URL: https://newyorktimes.space/
Submission: On March 12 via api from US — Scanned from US

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 44 HTTP transactions. The main IP is 2a00:f940:2:2:1:1:0:211, located in Russian Federation and belongs to AS-REG, RU. The main domain is newyorktimes.space.
TLS certificate: Issued by newyorktimes.space on January 2nd 2024. Valid for: a year.
This is the only time newyorktimes.space was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2a00:f940:2:2... 197695 (AS-REG)
11 151.101.129.164 54113 (FASTLY)
1 108.139.51.165 16509 (AMAZON-02)
1 2a01:4f8:261:... 24940 (HETZNER-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.65.164 54113 (FASTLY)
3 52.203.246.132 14618 (AMAZON-AES)
2 2600:9000:251... 16509 (AMAZON-02)
3 18.238.63.215 16509 (AMAZON-02)
1 108.138.106.70 16509 (AMAZON-02)
2 18.238.55.123 16509 (AMAZON-02)
2 4 108.139.47.92 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
44 15
Apex Domain
Subdomains
Transfer
9 nytimes.com
samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 5159
a.et.nytimes.com — Cisco Umbrella Rank: 4970
als-svc.nytimes.com Failed
www.nytimes.com — Cisco Umbrella Rank: 3857
myaccount.nytimes.com — Cisco Umbrella Rank: 8788
dd.nytimes.com — Cisco Umbrella Rank: 6967
507 KB
8 nyt.com
g1.nyt.com — Cisco Umbrella Rank: 7926
175 KB
6 iteratehq.com
platform.iteratehq.com — Cisco Umbrella Rank: 5713
iteratehq.com — Cisco Umbrella Rank: 5029
32 KB
6 newyorktimes.space
newyorktimes.space
59 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 176
1 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 301
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 621
78 KB
2 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 3044
91 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
193 KB
1 ezgif.com
s1.ezgif.com — Cisco Umbrella Rank: 860335
3 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1468
49 KB
44 10
Domain Requested by
8 g1.nyt.com newyorktimes.space
g1.nyt.com
6 newyorktimes.space newyorktimes.space
4 iteratehq.com www.datadoghq-browser-agent.com
4 sb.scorecardresearch.com 2 redirects newyorktimes.space
3 c.amazon-adsystem.com newyorktimes.space
www.datadoghq-browser-agent.com
3 a.et.nytimes.com newyorktimes.space
www.datadoghq-browser-agent.com
2 platform.iteratehq.com newyorktimes.space
platform.iteratehq.com
2 dd.nytimes.com newyorktimes.space
www.datadoghq-browser-agent.com
2 myaccount.nytimes.com newyorktimes.space
myaccount.nytimes.com
2 rumcdn.geoedge.be newyorktimes.space
rumcdn.geoedge.be
2 www.googletagmanager.com newyorktimes.space
www.googletagmanager.com
1 config.aps.amazon-adsystem.com rumcdn.geoedge.be
1 www.nytimes.com newyorktimes.space
1 samizdat-graphql.nytimes.com newyorktimes.space
1 s1.ezgif.com newyorktimes.space
1 www.datadoghq-browser-agent.com newyorktimes.space
0 als-svc.nytimes.com Failed newyorktimes.space
44 17
Subject Issuer Validity Valid
newyorktimes.space
newyorktimes.space
2024-01-02 -
2025-01-01
a year crt.sh
nytimes.com
Thawte RSA CA 2018
2023-03-22 -
2024-04-21
a year crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-12 -
2024-12-14
a year crt.sh
ezgif.com
R3
2024-02-15 -
2024-05-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
a.et.nytimes.com
R3
2024-03-11 -
2024-06-09
3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01
2023-08-12 -
2024-09-09
a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-08 -
2024-04-06
a year crt.sh
iteratehq.com
E1
2024-01-20 -
2024-04-19
3 months crt.sh

This page contains 3 frames:

Primary Page: https://newyorktimes.space/
Frame ID: B26AB506D9E8BBA10F4C7B859D8C1238
Requests: 38 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 99275F7948B1136C969578E2F2070203
Requests: 2 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Frame ID: 09D0AC74587602C72146B0B9D6B7C5B1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Mister Beast: "Anyone can get about $8,000 for a simple signing up"

