www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Submission: On September 21 via manual (September 21st 2020, 7:11:40 pm UTC) from US

Summary HTTP 102 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 13 domains to perform 102 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:801::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
6	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	35.244.188.62 35.244.188.62	15169 (GOOGLE) (GOOGLE)
1 1	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
2	2600:9000:20e... 2600:9000:20e8:d600:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1 2	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20e8:f800:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	54.205.171.136 54.205.171.136	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3036::6812:206c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
102	22

49 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
int.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.62 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 62.188.244.35.bc.googleusercontent.com

als-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.164 (United States) 1 redirects

ASN54113 (FASTLY, US)

nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20e8:d600:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

61a80047208d45658e240248a7e00baf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:f800:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.171.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-171-136.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6812:206c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	nytimes.com 1 redirects www.nytimes.com samizdat-graphql.nytimes.com a.et.nytimes.com als-svc.nytimes.com nytimes.com myaccount.nytimes.com dd.nytimes.com meter-svc.nytimes.com purr.nytimes.com a.nytimes.com mwcm.nytimes.com	1 MB
21	nyt.com g1.nyt.com static01.nyt.com typeface.nyt.com int.nyt.com a1.nyt.com	2 MB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net 5290727.fls.doubleclick.net stats.g.doubleclick.net	215 KB
7	googlesyndication.com 61a80047208d45658e240248a7e00baf.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	12 KB
7	google.com news.google.com adservice.google.com www.google.com	48 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	248 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	googletagservices.com www.googletagservices.com	46 KB
1	google.de www.google.de	106 B
1	chartbeat.net pnytimes.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	google.nl adservice.google.nl	890 B
1	googletagmanager.com www.googletagmanager.com	74 KB
102	13

	Domain	Requested by
18	www.nytimes.com	www.nytimes.com
10	a.et.nytimes.com	www.nytimes.com
9	g1.nyt.com	www.nytimes.com g1.nyt.com
6	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net www.googletagservices.com
6	samizdat-graphql.nytimes.com	www.nytimes.com
5	typeface.nyt.com	www.nytimes.com typeface.nyt.com
5	news.google.com	www.nytimes.com news.google.com
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	static01.nyt.com	www.nytimes.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.nytimes.com
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagservices.com	www.nytimes.com securepubads.g.doubleclick.net
2	int.nyt.com	www.nytimes.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
1	www.google.de	www.nytimes.com
1	www.google.com	www.nytimes.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	61a80047208d45658e240248a7e00baf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	nytimes.com	1 redirects
1	als-svc.nytimes.com	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
102	34

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.facebook.com
twitter.com
www.dco.uscg.mil
magazine.promomarketing.com
www.otorio.com
dragos.com
nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
spiderbites.nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
a.et.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-18` - `2022-11-16`	2 years	crt.sh
*.news.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-29` - `2021-04-02`	9 months	crt.sh
*.google.nl GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Frame ID: A9924D04776B6EF3D90E3A9E3D670B04
Requests: 74 HTTP requests in this frame

Frame: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html
Frame ID: 1274ECE402EACE887834E0298238E07B
Requests: 16 HTTP requests in this frame

Frame: https://static01.nyt.com/ads/tpc-check.html
Frame ID: 6476DC795537808A1458904E4EAA1664
Requests: 1 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 6F49371D8885B65ED7954E2B03523375
Requests: 3 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=444643
Frame ID: A3E849C5C9B6F1DAB3A0743C73D7AAC8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 8CDADDB177D9E7735751AEB66E998BEC
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLLjtO75-usCFdTPuwgdyCMPGw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8437148715628;gtm=2wg990;auiddc=1016423248.1600715484;u4=;u5=undefined;u6=undefined;u7=vuRp42B25f3IJqPjZiA2w6;u8=;u10=;u11=1;u12=100000006939120;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html
Frame ID: 1FC042D6ED4FB098F13153B203C01BB0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 5EE1D8FA94548713AC56967F68A5517E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Fastly (CDN) Expand

Overall confidence: 100%
Detected patterns

headers vary /Fastly-SSL/i

Page Statistics

102
Requests

100 %
HTTPS

70 %
IPv6

13
Domains

34
Subdomains

22
IPs

4
Countries

3393 kB
Transfer

8317 kB
Size

22
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2020%252F02%252F09%252Ftechnology%252Fransomware-attacks.html&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=9869919170&link=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html%3Fsmid%3Dfb-share&name=Ransomware%20Attacks%20Grow%2C%20Crippling%20Cities%20and%20Businesses&redirect_uri=https%3A%2F%2Fwww.facebook.com%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html%3Fsmid%3Dtw-share&text=Ransomware%20Attacks%20Grow%2C%20Crippling%20Cities%20and%20Businesses

Search URL Search Domain Scan URL

URL: https://www.dco.uscg.mil/Portals/9/DCO%20Documents/5p/MSIB/2019/MSIB_10_19.pdf
Title: Coast Guard said in December

Search URL Search Domain Scan URL

URL: https://magazine.promomarketing.com/article/colorado-timberline-abruptly-closes-after-ransomware-attack/
Title: printing company with a few hundred employees near Denver

Search URL Search Domain Scan URL

URL: https://www.otorio.com/blog/posts/snake-industrial-focused-ransomware-with-ties-to-iran
Title: Snake

Search URL Search Domain Scan URL

URL: https://dragos.com/blog/industry-news/ekans-ransomware-and-ics-operations/
Title: Ekans

Search URL Search Domain Scan URL

URL: https://nytimes.com/privacy/privacy-policy#we-allow-for-personalized-advertising-on-times-services
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2020 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://spiderbites.nytimes.com/
Title: Site Map

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://nytimes.com/ads/google/adsbygoogle.js HTTP 301
https://www.nytimes.com/ads/google/adsbygoogle.js

Request Chain 74

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8437148715628;gtm=2wg990;auiddc=1016423248.1600715484;u4=;u5=undefined;u6=undefined;u7=vuRp42B25f3IJqPjZiA2w6;u8=;u10=;u11=1;u12=100000006939120;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLLjtO75-usCFdTPuwgdyCMPGw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8437148715628;gtm=2wg990;auiddc=1016423248.1600715484;u4=;u5=undefined;u6=undefined;u7=vuRp42B25f3IJqPjZiA2w6;u8=;u10=;u11=1;u12=100000006939120;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html

102 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ransomware-attacks.html Show response
www.nytimes.com/2020/02/09/technology/ 365 KB
72 KB 87ms
34ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eba5b08a663f352bd670926b2aa889137edb07548dcb37326aa4153bcb7142ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /2020/02/09/technology/ransomware-attacks.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Mon, 21 Sep 2020 12:56:07 GMT
last-modified: Mon, 21 Sep 2020 12:56:07 GMT
x-scoop-last-modified: 2020-05-19T13:58:46.651Z
x-pagetype: vi-story
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=300,no-cache
x-nyt-route: vi-story
x-datadome-timer: S1600692996.292148,VS0,VE4
x-origin-time: 2020-09-21 12:56:36 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Mon, 21 Sep 2020 19:11:21 GMT
age: 22513
x-served-by: cache-lga21923-LGA, cache-hhn4073-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1600715482.862622,VS0,VE5
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=vuRp42B25f3IJqPjZiA2w6; Expires=Tue, 21 Sep 2021 19:11:21 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure datadome=bHY2ITE-k25CpvQqpEkNdCcbiKsxp~i5b91bvIsNiVCp-qPcO.5boecN.nZ53zg682LokAiaFcZRJm8WkizL-YZPdYHV4Dvfcz_tyg_HrG; Max-Age=31536000; Domain=.nytimes.com; Path=/; SameSite=Lax nyt-gdpr=1; Expires=Tue, 22 Sep 2020 01:11:21 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhu; Expires=Tue, 21 Sep 2021 19:11:21 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure nyt-us=0; Expires=Tue, 22 Sep 2020 01:11:21 GMT; Path=/; Domain=.nytimes.com nyt-geo=NL; Expires=Tue, 22 Sep 2020 01:11:21 GMT; Path=/; Domain=.nytimes.com
x-datadome: protected
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimes3xbfgragh.onion/2020/02/09/technology/ransomware-attacks.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=2592000
content-length: 72572

GET
H2 200 web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 24ms
22ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg==
date: Mon, 21 Sep 2020 19:11:21 GMT
content-encoding: gzip
age: 417127
x-guploader-uploadid: ABg5-Uz9ySUgx4Ow7_IHquBjgKaPehmVrA_2f0dZ4MJVYxRRx6-e7-RaSNzBBBospGA-yMgB8EmBCRDfrcQaUPXtWyxXSbK64g
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9922
via: 1.1 varnish
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
expires: Thu, 16 Sep 2021 23:19:14 GMT
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1600715482.899386,VS0,VE0
etag: "b3e9eedd81b658bb38d40b91c6568d7a"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567624278152
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 9922
x-nyt-pagetype: nyt5-asset
content-type: text/css; charset=utf-8
x-cache-hits: 11965

GET
H2 200 global-69acc7c8fb6a313ed7e8641e4a88bf30.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
3 KB 23ms
22ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=xVtu/Q==, md5=8t/i0xcrDEvURwPHlq+SQg==
date: Mon, 21 Sep 2020 19:11:21 GMT
content-encoding: gzip
x-api-version: F-X
age: 535076
x-guploader-uploadid: ABg5-UzadwJJVco0UpaJTaU9yrgZMaUz_4aMwQT08kD2RC8WFP2U69rcjJ1SjFhy7-H0mWZMfVmtkBKnVkLIRUioNaU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000
x-origin-time: 2020-09-15 14:33:25 UTC
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Tue, 15 Sep 2020 12:11:32 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1600715482.898084,VS0,VE0
etag: "f2dfe2d3172b0c4bd44703c796af9242"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
x-goog-generation: 1600171892731484
expires: Wed, 15 Sep 2021 14:33:25 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 4669
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-length: 1832
content-type: text/css; charset=utf-8
x-cache-hits: 12992

GET
H2 200 adslot-6dd19106cc066b3272a7.js Show response
www.nytimes.com/vi-assets/static-assets/ 12 KB
5 KB 25ms
25ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-6dd19106cc066b3272a7.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

e8036c51689b492b9022065233212244538019f29677edc1076fba048ea67b83

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=1dh3cw==, md5=laoFTRjRH+4NJ9HexY5XrQ==
date: Mon, 21 Sep 2020 19:11:21 GMT
content-encoding: gzip
x-api-version: F-X
age: 948452
x-guploader-uploadid: ABg5-Uy_6u3y60R9V8F-RykfgPAd4nxMA-z1bCVN24X1ksPS842iUR8dfOJqmkMt8FsQ7Invu47pnO31DUcAopBNRhpWF4Y-Tg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000
x-origin-time: 2020-09-10 19:43:50 UTC
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Thu, 10 Sep 2020 19:39:23 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1600715482.926115,VS0,VE1
etag: "95aa054d18d11fee0d27d1dec58e57ad"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/adslot-6dd19106cc066b3272a7.js
x-goog-generation: 1599766763769923
expires: Fri, 10 Sep 2021 19:43:50 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 11918
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-length: 4529
content-type: application/javascript
x-cache-hits: 18023

GET
H2 200 merlin_167939430_5fb50bf5-5208-4588-8561-d4a66d5a928d-superJumbo.jpg
static01.nyt.com/images/2020/02/07/business/07ransomeware1/ 141 KB
142 KB 27ms
25ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/07/business/07ransomeware1/merlin_167939430_5fb50bf5-5208-4588-8561-d4a66d5a928d-superJumbo.jpg?quality=90&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0ef11822bbe24ff62f68d2688325161581590e71ceba047f6f8a6671c99b6cf4

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 365489
x-goog-storage-class: MULTI_REGIONAL
x-cache: HIT, HIT
fastly-io-info: ifsz=227409 idim=2048x1536 ifmt=jpeg ofsz=144692 odim=2048x1536 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 144692
x-served-by: cache-bwi5123-BWI, cache-hhn4073-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1600715482.926769,VS0,VE2
etag: "o6b/ercjq45/06pjDUn9xRj1LnTDFcV9/mW30q/xXTU"
vary: Accept
x-goog-hash: crc32c=q/IOxg==, md5=jCplSC8DdWA+04hdvCgjYg==
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 10 Sep 2020 12:43:16 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: ABg5-UwNJlp-cBHfPaxuy9ecspj3BirXtTyqHutljhzHAzvl8ABCreQC0ZpJ2KjWZO4eoJTsRGdV0l1kUcpTKWuhxlTlYVnO5A
x-cache-hits: 1, 1

