: Tue, 09 Mar 2021 16:33:12 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1615567861.952664,VS0,VE1
etag: "0406caaa94e5a5f51d51709b0f8dbfb6"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendor-17a9adf2356293d8e546.js
x-goog-generation: 1615307592004640
expires: Wed, 09 Mar 2022 16:46:17 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 270095
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 4820

GET
H2 200 story-a70e33c8c04799574556.js Show response
www.nytimes.com/vi-assets/static-assets/ 900 KB
241 KB 42ms
41ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-a70e33c8c04799574556.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

dc4702f9e56ede19bc5866b4c773535f9275e7facfc886d112e07c87075e15ec

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=urN0Dg==, md5=E3MP8unNSTFJuS9eKXTbZg==
date: Fri, 12 Mar 2021 16:51:01 GMT
content-encoding: gzip
x-api-version: F-X
age: 16763
x-guploader-uploadid: ABg5-UwNxfnWFKpcv2Nmm88w8a1I9Wq8yudOtMucbYzsLdabmIOn70CfBcPayZbUh9UN9Q5aV7TPeNBenHmvWvlsAyM
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-03-12 12:11:37 UTC
content-length: 246245
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 12 Mar 2021 11:58:28 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1615567861.023222,VS0,VE1
etag: "13730ff2e9cd493149b92f5e2974db66"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/story-a70e33c8c04799574556.js
x-goog-generation: 1615550308394891
expires: Sat, 12 Mar 2022 12:11:37 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 921811
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 33

GET
H2 200 main-656fb56e6517b8519df7.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
315 KB 41ms
41ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-656fb56e6517b8519df7.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

90d829eded6db5694e8fe409cb2c9de2ee17f49bd9e99e460f3a2f0bbce1d404

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=0QWrjg==, md5=TvizTXgGmMayLlP3BeiL2A==
date: Fri, 12 Mar 2021 16:51:01 GMT
content-encoding: gzip
x-api-version: F-X
age: 58301
x-guploader-uploadid: ABg5-UzDd5c-Yal3iS17DLadWOWa2vsQitwjpphaO8GhiI9c4whB_FlAx_BNnJGWQCU3Ga08uPnFMFIAH3rDlChlPpH6PRwpTQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-03-12 00:39:20 UTC
content-length: 321563
x-served-by: cache-hhn4040-HHN
last-modified: Fri, 12 Mar 2021 00:26:26 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1615567861.023175,VS0,VE1
etag: "4ef8b34d780698c6b22e53f705e88bd8"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/main-656fb56e6517b8519df7.js
x-goog-generation: 1615508786643454
expires: Sat, 12 Mar 2022 00:39:20 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1071608
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 42

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 333 KB
79 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd7f617da6dd29ccee840a824f56fb7e5da8090a1b96b12358235ca5d76236dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:51:01 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80244
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 61ms
21ms Preflight 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-1c80063 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-1c80063
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Fri, 12 Mar 2021 16:51:01 GMT
age: 59
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-region: NB
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 98ee72e4c55b89ad
samizdat-x-instance: 4c6d6e62
samizdat-x-canary: false
x-served-by: cache-ams21036-AMS
x-cache: HIT
x-cache-hits: 1
x-timer: S1615567861.043457,VS0,VE1
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 134ms
105ms Other
application/json 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
748 B 142ms
111ms XHR
application/json 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-1c80063 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Fri, 12 Mar 2021 16:51:01 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 0
x-cache: MISS
samizdat-x-instance: bfa78427
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 6444cb2d3729f197
content-length: 123
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: NB
server: samizdat-graphql-1c80063
x-timer: S1615567861.095913,VS0,VE95
x-nyt-continent: EU
x-served-by: cache-ams21063-AMS
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: NL
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 140 KB
42 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13d263fd0269ac173a661ee9268024573e531f9178b23020f1ad07c44ac47e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Mar 2021 20:54:34 GMT
server: sffe
age: 2913
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42315
x-xss-protection: 0
expires: Fri, 12 Mar 2021 16:52:28 GMT

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 69ms
21ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Fri, 12 Mar 2021 16:51:01 GMT
via: 1.1 varnish
age: 9664738
x-guploader-uploadid: ABg5-Uz9nK6_2w5K-0GerMzlnNTbgOC1LOM1ZTMIt8N3zRK0mAlX9ToqD61L94PzercVqaEUUbUnKL9TZPwavvCOYrA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4076-HHN
accept-ranges: bytes
expires: Sat, 20 Nov 2021 20:12:03 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1615567861.067721,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921495212
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 22345