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

44
Requests

75 %
HTTPS

43 %
IPv6

10
Domains

17
Subdomains

15
IPs

3
Countries

1188 kB
Transfer

2934 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1710231135502&ns_c=UTF-8&c8=Mister%20Beast%3A%20%22Anyone%20can%20get%20about%20%248%2C000%20for%20a%20simple%20signing%20up%22&c7=https%3A%2F%2Fnewyorktimes.space%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1710231135502&ns_c=UTF-8&c8=Mister%20Beast%3A%20%22Anyone%20can%20get%20about%20%248%2C000%20for%20a%20simple%20signing%20up%22&c7=https%3A%2F%2Fnewyorktimes.space%2F&c9=
Request Chain 37
  • https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/3005403/cs.js

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
newyorktimes.space/
267 KB
59 KB
Document
General
Full URL
https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:211 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash
8071fb28b928c64a0c68549989663728dc26f810266ad0227fd1baca925e10cc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 12 Mar 2024 08:12:14 GMT
server
nginx
vary
Accept-Encoding
web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/
60 KB
10 KB
Stylesheet
General
Full URL
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Fri, 02 Feb 2024 05:46:13 GMT
date
Tue, 12 Mar 2024 08:12:14 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
4752886
x-guploader-uploadid
ADPycduGY6M3wNYHV6UpueyfnsXJLOxiOAQwp3106DL_EFazhtPLZl2SiGLw-MEdlW4L8uCNG3OcGvr0KYfUUjnOG146xEM6rVi6
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9868
x-served-by
cache-mia-kmia1760050-MIA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1710231135.888473,VS0,VE0
etag
"b79308aee772cf8921761a4fdb884fe5"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1673991774978541
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-goog-hash
crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
9868
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
47240
global-f449cfd9976ad673ef2b7ab5098b85be.css
newyorktimes.space/vi-assets/static-assets/
0
0
Stylesheet
General
Full URL
https://newyorktimes.space/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:211 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
datadog-rum.js
www.datadoghq-browser-agent.com/us1/v5/
155 KB
49 KB
Script
General
Full URL
https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.51.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-51-165.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a92aa2cd3df0cfb21246c90c85ab5c260bbc79a75df76d20dc4c2d7b4c49b5a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:11:37 GMT
content-encoding
br
via
1.1 500a5a4e72d986068e53ce22c8372bde.cloudfront.net (CloudFront)
last-modified
Thu, 07 Mar 2024 15:13:39 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
55
x-amz-server-side-encryption
AES256
etag
W/"311840055306396eb20b66cd9d0488e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
jm3Fp_UIUlm_oqHkhmFMffJN5hbQl7VOXnIEXCGe6E7GHfYyvAWiKg==
adslot-fc0f7e331087dfa9b3b7.js
newyorktimes.space/vi-assets/static-assets/
0
0
Script
General
Full URL
https://newyorktimes.space/vi-assets/static-assets/adslot-fc0f7e331087dfa9b3b7.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:211 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
ezgif-1-04d14ddc3a.jpg
s1.ezgif.com/tmp/
3 KB
3 KB
Image
General
Full URL
https://s1.ezgif.com/tmp/ezgif-1-04d14ddc3a.jpg
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:261:3e1e::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
1e6dc84151da6df4b82e9c5195d50fac81b35dc3917fab2280a4a1bc729d26a2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:15 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Tue, 08 Feb 2022 12:18:03 GMT
server
nginx
etag
"62025f7b-ae0"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
2784
expires
Tue, 12 Mar 2024 09:12:15 GMT
vendor-7799bfe3d9a78d57c093.js
newyorktimes.space/vi-assets/static-assets/
0
0
Script
General
Full URL
https://newyorktimes.space/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:211 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
story-6aab106b9bdc7384db6e.js
newyorktimes.space/vi-assets/static-assets/
0
0
Script
General
Full URL
https://newyorktimes.space/vi-assets/static-assets/story-6aab106b9bdc7384db6e.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:211 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
main-04bc71f646b96f1d820c.js
newyorktimes.space/vi-assets/static-assets/
0
0
Script
General
Full URL
https://newyorktimes.space/vi-assets/static-assets/main-04bc71f646b96f1d820c.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f940:2:2:1:1:0:211 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8
gtm.js
www.googletagmanager.com/
463 KB
127 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0330ed1b43e6573205ec573e214fdd98a390c0aa5cdb5481c208b2c941c06204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129196
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method
POST
Origin
https://newyorktimes.space
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token
access-control-allow-methods
GET,POST
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset,x-nyt-geoip-map
access-control-max-age
300
age
0
content-length
0
date
Tue, 12 Mar 2024 08:12:15 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
MISS
x-cache-hits
0
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
337
x-nyt-audience-target-flat
NA:AM
x-nyt-continent
NA
x-nyt-country
US
x-nyt-edge-cache
MISS
x-nyt-meridiem
AM
x-nyt-region
NY
x-samizdat-query-exe-id
abbb343a9dd9eab8
x-samizdat-query-field-errors
0
x-served-by
cache-mia-kmia1760044-MIA
x-timer
S1710231135.152522,VS0,VE364
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.246.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-246-132.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newyorktimes.space/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