GET
H2 200 author-nathaniel-popper-thumbLarge.png
static01.nyt.com/images/2018/10/22/multimedia/author-nathaniel-popper/ 25 KB
26 KB 33ms
29ms Image
image/png 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2018/10/22/multimedia/author-nathaniel-popper/author-nathaniel-popper-thumbLarge.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: cb5b885453ff835b63f36128ca70e9c01324c1f12686d249ebe2efdd68184f4b

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:21 GMT
via: 1.1 varnish, 1.1 varnish
age: 391882
x-guploader-uploadid: AAANsUl_lG8iiL-GLMio8XXj3aGgmz9g0LUEdLzozFMNwmCniwDhkYtBCC-QkLlGSVR4wbSxNSPtafdeUhq9ohAivmy01fSRmA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
content-length: 25729
x-served-by: cache-bwi5131-BWI, cache-hhn4073-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Mon, 22 Oct 2018 14:35:13 GMT
server: UploadServer
x-timer: S1600715482.970178,VS0,VE1
etag: "bfa61419c28079fb45af65a969e1537d"
vary: Origin
x-goog-hash: crc32c=5FWp4Q==, md5=v6YUGcKAeftFr2WpaeFTfQ==
content-type: image/png
access-control-allow-origin: *
expires: Tue, 21 Jul 2020 05:13:29 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 merlin_129887810_7bd9be11-6c31-41b9-9676-fbc03433820c-superJumbo.jpg
static01.nyt.com/images/2020/02/04/business/00ransomeware4/ 1 MB
1 MB 225ms
222ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/02/04/business/00ransomeware4/merlin_129887810_7bd9be11-6c31-41b9-9676-fbc03433820c-superJumbo.jpg?quality=90&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6b8b08fbc64ed779ba99e6cbd23f366c3645eb3ff838f506b44218a0828c164c

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 375924
x-goog-storage-class: MULTI_REGIONAL
x-cache: HIT, MISS
fastly-io-info: ifsz=1153930 idim=2048x1365 ifmt=jpeg ofsz=1050296 odim=2048x1365 ofmt=webp
status: 200
fastly-stats: io=1
content-length: 1050296
x-served-by: cache-bwi5137-BWI, cache-hhn4073-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1600715482.970176,VS0,VE195
etag: "X73p9YiiWSfVFaurYJ9+iI/XDY0Zk6rBhcProOzy520"
vary: Accept
x-goog-hash: crc32c=14gvUQ==, md5=mFbQ8sNKPpmJ0gKXxiE9kQ==
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 10 Sep 2020 10:29:30 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: ABg5-UxWZ6Yn4sF_OVjv_QasyS_aiSuku0W0FeI1XVPOx147cpL7aT1ybWuvVJRQjE-YGqe9asbKRb7sL-XumaOfnzwapCpmMA
x-cache-hits: 1, 0

GET
H2 200 vendor-ebd648af6f57a7875017.js Show response
www.nytimes.com/vi-assets/static-assets/ 261 KB
79 KB 28ms
25ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-ebd648af6f57a7875017.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c626dac05b5db45e60e0f7470ff84f6352ec72247f970bd75ccda50715530a83

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=/xHdTw==, md5=WyEVbrvYdAY/NdrBDP7dtg==
date: Mon, 21 Sep 2020 19:11:21 GMT
content-encoding: gzip
x-api-version: F-X
age: 535075
x-guploader-uploadid: ABg5-UwzHK9MVjdzLZDIoB1hPpKkMUiVBtSmgLX3t81X5tuZ-vr-KL26BmrYVPi0_4IGTCsHDz4dABiPTDXMKJGMSY2eQSs8Hw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000
x-origin-time: 2020-09-15 14:33:26 UTC
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Tue, 15 Sep 2020 12:11:33 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1600715482.970555,VS0,VE1
etag: "5b21156ebbd874063f35dac10cfeddb6"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendor-ebd648af6f57a7875017.js
x-goog-generation: 1600171893279613
expires: Wed, 15 Sep 2021 14:33:26 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 266982
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-length: 79922
content-type: application/javascript
x-cache-hits: 18282

GET
H2 200 story-ef51d0388c58e892d0ea.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
307 KB 33ms
30ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-ef51d0388c58e892d0ea.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fbf7e8a401976ecec53650a7c97c4853cc425921e3db7259740bba754c796b9a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=2cBVHw==, md5=KSBh/kAeZIVnNYlKGV4VFw==
date: Mon, 21 Sep 2020 19:11:21 GMT
content-encoding: gzip
x-api-version: F-X
age: 270397
x-guploader-uploadid: ABg5-UwxXTpBs0ct9_VSrHaQMIy8JAom6ibroicGQrT0lK03VmaT8N4dd7Paqpat-RzeUxHOoZK9PaHEqKSiiEqzu3Y
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000
x-origin-time: 2020-09-18 16:05:08 UTC
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Fri, 18 Sep 2020 15:36:49 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1600715482.970565,VS0,VE2
etag: "292061fe401e64856735894a195e1517"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/story-ef51d0388c58e892d0ea.js
x-goog-generation: 1600443409836459
expires: Sat, 18 Sep 2021 16:04:45 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1206847
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-length: 313038
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 main-94d9f506cb739ca62614.js Show response
www.nytimes.com/vi-assets/static-assets/ 982 KB
297 KB 33ms
31ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-94d9f506cb739ca62614.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6b326e1c149ff623f65bd1a40129ef2b295af410d55dd574e08c4afcf1d2b969

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=pNLxKA==, md5=8yQ9POzL3q5NTs8PUiyrlQ==
date: Mon, 21 Sep 2020 19:11:21 GMT
content-encoding: gzip
x-api-version: F-X
age: 276496
x-guploader-uploadid: ABg5-UwV1y1NoMc_6Qfj-wgvsyWdAeiH-gK0i2AbQL8wz8nre6we9Z3pRelKPHU_5KpvXRE4FdHtKMyT02ceD6bc9Wg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000
x-origin-time: 2020-09-18 14:23:06 UTC
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Fri, 18 Sep 2020 14:03:52 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1600715482.970488,VS0,VE2
etag: "f3243d3ceccbdeae4d4ecf0f522cab95"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/main-94d9f506cb739ca62614.js
x-goog-generation: 1600437832981832
expires: Sat, 18 Sep 2021 14:23:05 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1005935
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-length: 303833
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 318 KB
74 KB 34ms
31ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0622ed95f00032fbeb932c02e83976d425c0e4fe4027f0fe9f3c5a683271112a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:21 GMT
content-encoding: br
vary: *
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75556
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 78ms
23ms Other 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.123 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors

Response headers

status: 200
cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-0.5.123
access-control-allow-credentials: true
via: 1.1 google 1.1 varnish
accept-ranges: bytes
date: Mon, 21 Sep 2020 19:11:22 GMT
age: 2
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-region: NB
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 9c743883d7f771cc
samizdat-x-instance: 1f3375ab
x-served-by: cache-hhn4067-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1600715482.014924,VS0,VE1
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 126ms
104ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
703 B 23ms
23ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.123 /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 7
x-cache: HIT
status: 200
samizdat-x-instance: a73af257
x-samizdat-query-field-errors: 0
x-cache-hits: 1
x-samizdat-query-exe-id: d30c637175842137
content-length: 123
x-served-by: cache-hhn4073-HHN
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: NB
server: samizdat-graphql-0.5.123
x-timer: S1600715482.039302,VS0,VE0
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: NL
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 133 KB
39 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4389ef21f84327e681cb7fef5241979495e53c8734c6112e1d5650b871b5eace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 18:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Sep 2020 21:54:01 GMT
server: sffe
age: 1584
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39915
x-xss-protection: 0
expires: Mon, 21 Sep 2020 19:34:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
18 KB 120ms
62ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

372e5f5086fcd14119da21990508d4fa4da3d860309d9b49cb7ecd41457ef46a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "640 / 500 of 1000 / last-modified: 1600687086"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17783
x-xss-protection: 0
expires: Mon, 21 Sep 2020 19:11:22 GMT

GET
H2 200 als Show response
als-svc.nytimes.com/ 2 KB
2 KB 224ms
171ms XHR
application/json 35.244.188.62
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2Ff1c523fd-7412-5c7b-b76a-55410d02c17e&typ=&prop=nyt&plat=web
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.62 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 62.188.244.35.bc.googleusercontent.com
Software: /
Resource Hash: f261573c5fed6e879279c2acb99c03c0fa81a55257ea9d457188df22c5d8211c

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
status: 200
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 1984

GET
H2

200

adsbygoogle.js Show response
www.nytimes.com/ads/google/
Redirect Chain

https://nytimes.com/ads/google/adsbygoogle.js
https://www.nytimes.com/ads/google/adsbygoogle.js

28 B
938 B

26ms
23ms

Script
text/javascript

151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/google/adsbygoogle.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=A0srKQ==, md5=RQR9COVIGqVnQnauGBDIjQ==
date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-X
age: 251257
x-guploader-uploadid: AEnB2UqSzdoT2XYwRS7aQ5nVbHyiFGq5zidlieOPxqu0Yrq-KV-ykDEp4bK0A6mABGifXPe4S_fWKf8UzPxAhEKtGfq7fnM_sCvBcQVK1nywyJ1Kgbqlc20
x-cache: HIT
x-goog-storage-class: REGIONAL
status: 200
x-origin-time: 2020-02-21 21:23:29 UTC
content-length: 48
x-served-by: cache-hhn4073-HHN
last-modified: Fri, 23 Mar 2018 21:06:07 GMT
server: UploadServer
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-timer: S1600715482.123969,VS0,VE1
etag: "45047d08e5481aa5674276ae1810c88d"
strict-transport-security: max-age=2592000
onion-location: https://www.nytimes3xbfgragh.onion/ads/google/adsbygoogle.js
content-type: text/javascript
access-control-allow-origin: *
expires: Fri, 21 Feb 2020 21:23:29 GMT
x-gdpr: 1
x-nyt-route: ads-static-assets
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
x-cache-hits: 8720

Redirect headers

date: Mon, 21 Sep 2020 19:11:22 GMT
x-api-version: F-0
x-cache: HIT
status: 301
content-length: 0
x-served-by: cache-ams21023-AMS
server: Varnish
strict-transport-security: max-age=2592000
onion-location: https://www.nytimes3xbfgragh.onion/ads/google/adsbygoogle.js
location: https://www.nytimes.com/ads/google/adsbygoogle.js
x-gdpr: 1
x-nyt-route: ads-static-assets
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
retry-after: 0
x-cache-hits: 0

GET
H2 200 100000006953200.embedded.html Show response
www.nytimes.com/interactive/2020/admin/ Frame 1274 45 KB
15 KB 240ms
239ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

77dedd7978ea7914f9c5170bfa98db6c0285e666f14df89c8da83d3307c12f99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /interactive/2020/admin/100000006953200.embedded.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: nyt-a=vuRp42B25f3IJqPjZiA2w6; datadome=bHY2ITE-k25CpvQqpEkNdCcbiKsxp~i5b91bvIsNiVCp-qPcO.5boecN.nZ53zg682LokAiaFcZRJm8WkizL-YZPdYHV4Dvfcz_tyg_HrG; nyt-gdpr=1; nyt-purr=cfhspnahhu; nyt-us=0; nyt-geo=NL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Response headers

status: 200
server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Mon, 21 Sep 2020 19:11:22 GMT
last-modified: Mon, 21 Sep 2020 19:11:22 GMT
x-scoop-last-modified: 2020-02-09T22:10:58.837Z
x-pagetype: vi-interactive-nyt5
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=10,no-cache
x-nyt-route: vi-interactive
x-origin-time: 2020-09-21 19:11:22 UTC
accept-ranges: bytes
date: Mon, 21 Sep 2020 19:11:22 GMT
age: 0
x-served-by: cache-lga21964-LGA, cache-hhn4073-HHN
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1600715482.971131,VS0,VE204
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=vuRp42B25f3IJqPjZiA2w6; Expires=Tue, 21 Sep 2021 19:11:22 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure nyt-gdpr=1; Expires=Tue, 22 Sep 2020 01:11:22 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhu; Expires=Tue, 21 Sep 2021 19:11:22 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure
x-gdpr: 1
onion-location: https://www.nytimes3xbfgragh.onion/interactive/2020/admin/100000006953200.embedded.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=2592000
content-length: 13882