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 81ms
34ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Fri, 12 Mar 2021 16:51:01 GMT
via: 1.1 varnish
age: 3159902
x-guploader-uploadid: ABg5-UyqZdn36CyMMqO_EYtsohIZVvW1myiL06R2gPdmK537uhIh7sznFOlp3yQxAca4AnWvg2zoSJNSipxFlwXBmQ1YZQoY9g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4076-HHN
accept-ranges: bytes
expires: Fri, 04 Feb 2022 03:05:58 GMT
last-modified: Thu, 21 Jan 2021 15:56:47 GMT
server: UploadServer
x-timer: S1615567861.067780,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1611244607599997
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
content-type: font/woff2
x-cache-hits: 22137

GET
H3-Q050 200 swg-button.css
news.google.com/swg/js/v1/ 19 KB
6 KB 29ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 1007
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5809
x-xss-protection: 0
expires: Fri, 12 Mar 2021 17:24:14 GMT

GET
H3-Q050 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 9D75 25 KB
9 KB 147ms
137ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=448768

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c549c04b600dfe116c8acd9d98a43d619f2252b56131278a011cf590940c71b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oGt8R2eTnDpuflUmUFu1EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-oGt8R2eTnDpuflUmUFu1EQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=448768
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 12 Mar 2021 16:51:01 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
cross-origin-resource-policy: same-site
content-security-policy: script-src 'report-sample' 'nonce-oGt8R2eTnDpuflUmUFu1EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-oGt8R2eTnDpuflUmUFu1EQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=211=b326m7aBcWzDzM5fV-qdfMItImeLUBnUYbvSb70VrvdqNOqDSQgmImgHAFh_Vgm93MWbtxgXi8QQLU2fnwAO6kiSTYvzoUfJCyE41fXh1IJPQcbr-eF_RugxU74SDtSxz6W6qy9W0d8QGQSU-MvQYHyXfUpzCiSM3DltWc-IxIg; expires=Sat, 11-Sep-2021 16:51:01 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 24ms
14ms Other
image/svg+xml 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 2554
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 12 Mar 2021 16:58:27 GMT

GET
H3-Q050 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
850 B 84ms
78ms Fetch
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
origin-trial: AmWWqEiPtRKXiIreUsgUyNMptDcKdmLPlGI32DPZjDKK+yBAUi7+FT3r/9RpkTnzHyXYUWiPfirCGMg3Ogzc7gMAAAB3eyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjE0MTI0Nzk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~home~liveblog~paidpost~slideshow~story~video-8a1991c535ecaf75c97d.js Show response
www.nytimes.com/vi-assets/static-assets/ 72 KB
15 KB 23ms
22ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~home~liveblog~paidpost~slideshow~story~video-8a1991c535ecaf75c97d.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5c0c1afd147ffe8835cfa9a0cf7a7c146302ce4b0700e15ab4187163a67e53b6

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=zyMFAQ==, md5=lCzGcXcI7NmR+8w963V0Ew==
date: Fri, 12 Mar 2021 16:51:01 GMT
content-encoding: gzip
x-api-version: F-X
age: 846509
x-guploader-uploadid: ABg5-UyUjfBbtaq94pW2pHj4nPa99gLDJmFin0LVAsVBmwdMgSMd2UWybci0Jx3cdCNbkTXbHLeVm7lMZyRdQL2l__0
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-03-02 21:42:33 UTC
content-length: 14053
x-served-by: cache-hhn4040-HHN
last-modified: Tue, 02 Mar 2021 21:40:03 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1615567861.231118,VS0,VE1
etag: "942cc6717708ecd991fbcc3deb757413"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~home~liveblog~paidpost~slideshow~story~video-8a1991c535ecaf75c97d.js
x-goog-generation: 1614721203224169
expires: Wed, 02 Mar 2022 21:42:32 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 73527
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 31723

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~trending~video-999e91426834e338891b.js Show response
www.nytimes.com/vi-assets/static-assets/ 19 KB
5 KB 22ms
21ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~trending~video-999e91426834e338891b.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f6029ccf83e91f4303ac4d7e7dadd78bca4c2856b0b6cec6310e60260c25cdb9