v2
samizdat-graphql.nytimes.com/graphql/
0
0

als
als-svc.nytimes.com/
0
0

grumi-ip.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/
16 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:4600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 07:43:38 GMT
x-amz-version-id
nWzCMaBTdG.LJzQd7eqTJCaATWEfreW8
content-encoding
br
last-modified
Mon, 18 Dec 2023 12:16:19 GMT
server
AmazonS3
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"229a75f6b428e87e913ddfb377e45f31"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
1718
x-amz-cf-id
6T8nDmQLScZv8yDGQGjQRXhLt7U5-Mgs5Tc4bvOUXztBQO6ptoN3-A==
apstag.js
c.amazon-adsystem.com/aax2/
298 KB
74 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-63-215.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:10:02 GMT
content-encoding
gzip
via
1.1 077b94dab77b8114aebf503be197d7d8.cloudfront.net (CloudFront), 1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
last-modified
Wed, 06 Mar 2024 21:59:42 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK52-P4
age
134
x-amz-server-side-encryption
AES256
etag
W/"b9e5bc6ae2304c1ff623d74c6e93fe00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
ziMty4VlGYNqL7JZPJ_b_1UlTyrAjWA0toPpVmvaWXXvXKo9yK8mFA==
prebid8.25.0.js
www.nytimes.com/ads/
315 KB
318 KB
Script
General
Full URL
https://www.nytimes.com/ads/prebid8.25.0.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src data: https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-guploader-uploadid
ABPtcPpi_h3F4MwpyRgcDtQO9PH_lX_1w4zmJe6-vO9ciIwxYBtY6qAXZwa5c-LMhAu8zUxoyH4
x-nyt-mktg-group
group1
x-goog-stored-content-encoding
identity
x-origin-time
2024-03-12 08:12:15 UTC
x-served-by
cache-mia-kmia1760050-MIA
x-timer
S1710231135.084247,VS0,VE264
etag
"78c86859abaee40f233a9a8c96540124"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1701363099682984
content-type
text/javascript
access-control-allow-origin
*
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.25.0.js
access-control-expose-headers
X-Nyt-Mktg-Group
x-nyt-route
ads-static-assets
cache-control
private, max-age=0
x-nyt-app-webview
0
x-nyt-edge-cache
MISS
x-amz-checksum-crc32c
b1VVOA==
x-cache-hits
0
expires
Tue, 12 Mar 2024 08:12:15 GMT
date
Tue, 12 Mar 2024 08:12:15 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
MISS
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
content-length
322837
last-modified
Thu, 30 Nov 2023 16:51:39 GMT
server
UploadServer
x-goog-hash
crc32c=b1VVOA==, md5=eMhoWauu5A8jOpqMllQBJA==
x-gdpr
0
x-goog-stored-content-length
322837
permissions-policy
browsing-topics=()
accept-ranges
bytes
prefetch-assets
myaccount.nytimes.com/auth/ Frame 9927
332 B
1 KB
Document
General
Full URL
https://myaccount.nytimes.com/auth/prefetch-assets
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy / Express
Resource Hash
b53c3c7427fa4826d8ab18278e188165dff4c02f991936bcac7e73bc3acc7a08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://newyorktimes.space/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
X-Nyt-Mktg-Group
age
294
cache-control
public, max-age=600
content-encoding
gzip
content-length
255
content-security-policy-report-only
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 08:12:15 GMT
etag
W/"14c-LfOrhdnPtySnt5VT5nOmNU82D0w"
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding
via
1.1 google, 1.1 varnish
x-api-version
F-X
x-cache
HIT
x-cache-hits
4
x-cloud-trace-context
360eeec3b46cbcf642fc20400fb06acf;o=1
x-content-type-options
nosniff
x-datadog-parent-id
5242891570214406120
x-datadog-sampled
1
x-datadog-sampling-priority
0
x-datadog-trace-id
1153592101384994758
x-envoy-decorator-operation
lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time
28
x-nyt-backend
lire-ui
x-nyt-edge-cache
HIT
x-nyt-mktg-group
group1
x-powered-by
Express
x-served-by
cache-mia-kmia1760050-MIA
franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
21 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://newyorktimes.space
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Fri, 02 Feb 2024 05:46:14 GMT
date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1634570
x-guploader-uploadid
ADPycdvQ2tsmGwZia24nvWakIeZnee2wv1rzUt2BXERCh59TPYCEAO8j_YhUC7Tm9O6g4YhfpMMJc6RN-GAWsVjQQ9iUrw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20276
x-served-by
cache-mia-kmia1760037-MIA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1710231135.143960,VS0,VE0
etag
"91eaf6b5642463af4091160b4bbfdfcb"
vary
X-Goog-Allowed-Resources
x-goog-generation
1673991776265363
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
14729
cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/
28 KB
29 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://newyorktimes.space
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Fri, 02 Feb 2024 05:46:17 GMT
date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1551967
x-guploader-uploadid
ADPycdtAbWLrlBW22q7fc-AdzQ2mW8i3uSWO0G1-NvNr0U7nL06RJxeJbSpNyX_K4n6M6C_97D5WvU-dIJ6YSdO_28jqjTiblciN