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 76ms
23ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish
age: 29991539
x-guploader-uploadid: AEnB2Up5b7PfGZv4RqbljtTDYqwDMI5XtzuWVOYK_dNdS4SzTmVNeee3gZJhLHJAS7ubs9gDh4PXQH1rDQ5XvEd1osbVbXA-066TUtvEtKhm1WTPGXfo7WU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-hhn4068-HHN
accept-ranges: bytes
expires: Fri, 09 Oct 2020 16:12:23 GMT
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1600715482.032427,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
vary: Origin
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567625340998
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: nyt5-asset
content-type: font/woff2
x-cache-hits: 44962

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 75ms
23ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish
age: 4127878
x-guploader-uploadid: AAANsUnxa48XOVh0AFzCJXQ0BvAtNNQdC9EffjlWsKF9VLj4I5q8X051fI464dwQLrNLHbG_Y5Jecrik6KoQjvtEnGg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-hhn4068-HHN
accept-ranges: bytes
expires: Thu, 05 Aug 2021 00:33:23 GMT
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1600715482.032490,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
vary: Origin
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567625401061
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20312
x-nyt-pagetype: nyt5-asset
content-type: font/woff2
x-cache-hits: 45040

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 104ms
52ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish
age: 3960873
x-guploader-uploadid: AAANsUlsyM0U9bmckE4yB1LsDE3I_ZoXmZfl7U6nBZpj6UZNZVpavJ3mTb2Wktu2C2237snueExL48cRWSNeoSGOzzUCJkeJYw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-hhn4068-HHN
accept-ranges: bytes
expires: Fri, 06 Aug 2021 22:56:48 GMT
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1600715482.032689,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
vary: Origin
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567624300845
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29076
x-nyt-pagetype: nyt5-asset
content-type: font/woff2
x-cache-hits: 32781

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 76ms
24ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish
age: 6460700
x-guploader-uploadid: AAANsUmDUaIBvd6sV3Sl8CjekfeGzpGW2jnxCMMGUPnWzwv_24IRofJyGnGKaslY3-7ql2xejpOl6CJdDjuevg2CfNHyiKyjkA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-hhn4068-HHN
accept-ranges: bytes
expires: Fri, 09 Jul 2021 00:33:02 GMT
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1600715482.032559,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
vary: Origin
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567624626708
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20136
x-nyt-pagetype: nyt5-asset
content-type: font/woff2
x-cache-hits: 6288

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 104ms
53ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish
age: 29991541
x-guploader-uploadid: AEnB2Ur8sQa8a9DRIM4zhKlG2PuWwSlO_O1LeAZMclvdJ9IX8e4H1rtvwgPPGp6PVfSfQfL_qzfFJ1aXiNshN-8IlMUcLMPfO3tC_bNe5sEzvrscL-msYtc
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-hhn4068-HHN
accept-ranges: bytes
expires: Fri, 09 Oct 2020 16:12:23 GMT
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1600715482.033283,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
vary: Origin
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567625319455
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20172
x-nyt-pagetype: nyt5-asset
content-type: font/woff2
x-cache-hits: 43058

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 104ms
53ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish
age: 1024081
x-guploader-uploadid: ABg5-UwoTxdVZsDvhSYN7nE-xeWJMBGo3X13kSQ8j8iEXA8owt6ooqs9zORKh6zyweLiLZfAVAGunkqKveYam7Xu5FMgre1w-Q
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-hhn4068-HHN
accept-ranges: bytes
expires: Thu, 09 Sep 2021 22:43:20 GMT
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1600715482.033257,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
vary: Origin
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567624250331
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28620
x-nyt-pagetype: nyt5-asset
content-type: font/woff2
x-cache-hits: 3676

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 118ms
67ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish
age: 19592235
x-guploader-uploadid: AEnB2Uq4Jf2XEWCDFF1h66tKHBIUita9HziiuwtSMtPUiUbG-t11LmF8lcOYoKQFwfNqVHQ1rSegHxgZi3keO03xpOaJBOW-ZA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-hhn4068-HHN
accept-ranges: bytes
expires: Sun, 07 Feb 2021 00:54:06 GMT
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1600715482.033831,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
vary: Origin
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567624227088
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 27260
x-nyt-pagetype: nyt5-asset
content-type: font/woff2
x-cache-hits: 4994

GET
H2 200 imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
g1.nyt.com/fonts/family/imperial/ 28 KB
29 KB 103ms
52ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=1n93EQ==, md5=JTGZX+/TuZf5xNVk6+iSaA==
date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish
age: 2834814
x-guploader-uploadid: AAANsUkVibAoIKpUVU6iWRgvo35wtzonOditgCsQVYUx6dqrSglDitlGjI5prSjeCQyIdPJdw4uEBjS2s8-UwgHVfrsjpJInkw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29016
x-served-by: cache-hhn4068-HHN
accept-ranges: bytes
expires: Thu, 19 Aug 2021 23:44:26 GMT
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1600715482.033241,VS0,VE0
etag: "2531995fefd3b997f9c4d564ebe89268"
vary: Origin
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567625845342
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29016
x-nyt-pagetype: nyt5-asset
content-type: font/woff2
x-cache-hits: 7740

GET
H2 200 tpc-check.html
static01.nyt.com/ads/ Frame 6476 0
0 30ms
25ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/ads/tpc-check.html
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: static01.nyt.com
:scheme: https
:path: /ads/tpc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Response headers

status: 200
x-guploader-uploadid: ABg5-UyMT-1Ozj2DeZFtS2g_arIAA8Vz5Rkc_u_Sww8a-DjX9DKqPdSuor2_GhOfr4RRxqO23AScRpg-pqxVsUrVYfxkngGv6A
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
expires: Thu, 03 Sep 2020 07:14:50 GMT
last-modified: Wed, 03 Apr 2019 14:30:57 GMT
etag: "598d685c63f68aaefa1f7c474e83327c"
content-type: text/html
x-goog-hash: crc32c=4YnpCQ== md5=WY1oXGP2iq76H3xHToMyfA==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
server: UploadServer
content-encoding: gzip
via: 1.1 varnish 1.1 varnish
x-nyt-gcs-bucket: nyt-ads-static-assets
accept-ranges: bytes
date: Mon, 21 Sep 2020 19:11:22 GMT
age: 566701
x-served-by: cache-bwi5134-BWI, cache-hhn4073-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 9137
x-timer: S1600715482.113264,VS0,VE0
vary: Accept-Encoding
content-length: 550

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 6F49 393 B
568 B 30ms
23ms Document
text/html 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

e4364267aff017840734d9e3a8a8e9bfff6b343917fe0ee85136bcf2b2b4924c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /auth/prefetch-assets
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: nyt-a=vuRp42B25f3IJqPjZiA2w6; datadome=bHY2ITE-k25CpvQqpEkNdCcbiKsxp~i5b91bvIsNiVCp-qPcO.5boecN.nZ53zg682LokAiaFcZRJm8WkizL-YZPdYHV4Dvfcz_tyg_HrG; nyt-gdpr=1; nyt-purr=cfhspnahhu; nyt-us=0; nyt-geo=NL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Response headers

status: 200
content-type: text/html; charset=utf-8
x-powered-by: Express
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=600
x-nyt-backend: lire-ui
etag: W/"189-Yb46dYuy9spF3/w31BGJ/x8ztUA"
content-encoding: gzip
x-cloud-trace-context: 61989f98459bd80593b3a2ed4a7b026f
server: Google Frontend
x-datadome-timer: (null),VE118
accept-ranges: bytes
date: Mon, 21 Sep 2020 19:11:22 GMT
via: 1.1 varnish
age: 126
x-served-by: cache-hhn4073-HHN
x-cache: HIT
x-cache-hits: 6
vary: Accept-Encoding
x-nyt-route: legacy-myaccount
x-api-version: F-X
content-length: 276

GET
H2 200 vendors~audio~byline~capsule~collections~home~liveblog~paidpost~regionCapsule~slideshow~story~video-3a1c5a24827573204803.js Show response
www.nytimes.com/vi-assets/static-assets/ 68 KB
13 KB 25ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~collections~home~liveblog~paidpost~regionCapsule~slideshow~story~video-3a1c5a24827573204803.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

de029f6b1d7ea1c98a21988cfb8c6ae1d4e2ebaeae9a0150fae0fa688d2acd56

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=nYKTkA==, md5=p3Bgd6NF0aTI3steAClkkQ==
date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-api-version: F-X
age: 270396
x-guploader-uploadid: ABg5-UzoOJYKyrGblBHzcbBxxeC7sg_klmcQreH1IRwE-4ZPh0sV4lGLlHNkFPieFXc6keKb5-cAyPEuoAvbXhYIz2kj2NjipQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000
x-origin-time: 2020-09-18 16:05:05 UTC
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Fri, 18 Sep 2020 15:50:16 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1600715482.293894,VS0,VE1
etag: "a7706077a345d1a4c8decb5e00296491"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~byline~capsule~collections~home~liveblog~paidpost~regionCapsule~slideshow~story~video-3a1c5a24827573204803.js
x-goog-generation: 1600444216345668
expires: Sat, 18 Sep 2021 16:04:46 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 69144
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-length: 12799
content-type: application/javascript
x-cache-hits: 12360

GET
H2 200 vendors~audio~capsule~collections~home~liveblog~paidpost~regionCapsule~story~trending~video-3b1db799a6edbfd42568.js Show response
www.nytimes.com/vi-assets/static-assets/ 19 KB
5 KB 27ms
26ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~collections~home~liveblog~paidpost~regionCapsule~story~trending~video-3b1db799a6edbfd42568.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8ce14956333b368b9b638dc2f2a03a2e0cce2820789b01bc6373707b6cc98a7d

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=dXaFiw==, md5=l9VGpWiFAIx7UtdgMH3SlQ==
date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-api-version: F-X
age: 617107
x-guploader-uploadid: ABg5-UxE2ctUTx8yWykSDXyUHNZO3IP5lsXeLg_oVcRNTkIoNB8yfyn0ElcpVfRjmmrBS2XIURyT7WfRCixp08kRovs
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000
x-origin-time: 2020-09-14 15:46:15 UTC
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Mon, 14 Sep 2020 15:41:54 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1600715482.294349,VS0,VE1
etag: "97d546a56885008c7b52d760307dd295"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~collections~home~liveblog~paidpost~regionCapsule~story~trending~video-3b1db799a6edbfd42568.js
x-goog-generation: 1600098114162429
expires: Tue, 14 Sep 2021 15:46:15 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 19363
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-length: 4615
content-type: application/javascript
x-cache-hits: 15669

GET
H2 200 vendors~audio~capsule~collections~home~liveblog~paidpost~regionCapsule~story~video-087d299ed2641f27b11d.js Show response
www.nytimes.com/vi-assets/static-assets/ 30 KB
7 KB 26ms
25ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~collections~home~liveblog~paidpost~regionCapsule~story~video-087d299ed2641f27b11d.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0d6e549b1d79ac3a47fc6c8112a94961c45f0d4f1e376ce417670703952093f1

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=tcSGpA==, md5=BtkOc583YxdBijghLCDelQ==
date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-api-version: F-X
age: 617107
x-guploader-uploadid: ABg5-Uwnqt6oRyt2FlCE_sw8hnHymlLvbRqojDQ8EPe5yO-14gmH_lT3oP7ShL4kwGCUWiuUk08CcBKEQNKjq4E10N4kfsFhRA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000
x-origin-time: 2020-09-14 15:46:15 UTC
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Mon, 14 Sep 2020 15:41:54 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1600715482.294364,VS0,VE1
etag: "06d90e739f376317418a38212c20de95"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~collections~home~liveblog~paidpost~regionCapsule~story~video-087d299ed2641f27b11d.js
x-goog-generation: 1600098114183112
expires: Tue, 14 Sep 2021 15:46:15 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 30654
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-length: 6118
content-type: application/javascript
x-cache-hits: 15656