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=TY3uhA==, md5=P34wT+msF2c04AQKHBptyg==
date: Fri, 12 Mar 2021 16:51:01 GMT
content-encoding: gzip
x-api-version: F-X
age: 744866
x-guploader-uploadid: ABg5-UyBYafYZbqnWfkm2V3uWOhTIAz1RccoihDBD_iTvnMag5NhSm-ac5i2p1BWLp0lACtRfZXwO9L5uL8j9ZJ3k0UtbguoNA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-03-04 01:56:35 UTC
content-length: 4614
x-served-by: cache-hhn4040-HHN
last-modified: Thu, 04 Mar 2021 00:15:39 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1615567861.231334,VS0,VE0
etag: "3f7e304fe9ac176734e0040a1c1a6dca"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~trending~video-999e91426834e338891b.js
x-goog-generation: 1614816939118525
expires: Fri, 04 Mar 2022 01:56:35 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 19379
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 31449

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~video-1d8b4b2aa246eec62453.js Show response
www.nytimes.com/vi-assets/static-assets/ 30 KB
7 KB 24ms
23ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~video-1d8b4b2aa246eec62453.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

dc718698dd2fb2c1b15db8ee38c8d0d9980b2236fed0c2db61d0a6d0ced19e3b

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=nJgxSw==, md5=l1uTtHq6Jv1miFhlfZvVVw==
date: Fri, 12 Mar 2021 16:51:01 GMT
content-encoding: gzip
x-api-version: F-X
age: 846510
x-guploader-uploadid: ABg5-Uzc1KraaUzp8lp5sbSQ_TbiN35Nv26aJMXNYbYYZ5iwh24mQdZB13H3-sD2TjxTS_9jGYOAQS7JZvp_9UAuJeifzbeAtw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-03-02 21:42:32 UTC
content-length: 6138
x-served-by: cache-hhn4040-HHN
last-modified: Tue, 02 Mar 2021 21:40:03 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1615567861.231342,VS0,VE1
etag: "975b93b47aba26fd668858657d9bd557"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~home~liveblog~paidpost~story~video-1d8b4b2aa246eec62453.js
x-goog-generation: 1614721203194549
expires: Wed, 02 Mar 2022 21:42:31 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 30814
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 31467

POST
H2 200 track
a.et.nytimes.com/ 0
0 125ms
125ms Other
application/json 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
dd.nytimes.com/ 137 KB
23 KB 27ms
6ms Script
text/javascript 2600:9000:206f:1600:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:1600:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ee5576bf20dd9564319f7a878379061f3ca9275b50467576475fea06e64b1b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:43:35 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 446
x-cache: Hit from cloudfront
content-length: 22602
access-control-allow-origin: *
last-modified: Mon, 01 Mar 2021 14:31:53 GMT
server: Apache
etag: "224d5-5bc7a7aafac8d-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 6ALeMWMX7oWNuAnkMrkPeP0O8Ut4i-2WxR5UMiSRSt2irCLg6lvEzg==
expires: Fri, 12 Mar 2021 17:43:35 GMT

GET
H3-Q050 200 swg-button.css
news.google.com/swg/js/v1/ Frame 9D75 19 KB
6 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448768

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 1007
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5809
x-xss-protection: 0
expires: Fri, 12 Mar 2021 17:24:14 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/am=AgI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ct=zgms/rs=A... Frame 9D75 143 KB
51 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/am=AgI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ct=zgms/rs=ABXTjI5Jwagu4b46cJkjLPrywX6iAsqcGQ/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

982e817f3031d42e21ae0fb17d0753f65967583bdec9eb737e285ea04bff48b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Mar 2021 23:18:45 GMT
server: sffe
age: 139550
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51614
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:05:11 GMT

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 145ms
121ms Fetch
text/html 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-656fb56e6517b8519df7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:51:02 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 1c2d326e04d3e9292800fa8ca2f1289e
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Fri, 12 Mar 2021 16:51:02 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 1 KB
1 KB 259ms
237ms XHR
application/json 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&jkcb=1615567861918
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-656fb56e6517b8519df7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 43127098293f5ea6db00a1ddef8ca5a8d5acac272d8003e7b794a694b7c8967e

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 7bc57b5d0bfe90b0ee0664cc0f704d6e
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 567
expires: Fri, 12 Mar 2021 16:51:02 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
105ms Other
application/json 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 siteIndexContent-a25f215952c142dc50e0.js Show response
www.nytimes.com/vi-assets/static-assets/ 14 KB
5 KB 25ms
25ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/siteIndexContent-a25f215952c142dc50e0.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