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
29076
x-served-by
cache-mia-kmia1760037-MIA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1710231135.143948,VS0,VE0
etag
"a3ed7afe3eaa0a873f3fbd379f8c491b"
vary
X-Goog-Allowed-Resources
x-goog-generation
1673991775025279
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
29076
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
9510
cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://newyorktimes.space
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Thu, 29 Aug 2024 06:53:10 GMT
date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1029782
x-guploader-uploadid
ADPycds3_JQovaBShm_GVPacB9FL_RI8GnHiEHOmzxT4vC-3325_cFWOUtKouCapb-uTWZbt2JbB3I9tAoNtO1-MsxGdJSzEW5HD
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20136
x-served-by
cache-mia-kmia1760037-MIA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1710231135.144308,VS0,VE0
etag
"108ce298d451197b23fefceb3e36959f"
x-goog-generation
1673991775386425
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20136
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1248
franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/
19 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://newyorktimes.space
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Fri, 02 Feb 2024 05:46:14 GMT
date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
593098
x-guploader-uploadid
ADPycdu6oPoB1lrm4nrC4uTUUYNY-TofJyZlB9vtnbOiIBPE-fi_s2qGLKfRMBlk6qzPidfKWIlELGLSh8aAJjFiZPkf-A
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19816
x-served-by
cache-mia-kmia1760037-MIA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1710231135.144308,VS0,VE0
etag
"0f4aea3d462cdb64748629efcbbf36bc"
vary
X-Goog-Allowed-Resources
x-goog-generation
1673991776231570
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
19816
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
15007
cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/
28 KB
28 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://newyorktimes.space
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Fri, 02 Feb 2024 05:47:23 GMT
date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1641661
x-guploader-uploadid
ADPycdsEDOUeE5W_Lr76ylhEAnaRIMbX3ibe-zyvc5uNjaq48G0rbHtXpbXQGonLwnXNRIgcmTEfllTG0R8Rd1stdiZq2Lg30Gp6
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28620
x-served-by
cache-mia-kmia1760037-MIA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1710231135.143961,VS0,VE0
etag
"f99a0459024509f157a3352e5de4f873"
vary
X-Goog-Allowed-Resources
x-goog-generation
1673991775020136
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
28620
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
7083
imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/
26 KB
26 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://newyorktimes.space
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Fri, 02 Feb 2024 05:46:14 GMT
date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1131705
x-guploader-uploadid
ADPycdsRwda_EOB5LpJhdwDZj2vpvKyH11TDWKhKDAem_9p0RfOsFUxnQkm3TV4Hwsv6-apktrq3fDaEj6u5WFfP3HOeppLc9Dco
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26504
x-served-by
cache-mia-kmia1760037-MIA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1710231135.144288,VS0,VE0
etag
"6131cd77b6e216c7693ed925f4309ffc"
vary
X-Goog-Allowed-Resources
x-goog-generation
1673991776736810
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
26504
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
14402
franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://newyorktimes.space
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Fri, 02 Feb 2024 05:46:14 GMT
date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1645478
x-guploader-uploadid
ADPycdtHZimkENI25xdU7BsitGrnxmI3oF8roZd4P3mZJCogcWNG6EaXi0kJ1EYl1EuE7n9dvw0dQxluf4c4x_aR4DdRPQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20136
x-served-by
cache-mia-kmia1760037-MIA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1710231135.144298,VS0,VE0
etag
"a6479a5200f9a6352bdb71589c27c9c3"
vary
X-Goog-Allowed-Resources
x-goog-generation
1673991776222225
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20136
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
13452
unified-lire.bundle.js
myaccount.nytimes.com/lire_ui/js/ Frame 9927
491 KB
160 KB
Script
General
Full URL
https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=38d2d8b
Requested by
Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
8b7f4deb641def0e77c158acb485e9b62521abbd6a2e336f56359ba5fed1f276
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Thu, 22 Feb 2024 06:16:45 GMT
date
Tue, 12 Mar 2024 08:12:15 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
lire-ui.auth.nyti.nyt.net:443/*
x-api-version
F-X
age
554
content-security-policy-report-only
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache
HIT
x-nyt-mktg-group
group1
x-envoy-upstream-service-time
40
content-length
163986
x-served-by
cache-mia-kmia1760050-MIA
x-nyt-backend
lire-ui
server
envoy
etag
"jeJWhA"
content-type
application/javascript
x-cloud-trace-context
29017d684efa7fa3444f05c71a3e80ce
cache-control
public, max-age=600
access-control-expose-headers
X-Nyt-Mktg-Group
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-cache-hits
4
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame 09D0
266 KB
85 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:4600:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e4f78747ab26724eeef7759b8215f6f8d7515544423feefb86bfd1bd73c695e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 07:43:37 GMT
x-amz-version-id
wf4GhNNDvDUkrmF3.vryw9_OQeheZ_rY
content-encoding
br
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
1719
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 12 Mar 2024 07:30:03 GMT
server
AmazonS3
etag
W/"0e2d6992fcc28211dd018970557d191b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
timing-allow-origin
*
x-amz-cf-id
6j6p47UDAJHqHSiHR5ChPW3BRdDyF7eoO7RYysZQqgW-UiTO4U-3DQ==
3030
config.aps.amazon-adsystem.com/configs/
531 B
797 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/3030
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-70.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
4a3c9d7a4e62033a4147ac7929add64427a6f936d385da971c1c83b856aae7cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 07:36:28 GMT
via
1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
2147
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
531
x-amz-cf-id
X-hZw3p3IMPUNu4wUsgH0wOF6X0uAp0Scf9U2bHaTwu2NlXpD-U_UA==
config
c.amazon-adsystem.com/cdn/prod/
0
306 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fnewyorktimes.space
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-63-215.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:14 GMT
via
1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
access-control-allow-origin
https://newyorktimes.space
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
FFQOvA9MI7rfa2mXbKmNPzPMSJawTqjKkqf3ssFT6OSFMB5ObSDqNA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-63-215.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:16 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 616cc46c05372de12125d489da3bca56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
0ngrz_H_XLflkVG_bRr77vPmbPDX92QYtTM5itEV6qnzB2QLFY7sKQ==
gtm.js
www.googletagmanager.com/
194 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4654c3f357494dc082d06becba0a7fe1143703f04f6fee380f0ddd4e432bc27c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67923
x-xss-protection
0
last-modified
Tue, 12 Mar 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Mar 2024 08:12:15 GMT
tags.js
dd.nytimes.com/
148 KB
27 KB
Script
General
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-123.jfk52.r.cloudfront.net
Software
Apache /
Resource Hash
f974c2633d5a3fefdeb6663d3c3ec85b5934ab6e5657a3b2e9d1000767dcbfd8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 acbc16f609c0c9804b8a2c3d38d3023e.cloudfront.net (CloudFront)
date
Tue, 12 Mar 2024 07:43:41 GMT
x-amz-cf-pop
JFK52-P4
age
1714
x-cache
Hit from cloudfront
content-length
27397
last-modified
Tue, 05 Mar 2024 10:25:13 GMT
server
Apache
etag
"24e23-612e741fa8c59-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
VjIoqgpJMHFPS-1WZpPucSYi48NyzUkkfwaCH_EzbfabqrQnZu094g==
expires
Tue, 12 Mar 2024 08:43:41 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1710231135502&ns_c=UTF-8&c8=Mister%20Beast%3A%20%22Anyone%20can%20get%20about%20%248%2C000%20for%20a%20simple%20signing%20up%22&c7=https%3A%...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1710231135502&ns_c=UTF-8&c8=Mister%20Beast%3A%20%22Anyone%20can%20get%20about%20%248%2C000%20for%20a%20simple%20signing%20up%22&c7=https%3A...
0
224 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1710231135502&ns_c=UTF-8&c8=Mister%20Beast%3A%20%22Anyone%20can%20get%20about%20%248%2C000%20for%20a%20simple%20signing%20up%22&c7=https%3A%2F%2Fnewyorktimes.space%2F&c9=
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Server
108.139.47.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-92.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-amz-cf-id
L7dSD_IT2p14mXStVnEyO3hFxlLo1wMqge3KLvpH1mM6zhQbOIqleQ==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3005403&ns__t=1710231135502&ns_c=UTF-8&c8=Mister%20Beast%3A%20%22Anyone%20can%20get%20about%20%248%2C000%20for%20a%20simple%20signing%20up%22&c7=https%3A%2F%2Fnewyorktimes.space%2F&c9=
content-length
0
x-amz-cf-id
uHwA7q0NFwpVoLY52CYUBQOzviHA54LQawsBc_36NUvb3ABDj6ImYQ==
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.246.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-246-132.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://newyorktimes.space/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