GET
H3-Q050 200 swg-button.css
news.google.com/swg/js/v1/ 19 KB
6 KB 30ms
12ms Stylesheet
text/css 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 18:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 2008
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5809
x-xss-protection: 0
expires: Mon, 21 Sep 2020 19:27:54 GMT

GET
H3-Q050 200 serviceiframe
news.google.com/swg/_/ui/v1/ Frame A3E8 0
0 73ms
61ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=444643

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v7cQbnlveSfHPhSBrmLwTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-v7cQbnlveSfHPhSBrmLwTQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=444643
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Response headers

status: 200
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 21 Sep 2020 19:11:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-v7cQbnlveSfHPhSBrmLwTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-v7cQbnlveSfHPhSBrmLwTQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=204=SJfV6kZgynCyrvS8sEz4fNGjySuNQOPAa0Lv9D9OkFfQGX4VIu3mgnCiPe89W_LybXKNCmIrk_jnmoD-WCPo86N18MKU0l58wbOKZLJxOGAGvAW2_t2iVSh8rxQqTJnrhx3D1FXM250MvNXB3pmZjP-t0-5j7H9Kja3JkL6YLEY; expires=Tue, 23-Mar-2021 19:11:22 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 25ms
13ms Other
image/svg+xml 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 18:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
age: 2432
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Mon, 21 Sep 2020 19:20:50 GMT

GET
H3-Q050 200 pubads_impl_2020091501.js Show response
securepubads.g.doubleclick.net/gpt/ 263 KB
93 KB 103ms
69ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ddf938119baaea8aab1fea95405f5a270d92869f8a9fe6f96b2c4e8861a9cf67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 08:49:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94409
x-xss-protection: 0
expires: Mon, 21 Sep 2020 19:11:22 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 112ms
111ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
dd.nytimes.com/ 130 KB
21 KB 43ms
15ms Script
text/javascript 2600:9000:20e8:d600:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:d600:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e5a3fd341f581018d6efd2c065ef5ae731a97dd5db7275b431620757e0329297

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
content-encoding: gzip
etag: "2067c-5aee11c33525f-gzip"
age: 3415
x-cache: Hit from cloudfront
status: 200
content-length: 21134
access-control-allow-origin: *
last-modified: Wed, 09 Sep 2020 13:05:47 GMT
server: Apache
date: Mon, 21 Sep 2020 18:14:27 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 3b9e149724e93026c0277288bbe3906a.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
x-amz-cf-id: FuHSpciBDMlm31yyrY_k1paSim4H-UOQAVSRtC3Tdvw7VA8-6OD3Ew==
expires: Mon, 21 Sep 2020 19:14:27 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
107ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-Q050 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
252 B 71ms
71ms Fetch
application/json 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 6F49 2 KB
1 KB 24ms
23ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-api-version: F-X
age: 506
x-cache: HIT
status: 200
content-length: 1252
x-served-by: cache-hhn4073-HHN
expires: Tue, 15 Sep 2020 19:28:39 GMT
server: Google Frontend
etag: "0K9NDA"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 26ad44b95e63cbd7330d4a040dd60363
cache-control: public, max-age=600
x-datadome-timer: (null),VE231
x-nyt-route: legacy-myaccount
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 13

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 6F49 393 KB
131 KB 24ms
23ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=be4e79f
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2b0645d7e7051d94909fc43ceedfbfbc1ccf152df8fc9edcc001fb3b91beed54

Request headers

Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-api-version: F-X
age: 437
x-cache: HIT
status: 200
content-length: 134188
x-served-by: cache-hhn4073-HHN
expires: Thu, 17 Sep 2020 03:20:23 GMT
server: Google Frontend
etag: "0K9NDA"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 9653b07314c44ead95aa1dc26c1609a7
cache-control: public, max-age=600
x-datadome-timer: (null),VE686
x-nyt-route: legacy-myaccount
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 12

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 24ms
24ms Other 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.123 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors

Response headers

status: 200
cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-0.5.123
access-control-allow-credentials: true
via: 1.1 google 1.1 varnish
accept-ranges: bytes
date: Mon, 21 Sep 2020 19:11:22 GMT
age: 3
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-region: NB
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 98d2edb7e80d3e5a
samizdat-x-instance: 1f3375ab
x-served-by: cache-hhn4067-HHN
x-cache: HIT
x-cache-hits: 2
x-timer: S1600715483.939723,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 25ms
25ms Other 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.123 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors

Response headers

status: 200
cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-0.5.123
access-control-allow-credentials: true
via: 1.1 google 1.1 varnish
accept-ranges: bytes
date: Mon, 21 Sep 2020 19:11:22 GMT
age: 3
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: NL
x-nyt-region: NB
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 9624cf558296bbf3
samizdat-x-instance: 1f3375ab
x-served-by: cache-hhn4067-HHN
x-cache: HIT
x-cache-hits: 3
x-timer: S1600715483.970394,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 529 B
1 KB 249ms
200ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-94d9f506cb739ca62614.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: b7cee077081b51494699e06d245ff5ee8942b4a818dc724e484178bcc5dcb27f

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 529

GET
H2 200 comments-2f2ea30f479e3ebaaebd.js Show response
www.nytimes.com/vi-assets/static-assets/ 54 KB
16 KB 26ms
26ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-2f2ea30f479e3ebaaebd.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

64c94f00a03e73db7685db82babafaad131136f5011c680ac2e6126039f7f80b

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=aT0rgQ==, md5=QzoLMBKcoW8mDy/rvck7EA==
date: Mon, 21 Sep 2020 19:11:22 GMT
content-encoding: gzip
x-api-version: F-X
age: 535064
x-guploader-uploadid: ABg5-UzXUVixzo8Bc_j6RvFo4--1_T-TXxdXHjbFskeixCq2YJpRFW9BuAYEBcLXt7VbMPAnhRiY8CGDk9kts2w3FAibHxR4vw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000
x-origin-time: 2020-09-15 14:33:38 UTC
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
last-modified: Tue, 15 Sep 2020 12:11:32 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1600715483.932368,VS0,VE1
etag: "433a0b30129ca16f260f2febbdc93b10"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/comments-2f2ea30f479e3ebaaebd.js
x-goog-generation: 1600171892653481
expires: Wed, 15 Sep 2021 14:33:38 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 55210
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-length: 15701
content-type: application/javascript
x-cache-hits: 13919

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
615 B 125ms
125ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-94d9f506cb739ca62614.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.123 /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

accept: */*
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
nyt-app-type: project-vi
content-type: application/json

Response headers

x-samizdat-query-sup-code
date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 0
x-cache: MISS
status: 200
samizdat-x-instance: a7347fc4
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 8fed6f07f1e1e95c
content-length: 77
x-served-by: cache-hhn4073-HHN
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: NB
server: samizdat-graphql-0.5.123
x-timer: S1600715483.964760,VS0,VE102
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: NL
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 41 KB
7 KB 182ms
182ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-94d9f506cb739ca62614.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.123 /
Resource Hash: 82f16bf8fed3d0db663cc890568a82f0a193181c820e084a829f4f8fa2055fda

Request headers

accept: */*
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
nyt-app-type: project-vi
content-type: application/json

Response headers

x-samizdat-query-sup-code
date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 0
x-cache: MISS
status: 200
samizdat-x-instance: a73af257
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 7f5d20a9e1783399
x-served-by: cache-hhn4073-HHN
x-nyt-continent: EU
last-modified: Mon, 21 Sep 2020 19:11:23 GMT
server: samizdat-graphql-0.5.123
x-timer: S1600715483.999532,VS0,VE156
x-nyt-region: NB
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: NL
accept-ranges: bytes
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 137ms
116ms Fetch
text/html 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-94d9f506cb739ca62614.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
server: Google Frontend
status: 200
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 3cb6c9cca471219fc8b6507deb1ef9a7
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Mon, 21 Sep 2020 19:11:23 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 629ms
609ms XHR
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&jkcb=1600715482973
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-94d9f506cb739ca62614.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 34d0713c6b4ee10bbc155d1833a1f9f1c0c2183022be64ce1c003e66acdc94bf

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 094057efef74d5f9c135a642850a53b0
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 1028
expires: Mon, 21 Sep 2020 19:11:23 GMT

GET
H2 200 zam5nzz.css
typeface.nyt.com/css/ Frame 1274 5 KB
957 B 30ms
24ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/css/zam5nzz.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 832a2f64ff7e0d83a0db5db389999d738ae413d99787aa211189c6defe4a243f

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=GA/zEg==, md5=aXwh+4+psKpm0UdN+lBnmg==
date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
age: 1023576
x-guploader-uploadid: ABg5-UwwN9N4MgTO4f9Iaz2_hf3WtQVLLpEN_C9pI9bRMV9oIPb35CoBPr748HP1jMXW8XTyLMBu2LhA8HmvnM48Vg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 400
via: 1.1 varnish
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
expires: Thu, 09 Sep 2021 22:51:46 GMT
last-modified: Tue, 08 Oct 2019 20:47:00 GMT
server: UploadServer
x-timer: S1600715483.258412,VS0,VE0
etag: "697c21fb8fa9b0aa66d1474dfa50679a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567620857393
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 400
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: text/css; charset=utf-8
x-cache-hits: 85

GET
H2 200 styles.css
www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/css/ Frame 1274 503 KB
85 KB 26ms
25ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/css/styles.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b580db4c1ef2bc5e677aef306f5cf50156a3a286239ddbc4b07fb4c5cccca0a2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2211455
x-guploader-uploadid: ABg5-UzLAyJRaU8yAJGtX_RkkiJZYAln0U867ZBqpwrJF1WRvZmgOGqVYdPDY095Woe8vzdVsDGsU2fweTqpyZUib-_pKeN25Q
status: 200
x-goog-stored-content-encoding: identity
x-origin-time: 2020-08-27 04:53:48 UTC
x-served-by: cache-hhn4073-HHN
x-timer: S1600715483.254647,VS0,VE1
etag: "cdeb67218f97490e65604aa11f6a7deb"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/nyt5/20190823-143533-mbipe/css/styles.css
content-language: en
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 13
date: Mon, 21 Sep 2020 19:11:23 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
content-length: 86907
last-modified: Fri, 23 Aug 2019 14:35:39 GMT
server: UploadServer
strict-transport-security: max-age=2592000
x-goog-hash: crc32c=i/5WYQ==, md5=zetnIY+XSQ5lYEqhH2p96w==
x-goog-generation: 1566570939115170
expires: Fri, 27 Aug 2021 04:53:48 GMT
x-gdpr: 1
x-goog-stored-content-length: 515219
accept-ranges: bytes
content-type: text/css

GET
H2 200 framework.js Show response
www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/ Frame 1274 63 KB
20 KB 25ms
24ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/framework.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

5752b74c9b7a6df07993aa482826fce9bcce5863c37e5952b5b0f9775946ad21

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 403198
x-guploader-uploadid: ABg5-Ux4EMnVZR7BNX_eaygl0-DNQvj4L6wK-a3RZNhwV44c3JLbghqz-_mnyo_1KApd0OmXp04gq2SjcpQ3fnnzjPI
status: 200
x-goog-stored-content-encoding: identity
x-origin-time: 2020-09-17 03:11:24 UTC
x-served-by: cache-hhn4073-HHN
x-timer: S1600715483.254612,VS0,VE1
etag: "aad3e38441d8f67984cffd00de401138"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/framework.js
content-language: en
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 10
date: Mon, 21 Sep 2020 19:11:23 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
content-length: 19669
last-modified: Fri, 23 Aug 2019 14:36:04 GMT
server: UploadServer
strict-transport-security: max-age=2592000
x-goog-hash: crc32c=DMsUBw==, md5=qtPjhEHY9nmEz/0A3kAROA==
x-goog-generation: 1566570964088819
expires: Fri, 17 Sep 2021 03:11:24 GMT
x-gdpr: 1
x-goog-stored-content-length: 64086
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 artboard-300px.png
int.nyt.com/chartmaker/2020/02/01/20200131-average-amount-of-ransom/5/ Frame 1274 23 KB
24 KB 46ms
39ms Image
image/png 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://int.nyt.com/chartmaker/2020/02/01/20200131-average-amount-of-ransom/5/artboard-300px.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6056fe29f5cd4be1037f4ec1e4f3a22e0aa604ee85329811bfdc84e4ff3e950c