3993dbdae51a13038f34f2e505ac68a5ae8a261677d4e410ada45398b93a208a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

Referer: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v+ngDA==, md5=jIbrS5gQXwT0FGy7HStcrA==
date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: gzip
x-api-version: F-X
age: 175144
x-guploader-uploadid: ABg5-UxWQkonxnUbnLs9RhilqdqCPxUWn-td40HWnKQC0xhmXHbU4sHtPXsYI5nPsoS3JYtJKypQNf1uVOGRzH9-uXF-6XobGA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-03-10 16:11:58 UTC
content-length: 4698
x-served-by: cache-hhn4040-HHN
last-modified: Wed, 10 Mar 2021 16:09:58 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1615567862.098494,VS0,VE1
etag: "8c86eb4b98105f04f4146cbb1d2b5cac"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/siteIndexContent-a25f215952c142dc50e0.js
x-goog-generation: 1615392597934748
expires: Thu, 10 Mar 2022 16:11:58 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 14284
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2700

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 9D75 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=448768

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:26 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 76176
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:26 GMT

GET
H3-Q050 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.wOVEr89D3P0.L... Frame 9D75 36 KB
14 KB 54ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/am=AgI/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ct=zgms/rs=ABXTjI5Jwagu4b46cJkjLPrywX6iAsqcGQ/m=_b,_tp

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

849d7136b5b2565c31baa2334ee44d92decacdaffced86ab0b39f8d7f2a01104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 06 Mar 2021 05:54:24 GMT
server: sffe
age: 139536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13475
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:05:26 GMT

GET
H3-Q050 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.wOVEr89D3P0.L... Frame 9D75 97 KB
33 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.wOVEr89D3P0.L.B1.O/am=AgI/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI61fjeXZfqhsG_u8kOf5VoeId9yHA/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,NpD4ec,x60fie,gychg,rE6Mgd,ZfAoz,PQaYAf,lPKSwe,yDVVkb,iTsyac,KG2eXe,tfTN8c,DfBslb

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9c438ad069bc2a74ea9c0c046b2ee5a89f8a436bea60ac14a40dd64be2442f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 06 Mar 2021 05:54:24 GMT
server: sffe
age: 139535
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33588
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:05:27 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 210 B
542 B 30ms
16ms XHR
application/json 2600:9000:206f:1600:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1600:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: b52908f0478e0d13e813ff4373c82134a429280af5a8face6d410b6bec49aee5

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 16:51:02 GMT
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 210
x-amz-cf-id: d0yb1hEwIT_O8s215fvKHYL7x_2ZxqoJBfeWMg9LbSb1L5_toyFbOQ==
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2907
date: Fri, 12 Mar 2021 16:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 12 Mar 2021 18:02:35 GMT

GET
H3-Q050

200

activityi;dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbO... Show response
5290727.fls.doubleclick.net/ Frame 35CC
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_EC...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u...

839 B
1 KB

75ms
46ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

c766f28b0c481a7cce2f907374fa0c3d4732eb7d0acb051b86585dfbc2a1f5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 12 Mar 2021 16:51:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 517
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 12-Mar-2021 17:06:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 12 Mar 2021 16:51:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 36ms
10ms Script
application/x-javascript 2600:9000:2127:a200:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:a200:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 53b6415b1677dad175c81c0eb4a847adf92497ba0e17426ba719ea1da278a170

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:14:57 GMT
content-encoding: gzip
last-modified: Fri, 12 Mar 2021 02:13:48 GMT
server: nginx
age: 2165
etag: W/"604ace5c-8e8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 1IL9lkUq7aDNayomlYD_Tzk3hkq7JNFh9vwbJhKBGGLfCpkz5ErF8g==
expires: Fri, 12 Mar 2021 18:14:57 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
665 B 24ms
16ms Script
application/javascript 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: gzip
age: 48030
x-guploader-uploadid: ABg5-Uzxqh-w-C1IqNwXV4RKMpxSAWO11tF89bucQcTSaY16kefGGF2Wpe_M1q-ibQwJK6iMZ4KCTKC1D-r6p1oAw4o
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-ams21063-AMS
accept-ranges: bytes
expires: Fri, 05 Feb 2021 03:28:50 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1615567862.275117,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
content-type: application/javascript
x-cache-hits: 802