28e6ce30-95b4-4cd9-8f92-09d2ebaf4cd8
https://newyorktimes.space/
597 B
0
Other
General
Full URL
blob:https://newyorktimes.space/28e6ce30-95b4-4cd9-8f92-09d2ebaf4cd8
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
597
Content-Type
application/javascript
/
dd.nytimes.com/js/
238 B
624 B
XHR
General
Full URL
https://dd.nytimes.com/js/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-123.jfk52.r.cloudfront.net
Software
DataDome /
Resource Hash
269d6cfbe47986d92d4a6310cafeccd0f46add1c7b0973f17e0c7855097850e0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://newyorktimes.space/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 12 Mar 2024 08:12:16 GMT
via
1.1 ac80986150818f9f0ab3b6abae9b03e0.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
DataDome
x-amz-cf-pop
JFK52-P4
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
238
x-amz-cf-id
GpzCD3wvVR8rAnNlHUPuzNvwdXctgVZltBS0lQOD3aUniswmUcMGtw==
expires
0
.status
a.et.nytimes.com//
0
0
Fetch
General
Full URL
https://a.et.nytimes.com//.status
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.203.246.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-246-132.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept
*/*
Referer
https://newyorktimes.space/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

loader.js
platform.iteratehq.com/
1 KB
1 KB
Script
General
Full URL
https://platform.iteratehq.com/loader.js
Requested by
Host: newyorktimes.space
URL: https://newyorktimes.space/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d56329116367f6d6e74c8baa8d5126f48810a87c04159aacf27625206034cca
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:16 GMT
x-amz-version-id
zHbfMnCYq33fr60OKA5pl_TWExHMadIm
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
x-amz-request-id
X57C6ENJSQH15MMK
age
173
x-amz-server-side-encryption
AES256
x-amz-id-2
VWiBIPbPMtGs8u5kfSAIU1RDl+aX2sSnaC9878kCOibfa5qn29XOmW/XGf+UAUqtk6zhXYmmNFE=
last-modified
Fri, 08 Mar 2024 20:20:24 GMT
server
cloudflare
etag
W/"71f7b94d9072336477913855e1293cb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6qjmaBpNEU9q11pe3SjirtN3ioPOodWXtuVyslwCnyobDEgn39aq7eQcegCxM7dd2HK7Ayyp%2B9LNrTwOYG31XpZLV%2FlCXgKfeOXhOiLvbVTMF2owexMaI2S4NAPgJLEKE4xXZOm7KoUVHXJIlHWSpETzBE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
863251782d467429-MIA
cs.js
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/3005403/cs.js
  • https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
0
381 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol
H2
Server
108.139.47.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-92.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 08:51:10 GMT
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:36 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
84066
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
drrztEuHu0WoftOLzPNRd1dZObAo4I35KRM07q2fMf9l6cmgtbzmSw==