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
via: 1.1 varnish
age: 18919
x-guploader-uploadid: ABg5-Ux6SdUplM53_4NwTFJEPjjvcF--ftZYcJMv-R2tKFKqGJOXgcXVEgIT19vkt9yl_J0IkjRMJvYygIuNccyTW6vBNcX8Hg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
content-length: 23966
x-backend-name: GCS_origin
last-modified: Wed, 05 Feb 2020 18:44:00 GMT
server: UploadServer
etag: "748511db498796ca7171f2df7db94a1d"
x-served-by: cache-hhn4073-HHN
x-goog-hash: crc32c=RwNxxQ==, md5=dIUR20mHlspxcfLffblKHQ==
content-type: image/png
access-control-allow-origin: *
expires: Sat, 19 Sep 2020 09:00:03 GMT
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Range
x-cache-hits: 1

GET
H2 200 artboard-600px.png
int.nyt.com/chartmaker/2020/02/01/20200131-average-amount-of-ransom/5/ Frame 1274 34 KB
34 KB 38ms
38ms Image
image/png 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://int.nyt.com/chartmaker/2020/02/01/20200131-average-amount-of-ransom/5/artboard-600px.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: aecf8fad5b22c1a5b96b8b9790a6defb3a69d741344ed2b5328289a8b841b8c1

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
via: 1.1 varnish
age: 18919
x-guploader-uploadid: ABg5-UyjsYWfYnjM4Y0B2GUS2kD4i_sYGIvUZ3h2WGE2AQ13bfhFs6DYn9nF1tJFibTnZSICTgW_e3i0H2RUuDYAt_o
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
content-length: 34853
x-backend-name: GCS_origin
last-modified: Wed, 05 Feb 2020 18:44:00 GMT
server: UploadServer
etag: "69c20f46258d04fb7fd788e0e1c9e6de"
x-served-by: cache-hhn4073-HHN
x-goog-hash: crc32c=uTyAwg==, md5=acIPRiWNBPt/14jg4cnm3g==
content-type: image/png
access-control-allow-origin: *
expires: Sat, 19 Sep 2020 09:00:03 GMT
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Range
x-cache-hits: 1

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
107ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 / Show response
dd.nytimes.com/js/ 202 B
536 B 90ms
63ms XHR
application/json 2600:9000:20e8:d600:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:d600:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: 811f158db3ede90d6db1e6c77dd7a10e9a04b2657b946b080627f1d1889e7f42

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 21 Sep 2020 19:11:23 GMT
via: 1.1 3b9e149724e93026c0277288bbe3906a.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: TXL52-C1
status: 200
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 202
x-amz-cf-id: sTrUPV8hK7q3Inja5H4DSYaqPwt35ZK_dt_cTjSINrHvLIVyQ2AyqA==
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 37ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
10 KB 196ms
196ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=327973754876099&correlator=4462834955369014&output=ldjh&impl=fif&eid=21067482%2C21067408&vrg=2020091501&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200921&iu_parts=29390238%2Cnyt%2Ctechnology&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1524&cust_params=cookie%3Dunknown%26als_test_clientside%3Dweb_none_none_none_v3-0-29.429411333505152289_20200921191122%26mktg%3Dadv_1%252Cengagement_0%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1600692967824%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26org%3Dcovewareinc%252Cemsisoftltd%252Cunitedstatescoastguard%252Cbarclaysplc%252Ctravelex%26geo%3Dneworleansla%26des%3Dextortionandblackmail%252Ccomputersandtheinternet%252Ccyberattacksandhackers%252Ccyberwarfareanddefense%252Ccomputersecurity%252Cdoctors%26spon%3Dransomware%26auth%3Dnathanielpopper%26coll%3Dusnews%252Ctechnology%252Cbusiness%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dtechnology%26si_section%3Dtechnology%26id%3D100000006939120%26pt%3Dnt1%252Cnt10%252Cnt12%252Cnt14%252Cnt15%252Cnt16%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt13%252Cpt20%26gscat%3Dneg_ibmtest%252Cneg_mastercard%252Cneg_ibm%252Cneg_orep%252Cneg_bp%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cneg_hearts%252Cneg_msft%252Cgv_crime%252Cneg_samsung%252Cgs_business%252Cneg_bofa%252Cneg_capitalone%252Cgs_business_misc%252Cgs_law_misc%252Cgs_tech_computing%252Cgs_law%252Cgs_tech%252Cneg_fidi%252Cgv_download%252Cneg_captialone_p2%252Cgv_death_injury%252Cgs_t%26tt%3D47%252C94%26mt%3DMT10%252CMT3%252CMT7%252CMT8%26abra_dfp%3Ddfp_1p_ver_1_bk%252Cdfp_1p2_0_control%252Cdfp_mwtest_2_vendorb%252Cmkt_dfp_kmb_1_test%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_mt_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_0_control%252Cmkt_dfp_intl_pricing_med_conv_1_50cents%252Cmkt_dfp_ods_2_test%252Csa_referral_dfp_april2020_test_1_yellow_evergreen%26page_view_id%3DCgNkRusePa5sFRcD2Mc0OL75%26sov%3D3%26uap%3Dbrowser%26aid%3DvuRp42B25f3IJqPjZiA2w6%26purr%3Dnpa&cookie_enabled=1&bc=31&abxe=1&lmt=1600692967&dt=1600715483455&dlt=1600715481882&idt=1481&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=76&adks=1108970029&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&dssz=41&icsg=952089340&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250&msz=1600x0&ga_vid=1047880898.1600715483&ga_sid=1600715483&ga_hid=1847352968&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

f0a97ab24ee52b21fbc8eda79280f5d432090786e4f09f9704cc1716ffa2b94e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10404
x-xss-protection: 0
google-lineitem-id: 5459181999
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321633113
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
61a80047208d45658e240248a7e00baf.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
14ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://61a80047208d45658e240248a7e00baf.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 421 B
700 B 65ms
64ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=327973754876099&correlator=4462834955369014&output=ldjh&impl=fif&eid=21067482%2C21067408&vrg=2020091501&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200921&iu_parts=29390238%2Cnyt%2Ctechnology&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1538&cust_params=cookie%3Dfalse%26als_test_clientside%3D1094_server_server_server_server_20200326152254%26mktg%3Dadv_1%252Cengagement_0%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1600692967824%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26org%3Dcovewareinc%252Cemsisoftltd%252Cunitedstatescoastguard%252Cbarclaysplc%252Ctravelex%26geo%3Dneworleansla%26des%3Dextortionandblackmail%252Ccomputersandtheinternet%252Ccyberattacksandhackers%252Ccyberwarfareanddefense%252Ccomputersecurity%252Cdoctors%26spon%3Dransomware%26auth%3Dnathanielpopper%26coll%3Dusnews%252Ctechnology%252Cbusiness%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dtechnology%26si_section%3Dtechnology%26id%3D100000006939120%26pt%3Dnt1%252Cnt10%252Cnt12%252Cnt14%252Cnt15%252Cnt16%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt13%252Cpt20%26gscat%3Dneg_ibmtest%252Cneg_mastercard%252Cneg_ibm%252Cneg_orep%252Cneg_bp%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cneg_hearts%252Cneg_msft%252Cgv_crime%252Cneg_samsung%252Cgs_business%252Cneg_bofa%252Cneg_capitalone%252Cgs_business_misc%252Cgs_law_misc%252Cgs_tech_computing%252Cgs_law%252Cgs_tech%252Cneg_fidi%252Cgv_download%252Cneg_captialone_p2%252Cgv_death_injury%252Cgs_t%26tt%3D47%252C94%26mt%3DMT10%252CMT3%252CMT7%252CMT8%26abra_dfp%3Ddfp_1p_ver_1_bk%252Cdfp_1p2_0_control%252Cdfp_mwtest_2_vendorb%252Cmkt_dfp_kmb_1_test%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_mt_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_0_control%252Cmkt_dfp_intl_pricing_med_conv_1_50cents%252Cmkt_dfp_ods_2_test%252Csa_referral_dfp_april2020_test_1_yellow_evergreen%26page_view_id%3DCgNkRusePa5sFRcD2Mc0OL75%26sov%3D3%26uap%3Dbrowser%26aid%3DvuRp42B25f3IJqPjZiA2w6%26purr%3Dnpa&cookie_enabled=1&bc=31&abxe=1&lmt=1600692967&dt=1600715483468&dlt=1600715481882&idt=1481&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3177245064&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&dssz=41&icsg=952089340&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=150x66&msz=0x0&ga_vid=1047880898.1600715483&ga_sid=1600715483&ga_hid=1847352968&fws=132&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

d7b206ad18b9b78e010df7ce32eb362d8369ec7dbe8616753c15b180cf6fbf59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 425 B
260 B 177ms
176ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=327973754876099&correlator=4462834955369014&output=ldjh&impl=fif&eid=21067482%2C21067408&vrg=2020091501&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200921&iu_parts=29390238%2Cnyt%2Ctechnology&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C640x480&prev_scp=div%3Dinterstitial%26pos%3Dinterstitial%26request_time%3D1541&cust_params=cookie%3Dfalse%26als_test_clientside%3D1094_server_server_server_server_20200326152254%26mktg%3Dadv_1%252Cengagement_0%252Ctype_anon%252Cckgf%252Cdiggf%252Cfrmckf%252Cfrmcoref%252Cfrmeduf%252Cfrmhdf%252Cfrmxwf%252Cgatef%252Cgifteef%252Cgifterf%252Coptf%252Cxwgf%252Clogf%26sub%3Danon%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1600692967824%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26org%3Dcovewareinc%252Cemsisoftltd%252Cunitedstatescoastguard%252Cbarclaysplc%252Ctravelex%26geo%3Dneworleansla%26des%3Dextortionandblackmail%252Ccomputersandtheinternet%252Ccyberattacksandhackers%252Ccyberwarfareanddefense%252Ccomputersecurity%252Cdoctors%26spon%3Dransomware%26auth%3Dnathanielpopper%26coll%3Dusnews%252Ctechnology%252Cbusiness%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dtechnology%26si_section%3Dtechnology%26id%3D100000006939120%26pt%3Dnt1%252Cnt10%252Cnt12%252Cnt14%252Cnt15%252Cnt16%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt4%252Cnt6%252Cnt8%252Cnt9%252Cpt13%252Cpt20%26gscat%3Dneg_ibmtest%252Cneg_mastercard%252Cneg_ibm%252Cneg_orep%252Cneg_bp%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cneg_hearts%252Cneg_msft%252Cgv_crime%252Cneg_samsung%252Cgs_business%252Cneg_bofa%252Cneg_capitalone%252Cgs_business_misc%252Cgs_law_misc%252Cgs_tech_computing%252Cgs_law%252Cgs_tech%252Cneg_fidi%252Cgv_download%252Cneg_captialone_p2%252Cgv_death_injury%252Cgs_t%26tt%3D47%252C94%26mt%3DMT10%252CMT3%252CMT7%252CMT8%26abra_dfp%3Ddfp_1p_ver_1_bk%252Cdfp_1p2_0_control%252Cdfp_mwtest_2_vendorb%252Cmkt_dfp_kmb_1_test%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_mt_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_0_control%252Cmkt_dfp_intl_pricing_med_conv_1_50cents%252Cmkt_dfp_ods_2_test%252Csa_referral_dfp_april2020_test_1_yellow_evergreen%26page_view_id%3DCgNkRusePa5sFRcD2Mc0OL75%26sov%3D3%26uap%3Dbrowser%26aid%3DvuRp42B25f3IJqPjZiA2w6%26purr%3Dnpa&cookie_enabled=1&bc=31&abxe=1&lmt=1600692967&dt=1600715483474&dlt=1600715481882&idt=1481&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4185995441&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&dssz=41&icsg=952089340&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1047880898.1600715483&ga_sid=1600715483&ga_hid=1847352968&fws=644&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

dcbff16c9dc1fa0bc6890e228f6f2d4efdce8e0b70caaa15077362e86c544901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 27 KB
5 KB 298ms
296ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=1&mr=0&ma=1&counted=true&granted=true&us=anon&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-94d9f506cb739ca62614.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5afb5f9c71146040a0c7c8cb8b3562cef127ba041c5035a1631206fd680557d2