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
115ms Other
application/json 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 112ms
42ms Image
image/gif 52.50.124.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=95041449
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.124.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-124-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 16:51:02 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
387 B 43ms
14ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1414805593&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&dr=&ul=en-us&de=UTF-8&dt=Not%20Found%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=484108870&gjid=1028104171&cid=286889853.1615567862&tid=UA-58630905-2&_gid=1776819813.1615567862&_r=1&gtm=2wg330P528B3&cg1=null&cg2=null&cg3=null&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&cd3=&cd9=9&cd10=null&cd13=null&cd14=null&cd15=earned&cd16=referring_links&cd21=NotFound&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd37=0&cd42=nyt-vi&cd48=null&cd49=blurb_under_100&cd51=nyt-vi&cd52=&cd54=null&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd63=U9YcCCv9sC9uHJy4_ECbOl&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=U9YcCCv9sC9uHJy4_ECbOl&z=190942151

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 16:51:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 9D75 225 B
292 B 75ms
74ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=4385839877051761543&bl=boq_subscribewithgoogleclientserver_20210310.14_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=64263&rt=c

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b2db039c1ce69c2fc565a2e7bb0a5b3b9cd551447e586967b5290c04b8f11a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.wOVEr89D3P0.L... Frame 9D75 46 KB
17 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.wOVEr89D3P0.L.B1.O/am=AgI/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI61fjeXZfqhsG_u8kOf5VoeId9yHA/m=Wt6vjf,_latency,FCpbqb,WhJNk,EFQ78c,hKSk3e

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9918710a2bc5f004ebd7efa5b0dd87b2397c62de4f932fc8b9e94979bf3f6818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 06 Mar 2021 05:54:24 GMT
server: sffe
age: 138717
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17643
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:19:05 GMT

GET
H3-Q050 200 m=lwddkf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.wOVEr89D3P0.L... Frame 9D75 236 B
188 B 10ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.wOVEr89D3P0.L.B1.O/am=AgI/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI61fjeXZfqhsG_u8kOf5VoeId9yHA/m=lwddkf

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 06 Mar 2021 05:54:24 GMT
server: sffe
age: 138717
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:19:05 GMT

GET
H3-Q050 200 m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.wOVEr89D3P0.L... Frame 9D75 796 B
472 B 9ms
8ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.p9QDx3gGTv4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.wOVEr89D3P0.L.B1.O/am=AgI/d=1/exm=COQbmf,DfBslb,EFQ78c,FCpbqb,KG2eXe,LEikZe,NpD4ec,NwH0H,OmgaI,PQaYAf,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_latency,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,hKSk3e,iTsyac,lPKSwe,lsjVmc,lwddkf,rE6Mgd,tfTN8c,ws9Tlc,x60fie,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ct=zgms/rs=ABXTjI61fjeXZfqhsG_u8kOf5VoeId9yHA/m=n73qwf,mI3LFb,UUJqVe,lazG7b,MpJwZc,qCSYWe,mdR7q,MI6k7c,kjKdXe

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a655f33bb597d4ebf18532f36edec1fd6198de53d2aa61ed079242c8de458ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 02:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 06 Mar 2021 05:54:24 GMT
server: sffe
age: 138717
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 443
x-xss-protection: 0
expires: Fri, 11 Mar 2022 02:19:05 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
169 B 305ms
99ms Image
image/gif 54.83.119.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html&u=D5FIemByxhIiCfRIVM&d=nytimes.com&g=16698&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3117&t=CjrJ8sDv2f6yDZdfmqDcxbKlhIqI9&V=124&i=Not%20Found%20-%20The%20New%20York%20Times&tz=-60&_acct=anon&sn=1&sv=zoYFKD-ZAHnC4FYpKCUyHeEBCbZyp&sd=1&im=06070403&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.119.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-119-165.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Mar 2021 16:51:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 log Show response
play.google.com/ Frame 9D75 131 B
857 B 61ms
41ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 12 Mar 2021 16:51:02 GMT

POST
H3-Q050 200 log Show response
play.google.com/ Frame 9D75 131 B
223 B 76ms
42ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 12 Mar 2021 16:51:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 37ms
37ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 12 Mar 2021 16:51:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 16:51:02 GMT
cache-control: private

POST
H3-Q050 200 log Show response
play.google.com/ Frame 9D75 131 B
615 B 74ms
41ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 12 Mar 2021 16:51:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
37ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 12 Mar 2021 16:51:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 16:51:02 GMT
cache-control: private