Redirect headers

date
Tue, 12 Mar 2024 08:12:15 GMT
via
1.1 4d3480855260c7e16c3a1df3eafacee6.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
location
/internal-c2/3005403/cs.js
content-length
0
x-amz-cf-id
U2zCF0AMuv4rDpSIijaR7y2ktWzk4R0iO_o2MfvzH1TUAb5jiefYBA==
match-prod-769554582ded04253242.js
platform.iteratehq.com/
87 KB
30 KB
Script
General
Full URL
https://platform.iteratehq.com/match-prod-769554582ded04253242.js
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9525a02f2a5bde319d08d2e8d2804cd9978b91d101a04f48a10c20ed3d31451d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://newyorktimes.space/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 12 Mar 2024 08:12:16 GMT
x-amz-version-id
wHc05w5CNWseQD9mCj1P9.Vr7K2S6ZQu
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
x-amz-request-id
X57EW366SXX626M4
age
301875
x-amz-server-side-encryption
AES256
x-amz-id-2
GEFomISR7nP76qIJj4DWFM1qpZSmobszS0Bg938oPcrT0V4iNtJeA1401gnA+QMZirnD0PVQjZc=
last-modified
Fri, 08 Mar 2024 20:20:23 GMT
server
cloudflare
etag
W/"ba3b750a9b4085e3d5710a85a52f44a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1Egjg8%2FV2BxA1YGbsPoUGCBI10bF9ESg%2BV2tlUTue03Dj%2BxWYqaitvDNJ3EH0sOndrtBLfw%2BaVsotRBqwAbFX%2BRNuZPWAV0KU3gsEVIYWk9HAQ90OfMZQb8NYxfwBWk3aaXsQH3zSbgy8BAcDYzIduQbNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
863251786d6b7429-MIA
embed
iteratehq.com/api/v1/surveys/
305 B
556 B
Fetch
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec8719a07041d9e47546853f78284f8c23c860e119c3a7c131cd3f3faa86fab
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://newyorktimes.space/
accept-language
en-US,en;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Mar 2024 08:12:16 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB74VLJY0A10%2F4CSQZ%2FYiZhG8OEc3QqEDmEXdPWAnbgLWyDQwVRxvtJDFtWaHspvZPDe29Mf%2Fg9XHXjBlvDE56xi0pGEFfIeOaBA1AAvTFyMGuPI1zwnPbU%2FK%2BYQUL7xP0aS%2B3p%2FmvnnaDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
86325179cfc721e7-MIA
embed
iteratehq.com/api/v1/surveys/ Frame
0
0
Preflight
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://newyorktimes.space
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
863251795fa721e7-MIA
content-length
0
date
Tue, 12 Mar 2024 08:12:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENAPdZAoT0sXg3sHN43XpxvN1HbHk418n81Jn6cPE3pKPTExZGxuCrQgFwbxIw9Wt1H9R0%2Byruyl74SXvGjn8ij26ReGfcdX7bQBKVmmEY61YatHGPTCa1%2Fe0UHT2IS4gwhRskT7ld%2BZQhY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
embed
iteratehq.com/api/v1/surveys/
64 B
349 B
Fetch
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v5/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://newyorktimes.space/
accept-language
en-US,en;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NWYwMGU2MDgxOTBlODAwMDFmMzA0MzUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzEwMjMxMTM2fQ.F1kTdmwXbAC5fwRmovATSliC0dwMJRHeqoDE7EZ62dg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 12 Mar 2024 08:12:16 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nw4SW%2Fl5MVpSMz%2BwUxZzF2VRuaamkKwCk7PyNzo4haHRL3H5654%2FmXAndhsFyz8xfXkNi48KpTIT6%2FmFA7IfqrTeg9xvNdP%2FLVO1raeCgcurbxyhQUE8ofJTTc7XyEfD3eaF9v%2FRylIdrNc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8632517c586321e7-MIA
embed
iteratehq.com/api/v1/surveys/ Frame
0
0
Preflight
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://newyorktimes.space
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
8632517be85321e7-MIA
content-length
0
date
Tue, 12 Mar 2024 08:12:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x68QmFB6%2Fhzm2AIyh8wob7iwD8QGAyyrmTthIStlVm2LdU%2F%2Bs%2Buma44v8beA1nbSTWb496rhhbO0P5xMown4xwhOwMH7vPj0Er5UiST94BScyv9EkNlouqlcBJKHa%2FYQwcguAzrTuf26ALU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
samizdat-graphql.nytimes.com
URL
https://samizdat-graphql.nytimes.com/graphql/v2
Domain
als-svc.nytimes.com
URL
https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| event object| DD_RUM number| viHeadScriptSize object| NYTD object| vi boolean| hybrid function| initWebview function| nyt_et object| UnifiedTracking function| Abra object| swgUserInfoXhrObject object| dataLayer object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge function| onInitNativeAds object| webpackJsonp object| adClientUtils object| googletag object| AdSlot4 object| grumi object| apstag object| __preloadedData object| win object| doc object| _aps boolean| apstagLOADED object| apscustom object| google_tag_manager object| google_tag_data object| nytAnalytics string| ddjskey object| ddoptions boolean| dataDomeProcessed object| dataDomeOptions boolean| ddShouldSkipFingerPrintReq object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| iterateSettings string| IterateObjectName function| Iterate string| subscriberInfo string| uType string| eduSubscriber string| userType string| surveyTriggerCookie object| params function| setImmediate function| clearImmediate undefined| Raven