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
age: 0, 0
x-cache: MISS
status: 200
x-served-by: cache-hhn4073-HHN
access-control-allow-origin: https://www.nytimes.com
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_anon_INTL","dock":"MAG_web_anon_new-journey-rollout","inlineUnit":"MAG_web_anon_INTL","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1600715484.546424,VS0,VE256
vary: x-nyt-user-status, x-nyt-cmots-purr-ad-conf, x-nyt-country, x-nyt-continent, x-nyt-device, x-nyt-ipsegments-edu-b2b, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 44308686cd97b0bc1521ca4e1fae4433
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm
accept-ranges: bytes, bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
105ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1274 52 KB
18 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a70eb2f663da5905450d1d7a5f64a884a9bfe1e45ae2f5027b671cc75d5478f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "640 / 94 of 1000 / last-modified: 1600686926"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17782
x-xss-protection: 0
expires: Mon, 21 Sep 2020 19:11:23 GMT

GET
H2 200 zam5nzz.js Show response
typeface.nyt.com/ Frame 1274 506 B
889 B 32ms
31ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/zam5nzz.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/framework.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e5c84cddb3c2f45a67e1854845b794d3f073fe24a83b3fdbc603a55c63f31b23

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=qyavyA==, md5=RF/z/lzkARNMX924CAHa6A==
date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
age: 411855
x-guploader-uploadid: ABg5-Uyz3J_cWrYjRlHCbSnXgjV0QDOLUST7sw6zFD3kJZLq1l68OBQ_wpdSJjuPzezhMrEr8slbg7mbzAk34Q0L5EY
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 290
via: 1.1 varnish
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
expires: Fri, 17 Sep 2021 00:47:08 GMT
last-modified: Tue, 08 Oct 2019 20:47:01 GMT
server: UploadServer
x-timer: S1600715484.637979,VS0,VE0
etag: "445ff3fe5ce401134c5fddb80801dae8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567621500320
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 506
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: application/javascript
x-cache-hits: 70

GET
H2 200 nyt-cheltenham-400-normal.woff
typeface.nyt.com/fonts/ Frame 1274 30 KB
31 KB 45ms
43ms Font
font/woff 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-cheltenham-400-normal.woff
Requested by: Host: typeface.nyt.com
URL: https://typeface.nyt.com/css/zam5nzz.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2f0b1be2f6f4f7fe08b35f788cdc7fc96dbb2e381966783faac2250f39de0531

Request headers

Origin: https://www.nytimes.com
Referer: https://typeface.nyt.com/css/zam5nzz.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=v73sdg==, md5=XWRCccJdoHUNzvvn3PvevA==
date: Mon, 21 Sep 2020 19:11:23 GMT
via: 1.1 varnish
age: 5249936
x-guploader-uploadid: AAANsUnAqp8DaIFlDreqjD8-5GkZR-OXTP3bi6hDfwN4N9Px-biyJq6pkunp_WxTzbgjwGE8c_V590impEROb4_jpd_cAuNs3A
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 31172
x-served-by: cache-hhn4067-HHN
accept-ranges: bytes
expires: Fri, 23 Jul 2021 00:52:27 GMT
last-modified: Tue, 08 Oct 2019 20:47:00 GMT
server: UploadServer
x-timer: S1600715484.626574,VS0,VE0
etag: "5d644271c25da0750dcefbe7dcfbdebc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1570567620942592
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 31172
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 151

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame 1274 29 KB
29 KB 42ms
41ms Font
font/woff 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by: Host: typeface.nyt.com
URL: https://typeface.nyt.com/css/zam5nzz.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Request headers

Origin: https://www.nytimes.com
Referer: https://typeface.nyt.com/css/zam5nzz.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Mon, 21 Sep 2020 19:11:23 GMT
via: 1.1 varnish
age: 7674197
x-guploader-uploadid: AEnB2UrOWS1A3H3qyXURrGP_YBdOI7-WWh2YMph_a6KXI_7QA3kw3t65ACtBQ7d7ocpyUf7QDNKeccuHTeR4DIU3VhIBj8nL6Q
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-hhn4067-HHN
accept-ranges: bytes
expires: Wed, 24 Jun 2020 23:28:03 GMT
last-modified: Mon, 04 Mar 2019 22:54:23 GMT
server: UploadServer
x-timer: S1600715484.658238,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1551740063832137
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 5695

GET
H2 200 main.js Show response
www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/foundation/ Frame 1274 202 KB
67 KB 34ms
34ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/foundation/main.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/framework.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f0dacecf521686b408f373cb8bf979238e5d6442c3702117356bbedde8083577

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1623538
x-guploader-uploadid: ABg5-UwC_m31tIjXYw8eANtuSWRKPScK32bMfH0bI7k5zVBD2s1Xzz6Z1rSS9TXQulD0dpvUtHjFfn7K6cbTVM5yIv4
status: 200
x-goog-stored-content-encoding: identity
x-origin-time: 2020-09-03 00:12:26 UTC
x-served-by: cache-hhn4073-HHN
x-timer: S1600715484.672967,VS0,VE1
etag: "4f9c294c66b670ba0e9df573b66556d4"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/foundation/main.js
content-language: en
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 10
date: Mon, 21 Sep 2020 19:11:23 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
content-length: 67693
last-modified: Fri, 23 Aug 2019 14:36:09 GMT
server: UploadServer
strict-transport-security: max-age=2592000
x-goog-hash: crc32c=EnIMPg==, md5=T5wpTGa2cLoOnfVztmVW1A==
x-goog-generation: 1566570969708087
expires: Fri, 03 Sep 2021 00:12:25 GMT
x-gdpr: 1
x-goog-stored-content-length: 207072
accept-ranges: bytes
content-type: application/javascript

GET
H3-Q050 200 pubads_impl_2020091401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1274 263 KB
92 KB 66ms
66ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

a31af8dd93da9254a48f970f5f9cf69615994c63467d790f08e8a3402c1aac61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94260
x-xss-protection: 0
expires: Mon, 21 Sep 2020 19:11:23 GMT

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8CDA 0
0 26ms
12ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 21 Sep 2020 19:01:48 GMT
expires: Tue, 21 Sep 2021 19:01:48 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 575
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 63ms
48ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aab305617162a2abd2300d0b9364f62cd3687d6fa5a8f8b854b76903d006b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600429198305210"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27591
x-xss-protection: 0
expires: Mon, 21 Sep 2020 19:11:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6943
date: Mon, 21 Sep 2020 17:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Mon, 21 Sep 2020 19:15:40 GMT

GET
H3-Q050

200

activityi;dc_pre=CLLjtO75-usCFdTPuwgdyCMPGw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8437148715628;gtm=2wg990;auiddc=1016423248.1600715484;u4=;u5=undefined;u6=undefined;u7=vuRp42B25f3IJqPjZiA2w...
5290727.fls.doubleclick.net/ Frame 1FC0
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8437148715628;gtm=2wg990;auiddc=1016423248.1600715484;u4=;u5=undefined;u6=undefined;u7=vuRp42B25f3IJqPjZiA...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CLLjtO75-usCFdTPuwgdyCMPGw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8437148715628;gtm=2wg990;auiddc=1016423248.1600715484;u4=;u5=undefined;u...

0
0

82ms
51ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CLLjtO75-usCFdTPuwgdyCMPGw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8437148715628;gtm=2wg990;auiddc=1016423248.1600715484;u4=;u5=undefined;u6=undefined;u7=vuRp42B25f3IJqPjZiA2w6;u8=;u10=;u11=1;u12=100000006939120;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLLjtO75-usCFdTPuwgdyCMPGw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8437148715628;gtm=2wg990;auiddc=1016423248.1600715484;u4=;u5=undefined;u6=undefined;u7=vuRp42B25f3IJqPjZiA2w6;u8=;u10=;u11=1;u12=100000006939120;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 21 Sep 2020 19:11:23 GMT
expires: Mon, 21 Sep 2020 19:11:23 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 450
x-xss-protection: 0
set-cookie: IDE=AHWqTUmXZud1Xkc4TdWt4L83Ht8YlqPxqP5pIycOh_GnpB1wROq1e1ty4gVxPx9B; expires=Sat, 16-Oct-2021 19:11:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Mon, 21 Sep 2020 19:11:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CLLjtO75-usCFdTPuwgdyCMPGw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8437148715628;gtm=2wg990;auiddc=1016423248.1600715484;u4=;u5=undefined;u6=undefined;u7=vuRp42B25f3IJqPjZiA2w6;u8=;u10=;u11=1;u12=100000006939120;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 45ms
14ms Script
application/x-javascript 2600:9000:20e8:f800:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:f800:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 17:49:22 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 01:13:41 GMT
server: nginx
age: 4921
etag: W/"5ea23d45-8e68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: Qn_YBYfGonJPboDvNy4Uz7QUbm761N38YpcH7aRj8g9vuKE2qnN6XA==
via: 1.1 9d11c99c18949c4780bf1400ceca8369.cloudfront.net (CloudFront)
expires: Mon, 21 Sep 2020 19:49:22 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
594 B 28ms
25ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Mon, 21 Sep 2020 19:11:23 GMT
content-encoding: gzip
age: 57642
x-guploader-uploadid: ABg5-UyPxzm5zd-flA4YI6jD94p94jKju58TxyggGAC9u8J9uN3eDzxQnwh3vTgb8b03GXBL_efSlrkY3g8QE8DDZw
x-cache: HIT
x-goog-storage-class: REGIONAL
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-hhn4073-HHN
accept-ranges: bytes
expires: Fri, 18 Sep 2020 03:10:34 GMT
last-modified: Thu, 27 Aug 2020 19:39:32 GMT
server: UploadServer
x-timer: S1600715484.778016,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1598557172998247
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
content-type: application/javascript
x-cache-hits: 2125

POST
H2 200 track
a.et.nytimes.com/ 0
0 113ms
112ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
396 B 43ms
15ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1847352968&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&dr=&ul=en-us&de=UTF-8&dt=Ransomware%20Attacks%20Grow%2C%20Crippling%20Cities%20and%20Businesses%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1512293542&gjid=888613283&cid=1047880898.1600715483&tid=UA-58630905-2&_gid=901968990.1600715484&_r=1&gtm=2wg990P528B3&cg1=technology&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&cd3=&cd4=Technology&cd9=9&cd10=null&cd13=null&cd14=business_desk&cd15=earned&cd16=referring_links&cd17=100000006939120&cd18=NATHANIEL%20POPPER&cd19=Ransomware%20Attacks%20Grow%2C%20Crippling%20Cities%20and%20Businesses&cd20=&cd21=Article&cd23=Technology&cd26=2020&cd27=2020-02-09-17&cd28=Sunday&cd29=17&cd30=1589896728000&cd32=U.S.%20News%2CTechnology%2CBusiness&cd33=SECTION&cd34=NEWS&cd36=09ransomware&cd37=1312&cd38=Business&cd42=nyt-vi&cd43=Extortion%20and%20Blackmail%2CComputers%20and%20the%20Internet%2CCyberattacks%20and%20Hackers%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CDoctors&cd44=Coveware%20Inc%2CEmsisoft%20Ltd%2CUnited%20States%20Coast%20Guard%2CBarclays%20PLC%2CTravelex&cd46=New%20Orleans%20(La)&cd48=February&cd49=long_1200_1600&cd51=nyt-vi&cd52=&cd53=Business&cd54=business_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=vuRp42B25f3IJqPjZiA2w6&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=vuRp42B25f3IJqPjZiA2w6&z=1620274082

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 21 Sep 2020 19:11:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userinfo-v3.jsonp Show response
www.nytimes.com/svc/web-products/ Frame 1274 172 B
755 B 29ms
25ms XHR
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/svc/web-products/userinfo-v3.jsonp?callback=userInfoCallback&cookie=&_=1600715483777

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/foundation/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

198dd0cb6b18cbb9165c36098ff9e6c43b1969078beee32899b57306a48134cb

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:23 GMT
x-api-version: F-X
x-cache: HIT
status: 200
content-length: 172
x-served-by: cache-hhn4073-HHN
server: Varnish
strict-transport-security: max-age=2592000
onion-location: https://www.nytimes3xbfgragh.onion/svc/web-products/userinfo-v3.jsonp?callback=userInfoCallback&cookie=&_=1600715483777
content-type: application/javascript
x-gdpr: 1
x-nyt-route: service
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
accept-ranges: bytes
retry-after: 0
x-cache-hits: 0