POST
H3-Q050 200 log Show response
play.google.com/ Frame 9D75 131 B
223 B 72ms
42ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Fri, 12 Mar 2021 16:51:02 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 38ms
37ms Preflight
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 12 Mar 2021 16:51:02 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 12 Mar 2021 16:51:02 GMT
cache-control: private

GET
H2 200 dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=... Show response
adservice.google.com/ddm/fls/i/ Frame 35A7 838 B
991 B 63ms
43ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55d291d978e32b8cbbe88062453314aa838d38e254671e464ec4c44f43f07523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5290727.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=b326m7aBcWzDzM5fV-qdfMItImeLUBnUYbvSb70VrvdqNOqDSQgmImgHAFh_Vgm93MWbtxgXi8QQLU2fnwAO6kiSTYvzoUfJCyE41fXh1IJPQcbr-eF_RugxU74SDtSxz6W6qy9W0d8QGQSU-MvQYHyXfUpzCiSM3DltWc-IxIg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5290727.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 12 Mar 2021 16:51:02 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 518
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=... Show response
adservice.google.de/ddm/fls/i/ Frame EEE2 194 B
877 B 64ms
42ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CIOwraSbq-8CFVLhUQod10QHZw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4359322672363;gtm=2wg330;auiddc=1657170174.1615567862;u4=;u5=undefined;u6=undefined;u7=U9YcCCv9sC9uHJy4_ECbOl;u8=;u10=;u11=1;u12=undefined;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F03%2F12%2Fsmarter-living%2Fhow-to-workfrom-home-if-youve-never-done-it-before.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 12 Mar 2021 16:51:02 GMT
expires: Fri, 12 Mar 2021 16:51:02 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
2 KB 39ms
14ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d9e94906c278d6cb618078232f209e5ffeb517aaea740582f1bc514b0c99747

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 459
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MY0ZX7H2GCNHQK7D
x-amz-id-2: 2OmWg0z8bAF64mIWi7Qz8+WECgxMphxKX9K6pQ/u4vHmCNTUByS1EoT9TbYd5Y/2LoSkkWOqyh8=
last-modified: Wed, 10 Mar 2021 16:57:44 GMT
server: cloudflare
etag: W/"41b9d3fc1a0fea2397e36708ca071c05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SZ2vhgxiaytXVVH%2Fxb2%2FpwpXn%2Fc5wxK%2F3Btg8PAw8rY%2FjbcO7M%2B8dN9ntKZ1JXJGEmU2qGuG89deuzTSglsJJTNrZy80d4xcapHVibLNZBYsp3s9wGiFuIc%2BUZAgRftmz1au"}]}
content-type: application/javascript
cache-control: max-age=1800
cf-request-id: 08c8f253a30000dfcf0d9d2000000001
cf-ray: 62ee8665ce50dfcf-FRA

GET
H2 200 sdk-prod-3684b6123181532674d8.js Show response
platform.iteratehq.com/ 868 KB
235 KB 44ms
43ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-3684b6123181532674d8.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 512c83dec5fdd34d795af68c5cfb420113b5c2b3dc911d9b692162858b8a849c

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 172040
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MY0MKW077GF1YNYK
x-amz-id-2: v69uK9I6XEkhAvidbUl5XbeIj+G6zL9b0we+MOjFWCPNyBszlMMmhTNyf6i20EqFKrdMV3mpERI=
last-modified: Wed, 10 Mar 2021 16:57:40 GMT
server: cloudflare
etag: W/"90cf47b6851ca7c3ba003f4fbb6d96af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dayFSEkb7gFJHHrgc%2FT%2BxohbbX%2F7PtLCb%2FEhjGdLKVA5Bb6l7r4d%2FcU%2BgQddf19Ci96ysoVJAwEq%2FaPOIvYbBWGkJtJDrO1wq2U6pi1VUzDLfd5c8ABD8pMlG8MTE4QE%2Fyyy"}]}
content-type: application/javascript
cache-control: max-age=31536000
cf-request-id: 08c8f253b30000dfcfc9b5e000000001
cf-ray: 62ee8665ee69dfcf-FRA