8 Cookies

Domain/Path Name / Value
.nytimes.com/ Name: nyt-a
Value: QALs0CZ2aFAGpGEZuQMy3Gzw
.et.nytimes.com/ Name: sessionActive
Value: true
.et.nytimes.com/ Name: sessionIndex
Value: 1|1710231135223|QALs0CZ2aFAGpGEZuQMy3Gzw|1710231135223
.et.nytimes.com/ Name: et-ppvid
Value: https://newyorktimes.space/=gASoEx-xI7dQrVhAS-qJtl_Y
.scorecardresearch.com/ Name: UID
Value: 140214a7e07f4dfc5252c2e1710231135
.newyorktimes.space/ Name: datadome
Value: cuyBgMUS56ahDo7nSkh2xn1MEIkJlJA5EKUuVVVMnZEq7UPlc_pFaEigvw6eIOK9xZIj1gT4~qnZB0iMi7nzJHq3TKsNDNBABbEbUKpviUcDxrAH1673pp8RktfxXVhd
.newyorktimes.space/ Name: iter_id
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NWYwMGU2MDgxOTBlODAwMDFmMzA0MzUiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNzEwMjMxMTM2fQ.F1kTdmwXbAC5fwRmovATSliC0dwMJRHeqoDE7EZ62dg
newyorktimes.space/ Name: _dd_s
Value: rum=0&expire=1710232035206

30 Console Messages

Source Level URL
Text
network error URL: https://newyorktimes.space/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://myaccount.nytimes.com/auth/prefetch-assets
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network error URL: https://newyorktimes.space/vi-assets/static-assets/vendor-7799bfe3d9a78d57c093.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://newyorktimes.space/vi-assets/static-assets/adslot-fc0f7e331087dfa9b3b7.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://newyorktimes.space/
Message:
Access to XMLHttpRequest at 'https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web' from origin 'https://newyorktimes.space' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://newyorktimes.space/vi-assets/static-assets/story-6aab106b9bdc7384db6e.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://newyorktimes.space/vi-assets/static-assets/main-04bc71f646b96f1d820c.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://newyorktimes.space/
Message:
Access to XMLHttpRequest at 'https://samizdat-graphql.nytimes.com/graphql/v2' from origin 'https://newyorktimes.space' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://samizdat-graphql.nytimes.com/graphql/v2
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newyorktimes.space/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.et.nytimes.com
als-svc.nytimes.com
c.amazon-adsystem.com
config.aps.amazon-adsystem.com
dd.nytimes.com
g1.nyt.com
iteratehq.com
myaccount.nytimes.com
newyorktimes.space
platform.iteratehq.com
rumcdn.geoedge.be
s1.ezgif.com
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
www.datadoghq-browser-agent.com
www.googletagmanager.com
www.nytimes.com
als-svc.nytimes.com
samizdat-graphql.nytimes.com
108.138.106.70
108.139.47.92
108.139.51.165
151.101.129.164
151.101.65.164
18.238.55.123
18.238.63.215
2600:9000:2511:4600:4:b37b:9440:93a1
2606:4700:20::681a:6e5
2606:4700:20::ac43:479c
2607:f8b0:4006:823::2008
2a00:f940:2:2:1:1:0:211
2a01:4f8:261:3e1e::2
52.203.246.132
0330ed1b43e6573205ec573e214fdd98a390c0aa5cdb5481c208b2c941c06204
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
1e6dc84151da6df4b82e9c5195d50fac81b35dc3917fab2280a4a1bc729d26a2
269d6cfbe47986d92d4a6310cafeccd0f46add1c7b0973f17e0c7855097850e0
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2f2ef1a173106efc9f1e2048ee2a1f0ecac78e166a57e83128776f565312357e
3d56329116367f6d6e74c8baa8d5126f48810a87c04159aacf27625206034cca
4654c3f357494dc082d06becba0a7fe1143703f04f6fee380f0ddd4e432bc27c
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4a3c9d7a4e62033a4147ac7929add64427a6f936d385da971c1c83b856aae7cf
6292d47914f9b1671e0c7b3076ea35aa0127785ed01ae8df56f534171114b08a
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
8071fb28b928c64a0c68549989663728dc26f810266ad0227fd1baca925e10cc
8b7f4deb641def0e77c158acb485e9b62521abbd6a2e336f56359ba5fed1f276
8e4f78747ab26724eeef7759b8215f6f8d7515544423feefb86bfd1bd73c695e
9525a02f2a5bde319d08d2e8d2804cd9978b91d101a04f48a10c20ed3d31451d
a92aa2cd3df0cfb21246c90c85ab5c260bbc79a75df76d20dc4c2d7b4c49b5a0
aec8719a07041d9e47546853f78284f8c23c860e119c3a7c131cd3f3faa86fab
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b53c3c7427fa4826d8ab18278e188165dff4c02f991936bcac7e73bc3acc7a08
bcdaa8b0e5b0f57f19d17de2c58d7206e3d275da122a0d4e3176a67257595b5e
c11d50a1918e615029f239580a1d4a1aa32328fdd6149225cc74e411c84db96e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
f974c2633d5a3fefdeb6663d3c3ec85b5934ab6e5657a3b2e9d1000767dcbfd8