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame 1274 29 KB
29 KB 25ms
25ms Font
font/woff 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by: Host: typeface.nyt.com
URL: https://typeface.nyt.com/css/zam5nzz.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Request headers

Origin: https://www.nytimes.com
Referer: https://typeface.nyt.com/css/zam5nzz.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Mon, 21 Sep 2020 19:11:23 GMT
via: 1.1 varnish
age: 7674198
x-guploader-uploadid: AEnB2UqBI1h_fayqElwwPN37eDAY6jwBH6vQTpt6U5cTn6qTVPungt384_Q4Imk4HqNkQufJKSx9QIWId6Lyc478kZA-WRmEUA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-hhn4067-HHN
accept-ranges: bytes
expires: Wed, 24 Jun 2020 23:28:03 GMT
last-modified: Mon, 04 Mar 2019 22:54:23 GMT
server: UploadServer
x-timer: S1600715484.832902,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1551740063855820
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
content-type: font/woff
x-cache-hits: 551

GET
H2 200 app-communicator.js Show response
www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/shared/interactive/instances/ Frame 1274 402 B
926 B 29ms
28ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/shared/interactive/instances/app-communicator.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/framework.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a621a8c657ece1b996253e8fd497225524dee709afcd4039a4cc0cd6fae5065f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 1626275
x-guploader-uploadid: ABg5-UwfNVosUk1z0b2KfuhA_VAH8yj8F-wMq7P1I0yz5NrvcGYzWPEDqYYu2MEHJaRgKfjpvBYnZc9MVf5c0tJe5h8
status: 200
x-goog-stored-content-encoding: identity
x-origin-time: 2020-09-02 23:26:48 UTC
x-served-by: cache-hhn4073-HHN
x-timer: S1600715484.885056,VS0,VE1
etag: "45fac5031094739d2b6a6029d80bade4"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/shared/interactive/instances/app-communicator.js
content-language: en
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 1
date: Mon, 21 Sep 2020 19:11:23 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
content-length: 241
last-modified: Fri, 23 Aug 2019 14:37:08 GMT
server: UploadServer
strict-transport-security: max-age=2592000
x-goog-hash: crc32c=lucMDw==, md5=RfrFAxCUc50ramAp2Aut5A==
x-goog-generation: 1566571028380537
expires: Thu, 02 Sep 2021 23:26:48 GMT
x-gdpr: 1
x-goog-stored-content-length: 402
accept-ranges: bytes
content-type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-58630905-2&cid=1047880898.1600715483&jid=1512293542&gjid=888613283&_gid=901968990.1600715484&_u=YAhAAEAAAAAAAC~&z=1668352539

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 21 Sep 2020 19:11:23 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
168 B 313ms
106ms Image
image/gif 54.205.171.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&u=kqApWCK6j6iCCIPeu&d=nytimes.com&g=16698&g0=technology%2Cbusiness_desk&g1=NATHANIEL%20POPPER&n=1&f=00001&c=0&x=0&m=0&y=9851&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2104&t=Cz-omNCaikDiBmTRj6D4jxQfdhYuI&V=120&i=Ransomware%20Attacks%20Grow%2C%20Crippling%20Cities%20and%20Businesses&tz=-120&_acct=anon&sn=1&sv=iqW0kCiK9hnCiti3uCMNlAJrOCF&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.171.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-171-136.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 21 Sep 2020 19:11:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 45ms
44ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-58630905-2&cid=1047880898.1600715483&jid=1512293542&_u=YAhAAEAAAAAAAC~&z=1072067280

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Sep 2020 19:11:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-58630905-2&cid=1047880898.1600715483&jid=1512293542&_u=YAhAAEAAAAAAAC~&z=1072067280

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Sep 2020 19:11:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 107ms
106ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
121 B 7ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1847352968&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&dr=&ul=en-us&de=UTF-8&dt=Ransomware%20Attacks%20Grow%2C%20Crippling%20Cities%20and%20Businesses%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dock&ea=impression&el=gdpr&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1047880898.1600715483&tid=UA-58630905-2&_gid=901968990.1600715484&gtm=2wg990P528B3&cg1=technology&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2020%2F02%2F09%2Ftechnology%2Fransomware-attacks.html&cd3=&cd4=Technology&cd9=9&cd10=null&cd13=null&cd14=business_desk&cd15=earned&cd16=referring_links&cd17=100000006939120&cd18=Nathaniel%20Popper&cd19=Ransomware%20Attacks%20Grow%2C%20Crippling%20Cities%20and%20Businesses&cd20=&cd21=Article&cd23=Technology&cd26=2020&cd27=2020-02-09-17&cd28=Sunday&cd29=17&cd30=2020-05-19T13%3A58%3A46.651Z&cd32=U.S.%20News%2CTechnology%2CBusiness&cd33=SECTION&cd34=NEWS&cd36=09ransomware&cd37=1312&cd38=Business&cd42=nyt-vi&cd43=Extortion%20and%20Blackmail%2CComputers%20and%20the%20Internet%2CCyberattacks%20and%20Hackers%2CCyberwarfare%20and%20Defense%2CComputer%20Security%2CDoctors&cd44=Coveware%20Inc%2CEmsisoft%20Ltd%2CUnited%20States%20Coast%20Guard%2CBarclays%20PLC%2CTravelex&cd46=New%20Orleans%20(La)&cd48=February&cd49=long_1200_1600&cd51=nyt-vi&cd52=&cd53=Business&cd54=business_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=vuRp42B25f3IJqPjZiA2w6&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=vuRp42B25f3IJqPjZiA2w6&z=1568548667

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Sep 2020 14:28:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16946
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app-communicator.js Show response
www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/shared/interactive/views/ Frame 1274 2 KB
2 KB 30ms
30ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/shared/interactive/views/app-communicator.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/framework.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60675b2b49ea4ed863068d60cf1a1b2fc8d50ce16189eb4e6cd093635afaa430

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=2592000

Request headers

Referer: https://www.nytimes.com/interactive/2020/admin/100000006953200.embedded.html?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2838093
x-guploader-uploadid: AAANsUkxCCh5z0paGPQ2B6T_dyfnn7kL2x1PIg7TnyEfB8FU1t0H77tniYip74upusBGV09sUMkbkRnGAx67daIk8WQ883uAKQ
status: 200
x-goog-stored-content-encoding: identity
x-origin-time: 2020-08-19 22:49:50 UTC
x-served-by: cache-hhn4073-HHN
x-timer: S1600715484.079363,VS0,VE1
etag: "bfeaf0c46f1abaeddaf2a6040cc50d29"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/nyt5/20190823-143533-mbipe/js/shared/interactive/views/app-communicator.js
content-language: en
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-cache-hits: 1
date: Mon, 21 Sep 2020 19:11:24 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
content-length: 844
last-modified: Fri, 23 Aug 2019 14:37:08 GMT
server: UploadServer
strict-transport-security: max-age=2592000
x-goog-hash: crc32c=Mcnc/w==, md5=v+rwxG8auu3a8qYEDMUNKQ==
x-goog-generation: 1566571028631461
expires: Thu, 19 Aug 2021 22:49:50 GMT
x-gdpr: 1
x-goog-stored-content-length: 2149
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
23ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

259f312a69eec02df40d26426173d71551543329a4bf502a4de2e4d6711babef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Sep 2020 19:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6345
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 42ms
16ms Script
application/javascript 2606:4700:3036::6812:206c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fe66a0050fd96a8b2ac2db02209f204697f93f2d7b386eaf1ef1603e4873993

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 437
status: 200
x-amz-request-id: 0ECB11D8379892A9
x-amz-id-2: q2Wxt4XyCke3xMsBEUFEfWgJBAQF3lrZF/bCaGJgQJgfzghf+eAYx2uhstYLFSCUf9EWFBfi9TQ=
last-modified: Thu, 03 Sep 2020 15:50:55 GMT
server: cloudflare
etag: W/"a4d657c0570694f023af0b02a4e34cb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
cf-request-id: 0553ad0457000005ccedaa8200000001
cf-ray: 5d6617808ba205cc-FRA

GET
H2 200 sdk-prod-b16dcb2bb4dab73b2803.js Show response
platform.iteratehq.com/ 866 KB
235 KB 36ms
35ms Script
application/javascript 2606:4700:3036::6812:206c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-b16dcb2bb4dab73b2803.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf9c5ecaddf912fdd004d89ffc55999f25e3e55415ce6bdfb03dd674e3225da1

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 1566714
status: 200
x-amz-request-id: 69389E153E08DFE5
x-amz-id-2: yzHtGv4amc4EkoZEsur3UdK+Lh+gru0ftHHi7yXwaoWZlNHFpH0PnFwE9Cu4pSaGxFOyjXvKgvA=
last-modified: Thu, 03 Sep 2020 15:50:51 GMT
server: cloudflare
etag: W/"67abc67b81250e05cef45e761629218f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
cf-request-id: 0553ad046a000005ccedaae200000001
cf-ray: 5d661780ac0205cc-FRA

GET
H2 200 style-a2ee416f5a50b5fbecb2.css
platform.iteratehq.com/ 145 KB
11 KB 13ms
12ms Stylesheet
text/css 2606:4700:3036::6812:206c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-a2ee416f5a50b5fbecb2.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 716944a6a61521f63d67a670e7f8a92a852c2257d72476b7f4eec37c2591d477

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 8465890
status: 200
x-amz-request-id: EBFC7F33041F1482
x-amz-id-2: lQ1WXthB88ZwUMteQaRfUVqgXrspX/bDN37ioEXOGrRM2eonK/HKazseI/V9f9hnH8lz3IAYxWE=
last-modified: Mon, 15 Jun 2020 19:32:42 GMT
server: cloudflare
etag: W/"e0666b4c1c33e24398a8e3088a82b257"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-request-id: 0553ad046a000005ccedaaf200000001
cf-ray: 5d661780ac0405cc-FRA

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 19:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 21 Sep 2020 19:11:24 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5EE1 0
0 8ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 21 Sep 2020 17:47:53 GMT
expires: Tue, 21 Sep 2021 17:47:53 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5011
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 158ms
135ms Other 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Mon, 21 Sep 2020 19:11:24 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
cf-request-id: 0553ad0505000005bb8da21200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d661781a84905bb-FRA

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 259 B
556 B 249ms
248ms Fetch
application/json 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-b16dcb2bb4dab73b2803.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e99e8e9ddb5f5ff840a3c372d0ac0dd18792e9fde19e417f3e58ce34c5602f4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Mon, 21 Sep 2020 19:11:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 5d6617827b0405bb-FRA
cf-request-id: 0553ad058d000005bb8da3a200000001