GET
H2 200 style-49e408b8c1e44beafa1b.css
platform.iteratehq.com/ 145 KB
11 KB 19ms
18ms Stylesheet
text/css 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-49e408b8c1e44beafa1b.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 16:51:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 172189
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RH19K9FZ51KEJMNB
x-amz-id-2: raOa4BYjwOw5zP8l10I4IoZi+U+HcYBFn5kPub6A1FO0U8kvxEyTV+MEtXNTd3YTUSkO3U/aEP4=
last-modified: Wed, 10 Mar 2021 16:57:40 GMT
server: cloudflare
etag: W/"03c7fa2d3d6a28098dd43eb9b903eced"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wsPDrgiboM5MBOVdmfgvGWv97QOzzj8X6AEqMYY29y3vD1gnvAkEeGraFgqlVIQD4Tex%2FH3iOdeTFC6Ryr%2Bjrzbx%2Fa2bOtOsJEDtBYHPeo5w1jTkWUqrMpfToHS9OIv8IUtR"}]}
content-type: text/css
cache-control: max-age=31536000
cf-request-id: 08c8f253b30000dfcfb2afe000000001
cf-ray: 62ee8665ee6cdfcf-FRA

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
662 B 120ms
119ms Fetch
application/json 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-3684b6123181532674d8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd361d238c2f36631c7099b9133d1febf8e9f9a2de821cd5193304e8039bdea

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Fri, 12 Mar 2021 16:51:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X6qdZJMnwv1mv8ofz1jVbUYcApQAwf%2FkOuiF%2FebfWb%2B%2Ff5Ho%2FsKib%2FpjIjb2g%2FPUpBZY6mwfVhjxmurXesGJ66qGhNK5jbhZLp1UOLZUJJIS%2FoXxmhZFqRQr"}],"group":"cf-nel"}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 62ee86686c0d63fb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08c8f25547000063fb8f266000000001