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
24 B 41ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020091501&jk=327973754876099&bg=!LyylLDRYEfDoYVWToCYCAAAAQ1IAAAAQCgIbF93IDbXcmT45iFt3h77PvpPLr3a7G-bJYTUGkIicMJxtUwhRuyw7RZmJxpYgXo1ZVw5dimmru8vVodLfcukBR7Q_p4KEv2HIvzvCZQaahMSpwBneoVxai8rRqaH3Dv42jbv6m3n9bhYou45gFBjWhIsl985gYnF-MFH-8c3vD9V6D3wXVwy-VWfGGEhW7yID_sFKsDenQBo5j0Ul4lTrvCxGSwfugRORSAJX9ksXQh7eA9PZEMWOoun3ZEPJklm4FBWH7dSh_J-_j1QMm6Dm1S_Tej7mKkaa9tLbBrS5iyQkc9cE0GPBXoyqsFzXi7HUidjTzGV0-cHFBcuCeTdv3O-QwyJXfCvXE0J8XDDCJ2c_-N8OapYsIhOJE90lyaRHDX0lWRMz741Lw7xEDfkW0JzzpCTnUt1NSkw_r_nvhXNG60rN6An6R7SbIsFF8sMlbZ0wS_rJpxlA38tSXvOOrI_XiU9NFM8N_Dx9STOComMpvVY1HzlcbsBQKGTIJTXSl2Vd3aPgzWkLC7XVFjq6lE7kzamjYUU4YBN0edivHzxpLF_8yYdCJ-87lpIST1coTU8c2o35Bd-RvuYr08IbZKK70ySaXD9GNEogngpG7cyDc5lpntRXRfeiqCkLaGghlbTjwoJ-x6n8e17TWiESGGTsoqWLvpHC4lvaiPL37qQpSp6rY2gWMkRRqiX338dajJjr32-0oH9WAXKZAajzAMVMEzPOuM4c9tWC5-Qdhkop_IXBDje84n-Sd83nQGPhYu-OyG0J3afC5VmEvfdwFr07V4WhHbJJWqgg5xYlXpTyJPiS7bjPSK0AOgYbit_rw3IHD_NPwlLROsn27K4-_eoWWTamfffIKspurctRvOik47twI4i77TeowiWc70U6tqBTafG-ir0HQ2MQ4C2vG1hpQSlJM-7e_FG7kTSZX-waaY9BDcmB4SWvYDan3NOb09WdOYZ00bO1rzE1egrVySiweE3jBLTwnsiVXnRXBWLhml5vEGiXeqL7xS2wtfR4NHx6eEc0bUZTA5cERnWo56HI9MvwbEWdcLpf0j2V2HV-85lLVNdHmj4b3-htiNr_YqDATrhKHcUa4r-926R1vhrAcJxS5WS3rLrzBmQDhzO0lCmYM2VNEKGZvK-IK_Q2uPKJQdmwtpCxk4bl5035Bz3kEdLtZbkyeHJoBk_ZeLXFSIfPuQS84Lou3FN7IKzyTNcJmM3BTnRwVAkDHiY76X0Z4DU4tr3gphUvnPxrkG3aSf4wAzy3NdqgUQRa0VPA3edNu2zw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Sep 2020 19:11:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 115ms
114ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
110ms Other
application/json 2a00:1450:4001:801::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/2020/02/09/technology/ransomware-attacks.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.nytimes.com/	1970-01-19 22:07:23	Name: _cb Value: kqApWCK6j6iCCIPeu
www.nytimes.com/	1970-01-19 22:07:23	Name: _cb_ls Value: 1
.google.com/	1970-01-19 17:02:06	Name: NID Value: 204=SJfV6kZgynCyrvS8sEz4fNGjySuNQOPAa0Lv9D9OkFfQGX4VIu3mgnCiPe89W_LybXKNCmIrk_jnmoD-WCPo86N18MKU0l58wbOKZLJxOGAGvAW2_t2iVSh8rxQqTJnrhx3D1FXM250MvNXB3pmZjP-t0-5j7H9Kja3JkL6YLEY
.nytimes.com/	1970-01-19 12:38:35	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-19 12:40:01	Name: walley_gid Value: GA1.2.901968990.1600715484
.nytimes.com/	1970-01-19 14:48:11	Name: _gcl_au Value: 1.1.1016423248.1600715484
.nytimes.com/	1970-01-19 12:38:52	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
www.nytimes.com/	1970-01-19 12:38:37	Name: _cb_svref Value: null
.nytimes.com/	1970-01-19 12:38:52	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
www.nytimes.com/	1970-01-19 22:07:23	Name: _chartbeat2 Value: .1600715483885.1600715483885.1.iqW0kCiK9hnCiti3uCMNlAJrOCF.1
.nytimes.com/	1970-01-20 06:09:47	Name: __gads Value: ID=91cac867adb34043-22ff9c23e0b8000e:T=1600715483:S=ALNI_MbIZIWe-AkxIs3Uv48IJYjxIhO8Rg
.nytimes.com/	1970-01-19 21:24:11	Name: nyt-jkidd Value: uid=0&lastRequest=1600715483529&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.doubleclick.net/	1970-01-19 22:00:11	Name: IDE Value: AHWqTUmXZud1Xkc4TdWt4L83Ht8YlqPxqP5pIycOh_GnpB1wROq1e1ty4gVxPx9B
.nytimes.com/	1970-01-20 06:09:47	Name: walley Value: GA1.2.1047880898.1600715483
.nytimes.com/	1970-01-19 22:08:05	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-19 21:24:11	Name: datadome Value: LhI.TU2vyWePuFpvlBBzuxY8w8bjif69lGlYBdSzIQYE8jUWkTzDDXG7gnWoW1r3Z-AiQ1CZaUWEdAymQKc0ia2t48Rg_2OO6ZYW~fwzGK
.nytimes.com/	1970-01-21 08:28:01	Name: nyt-m Value: 63E46CA7224304F306377D01EA88A7B5&vp=i.0&ica=i.0&igf=i.0&iir=i.0&igd=i.0&uuid=s.2abe1c4a-dafb-4064-b510-8a7f0a1485c1&n=i.2&er=i.1600715483&fv=i.0&imu=i.1&s=s.core&l=l.1.250877349&v=i.1&rc=i.0&ft=i.0&prt=i.0&pr=l.4.0.0.0.0&iue=i.0&iub=i.0&vr=l.4.0.0.0.0&iga=i.0&g=i.0&cav=i.1&ird=i.0&ira=i.0&igu=i.1&ifv=i.0&iru=i.0&e=i.1601539200&t=i.1&ier=i.0&imv=i.1
.nytimes.com/	1970-01-19 12:38:57	Name: nyt-geo Value: NL
.nytimes.com/	1970-01-19 21:24:11	Name: nyt-a Value: vuRp42B25f3IJqPjZiA2w6
.nytimes.com/	1970-01-19 12:38:57	Name: nyt-us Value: 0
.nytimes.com/	1970-01-19 21:24:11	Name: nyt-purr Value: cfhspnahhu
.nytimes.com/	1970-01-19 12:38:57	Name: nyt-gdpr Value: 1

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-94d9f506cb739ca62614.js(Line 27) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 33) Message: Subscriptions Runtime: 0.1.22.120
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'defineSizeMapping' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091501.js?21067482(Line 6) Message: Invalid GPT fixed size specification: []
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-94d9f506cb739ca62614.js(Line 45) Message: Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
61a80047208d45658e240248a7e00baf.safeframe.googlesyndication.com
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.nl
als-svc.nytimes.com
dd.nytimes.com
g1.nyt.com
int.nyt.com
iteratehq.com
meter-svc.nytimes.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
nytimes.com
pagead2.googlesyndication.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
stats.g.doubleclick.net
tpc.googlesyndication.com
typeface.nyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
151.101.113.164
151.101.65.164
172.217.22.2
216.58.208.38
2600:9000:20e8:d600:a:a8c5:a040:93a1
2600:9000:20e8:f800:18:1fcd:34e:d2a1
2606:4700:3032::ac43:c7c7
2606:4700:3036::6812:206c
2a00:1450:4001:801::2001
2a00:1450:4001:801::2013
2a00:1450:4001:802::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2008
2a00:1450:4001:820::2002
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:400c:c07::9c
35.241.35.241
35.244.188.62
54.205.171.136
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0622ed95f00032fbeb932c02e83976d425c0e4fe4027f0fe9f3c5a683271112a
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0d6e549b1d79ac3a47fc6c8112a94961c45f0d4f1e376ce417670703952093f1
0ef11822bbe24ff62f68d2688325161581590e71ceba047f6f8a6671c99b6cf4
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
198dd0cb6b18cbb9165c36098ff9e6c43b1969078beee32899b57306a48134cb
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
259f312a69eec02df40d26426173d71551543329a4bf502a4de2e4d6711babef
27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd
2b0645d7e7051d94909fc43ceedfbfbc1ccf152df8fc9edcc001fb3b91beed54
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2f0b1be2f6f4f7fe08b35f788cdc7fc96dbb2e381966783faac2250f39de0531
34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93
34d0713c6b4ee10bbc155d1833a1f9f1c0c2183022be64ce1c003e66acdc94bf
372e5f5086fcd14119da21990508d4fa4da3d860309d9b49cb7ecd41457ef46a
3aab305617162a2abd2300d0b9364f62cd3687d6fa5a8f8b854b76903d006b25
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
4389ef21f84327e681cb7fef5241979495e53c8734c6112e1d5650b871b5eace
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
5752b74c9b7a6df07993aa482826fce9bcce5863c37e5952b5b0f9775946ad21
5afb5f9c71146040a0c7c8cb8b3562cef127ba041c5035a1631206fd680557d2
6056fe29f5cd4be1037f4ec1e4f3a22e0aa604ee85329811bfdc84e4ff3e950c
60675b2b49ea4ed863068d60cf1a1b2fc8d50ce16189eb4e6cd093635afaa430
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
64c94f00a03e73db7685db82babafaad131136f5011c680ac2e6126039f7f80b
6b326e1c149ff623f65bd1a40129ef2b295af410d55dd574e08c4afcf1d2b969
6b8b08fbc64ed779ba99e6cbd23f366c3645eb3ff838f506b44218a0828c164c
716944a6a61521f63d67a670e7f8a92a852c2257d72476b7f4eec37c2591d477
77dedd7978ea7914f9c5170bfa98db6c0285e666f14df89c8da83d3307c12f99
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
7fe66a0050fd96a8b2ac2db02209f204697f93f2d7b386eaf1ef1603e4873993
811f158db3ede90d6db1e6c77dd7a10e9a04b2657b946b080627f1d1889e7f42
82f16bf8fed3d0db663cc890568a82f0a193181c820e084a829f4f8fa2055fda
832a2f64ff7e0d83a0db5db389999d738ae413d99787aa211189c6defe4a243f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8ce14956333b368b9b638dc2f2a03a2e0cce2820789b01bc6373707b6cc98a7d
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
9233eac6e8f7adc20a334ce3854d5adbbed6dcc031a36ea1eee952894407951c
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
9a70eb2f663da5905450d1d7a5f64a884a9bfe1e45ae2f5027b671cc75d5478f
9e99e8e9ddb5f5ff840a3c372d0ac0dd18792e9fde19e417f3e58ce34c5602f4
a31af8dd93da9254a48f970f5f9cf69615994c63467d790f08e8a3402c1aac61
a621a8c657ece1b996253e8fd497225524dee709afcd4039a4cc0cd6fae5065f
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
aecf8fad5b22c1a5b96b8b9790a6defb3a69d741344ed2b5328289a8b841b8c1
b580db4c1ef2bc5e677aef306f5cf50156a3a286239ddbc4b07fb4c5cccca0a2
b7cee077081b51494699e06d245ff5ee8942b4a818dc724e484178bcc5dcb27f
c626dac05b5db45e60e0f7470ff84f6352ec72247f970bd75ccda50715530a83
cb5b885453ff835b63f36128ca70e9c01324c1f12686d249ebe2efdd68184f4b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9c5ecaddf912fdd004d89ffc55999f25e3e55415ce6bdfb03dd674e3225da1
d7b206ad18b9b78e010df7ce32eb362d8369ec7dbe8616753c15b180cf6fbf59
dcbff16c9dc1fa0bc6890e228f6f2d4efdce8e0b70caaa15077362e86c544901
ddf938119baaea8aab1fea95405f5a270d92869f8a9fe6f96b2c4e8861a9cf67
de029f6b1d7ea1c98a21988cfb8c6ae1d4e2ebaeae9a0150fae0fa688d2acd56
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4364267aff017840734d9e3a8a8e9bfff6b343917fe0ee85136bcf2b2b4924c
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e5a3fd341f581018d6efd2c065ef5ae731a97dd5db7275b431620757e0329297
e5c84cddb3c2f45a67e1854845b794d3f073fe24a83b3fdbc603a55c63f31b23
e8036c51689b492b9022065233212244538019f29677edc1076fba048ea67b83
eba5b08a663f352bd670926b2aa889137edb07548dcb37326aa4153bcb7142ef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a97ab24ee52b21fbc8eda79280f5d432090786e4f09f9704cc1716ffa2b94e
f0dacecf521686b408f373cb8bf979238e5d6442c3702117356bbedde8083577
f261573c5fed6e879279c2acb99c03c0fa81a55257ea9d457188df22c5d8211c
fbf7e8a401976ecec53650a7c97c4853cc425921e3db7259740bba754c796b9a

www.nytimes.com Open in urlscan Pro 151.101.113.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

102 Requests

100 %HTTPS

70 %IPv6

13 Domains

34 Subdomains

22 IPs

4 Countries

3393 kBTransfer

8317 kBSize

22 Cookies

19 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

100 %
HTTPS

70 %
IPv6

13
Domains

34
Subdomains

22
IPs

4
Countries

3393 kB
Transfer

8317 kB
Size

22
Cookies

102 HTTP transactions
0 data transactions