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 229ms
207ms Preflight 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Server: 2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 12 Mar 2021 16:51:03 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
cf-request-id: 08c8f25475000063fb7eaba000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SQ2bVvsGzNY4UwiIp5cKAJz%2BwSKsVdELqr2xrS9s%2FBJMtgvyFUNMwS5JGeMjGpqgruYZKRHazsMBlaM%2BWN3JAut8YCv%2FG%2Fl%2FptYZN%2BkcIRP88sTIipF0P3%2F4"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62ee86672beb63fb-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Other
application/json 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Other
application/json 2a00:1450:4001:827::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/03/12/smarter-living/how-to-workfrom-home-if-youve-never-done-it-before.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.nytimes.com/	1970-01-20 02:14:55	Name: _cb Value: D5FIemByxhIiCfRIVM
www.nytimes.com/	1970-01-20 02:14:55	Name: _cb_ls Value: 1
.google.com/	1970-01-19 21:09:39	Name: NID Value: 211=b326m7aBcWzDzM5fV-qdfMItImeLUBnUYbvSb70VrvdqNOqDSQgmImgHAFh_Vgm93MWbtxgXi8QQLU2fnwAO6kiSTYvzoUfJCyE41fXh1IJPQcbr-eF_RugxU74SDtSxz6W6qy9W0d8QGQSU-MvQYHyXfUpzCiSM3DltWc-IxIg
.nytimes.com/	1970-01-19 16:46:07	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-19 16:47:34	Name: walley_gid Value: GA1.2.1776819813.1615567862
.nytimes.com/	1970-01-19 18:55:43	Name: _gcl_au Value: 1.1.1657170174.1615567862
www.nytimes.com/	1970-01-20 02:14:55	Name: _chartbeat2 Value: .1615567862337.1615567862337.1.zoYFKD-ZAHnC4FYpKCUyHeEBCbZyp.1
.nytimes.com/	1970-01-20 01:31:43	Name: nyt-jkidd Value: uid=0&lastRequest=1615567862004&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-19 16:46:33	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
www.nytimes.com/	1970-01-19 16:46:09	Name: _cb_svref Value: null
.nytimes.com/	1970-01-19 16:46:33	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.doubleclick.net/	1970-01-19 16:46:08	Name: test_cookie Value: CheckForPermission
.nytimes.com/	1970-01-20 01:31:43	Name: datadome Value: C3S-PQTlB8_1kc7iR6rAPJAPgN-fwwTGHVDSCKgCA7dzsiTK6~s~HyXbhYAiDr7PnEY4TXlJwEHO.oUMPy7AhA-UmeYqBJ4aVpyt~5dQyo
.nytimes.com/	1970-01-19 16:46:29	Name: nyt-geo Value: NL
.nytimes.com/	1970-01-20 01:31:43	Name: nyt-a Value: U9YcCCv9sC9uHJy4_ECbOl
.nytimes.com/	1970-01-19 16:46:29	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 01:31:43	Name: nyt-purr Value: cfhspnahhud
.nytimes.com/	1970-01-19 16:46:29	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 10:17:19	Name: walley Value: GA1.2.286889853.1615567862
.nytimes.com/	1970-01-20 02:15:37	Name: purr-cache Value: <K0<r<C_<G_<S0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 9) Message: Subscriptions Runtime: 0.1.22.151
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-656fb56e6517b8519df7.js(Line 33) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 9) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 9) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-656fb56e6517b8519df7.js(Line 51) Message: Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.de
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
news.google.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
static.chartbeat.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
142.250.185.198
151.101.113.164
151.101.65.164
2600:9000:206f:1600:a:a8c5:a040:93a1
2600:9000:2127:a200:18:1fcd:34e:d2a1
2606:4700:3032::ac43:c7c7
2606:4700:3037::6815:24db
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:827::2013
2a00:1450:4001:828::2002
52.50.124.20
54.83.119.165
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0b2db039c1ce69c2fc565a2e7bb0a5b3b9cd551447e586967b5290c04b8f11a2
0b690038a1eb7182e3ed5a8f35408b83c42842d2d692c46ca5d68d9ea7eda536
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
13d263fd0269ac173a661ee9268024573e531f9178b23020f1ad07c44ac47e33
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
37a935193ed4464e5c839bff0d0595357be3ee051367180194f1aa2434df9459
3993dbdae51a13038f34f2e505ac68a5ae8a261677d4e410ada45398b93a208a
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
43127098293f5ea6db00a1ddef8ca5a8d5acac272d8003e7b794a694b7c8967e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
512c83dec5fdd34d795af68c5cfb420113b5c2b3dc911d9b692162858b8a849c
53b6415b1677dad175c81c0eb4a847adf92497ba0e17426ba719ea1da278a170
55d291d978e32b8cbbe88062453314aa838d38e254671e464ec4c44f43f07523
5c0c1afd147ffe8835cfa9a0cf7a7c146302ce4b0700e15ab4187163a67e53b6
5d9e94906c278d6cb618078232f209e5ffeb517aaea740582f1bc514b0c99747
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c549c04b600dfe116c8acd9d98a43d619f2252b56131278a011cf590940c71b
7a9c438ad069bc2a74ea9c0c046b2ee5a89f8a436bea60ac14a40dd64be2442f
7e928abd48aac1c748e229c5fcfb0aac8f579e9244cd829dba6bab098e35c096
849d7136b5b2565c31baa2334ee44d92decacdaffced86ab0b39f8d7f2a01104
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90d829eded6db5694e8fe409cb2c9de2ee17f49bd9e99e460f3a2f0bbce1d404
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
982e817f3031d42e21ae0fb17d0753f65967583bdec9eb737e285ea04bff48b0
9918710a2bc5f004ebd7efa5b0dd87b2397c62de4f932fc8b9e94979bf3f6818
9dd361d238c2f36631c7099b9133d1febf8e9f9a2de821cd5193304e8039bdea
a655f33bb597d4ebf18532f36edec1fd6198de53d2aa61ed079242c8de458ac5
b52908f0478e0d13e813ff4373c82134a429280af5a8face6d410b6bec49aee5
bd7f617da6dd29ccee840a824f56fb7e5da8090a1b96b12358235ca5d76236dd
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c766f28b0c481a7cce2f907374fa0c3d4732eb7d0acb051b86585dfbc2a1f5e5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc4702f9e56ede19bc5866b4c773535f9275e7facfc886d112e07c87075e15ec
dc718698dd2fb2c1b15db8ee38c8d0d9980b2236fed0c2db61d0a6d0ced19e3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e8f34315ba4c5fdc9bbe1dca3de9b81f2d3d45e4858763bfb04a5fc5adc39f
ee5576bf20dd9564319f7a878379061f3ca9275b50467576475fea06e64b1b6b
f6029ccf83e91f4303ac4d7e7dadd78bca4c2856b0b6cec6310e60260c25cdb9

www.nytimes.com Open in urlscan Pro 151.101.113.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

72 %IPv6

12 Domains

22 Subdomains

18 IPs

3 Countries

1346 kBTransfer

4658 kBSize

20 Cookies

19 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

72 %
IPv6

12
Domains

22
Subdomains

18
IPs

3
Countries

1346 kB
Transfer

4658 kB
Size

20
Cookies

61 HTTP transactions
0 data transactions