Submitted URL: http://mailview.bulletinintelligence.com/mailview.aspx?m=2018050702capone&r=email-3e3f&l=02d-49a&t=c
Effective URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Submission: On July 31 via api from US

Summary

This website contacted 40 IPs in 5 countries across 27 domains to perform 81 HTTP transactions. The main IP is 151.101.13.164, located in San Francisco, United States and belongs to FASTLY - Fastly, US. The main domain is www.nytimes.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on July 10th 2018. Valid for: 2 years.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 69.174.55.131 3257 (GTT-BACKB...)
15 151.101.13.164 54113 (FASTLY)
2 35.168.50.248 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.19.34.83 20940 (AKAMAI-ASN1)
1 3 104.111.214.103 16625 (AKAMAI-AS)
1 1 2606:2800:234... 15133 (EDGECAST)
1 104.244.43.176 13414 (TWITTER)
1 52.222.163.145 16509 (AMAZON-02)
3 54.236.150.166 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.196.226.233 14618 (AMAZON-AES)
3 34.232.49.235 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 34.234.33.253 14618 (AMAZON-AES)
1 2600:1480:300... 33905 (AKAMAI-AMS)
1 216.58.208.34 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 172.227.114.224 20940 (AKAMAI-ASN1)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2600:9000:204... 16509 (AMAZON-02)
1 104.111.238.79 16625 (AKAMAI-AS)
1 52.222.163.168 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
7 172.217.22.98 15169 (GOOGLE)
1 2 172.217.16.166 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.225.141.30 14618 (AMAZON-AES)
1 151.101.12.84 54113 (FASTLY)
1 188.125.66.33 34010 (YAHOO-IRD)
1 34.235.82.207 14618 (AMAZON-AES)
1 34.206.29.55 14618 (AMAZON-AES)
7 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.22.102 15169 (GOOGLE)
2 34.231.112.174 14618 (AMAZON-AES)
1 34.227.204.77 14618 (AMAZON-AES)
81 40
Apex Domain
Subdomains
Transfer
20 nytimes.com
www.nytimes.com
et.nytimes.com
cigsvc.nytimes.com
samizdat-graphql.nytimes.com
a.nytimes.com
meter-svc.nytimes.com
648 KB
13 doubleclick.net
securepubads.g.doubleclick.net
5290727.fls.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
ad.doubleclick.net
104 KB
9 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
163 KB
8 nyt.com
static01.nyt.com
a1.nyt.com
123 KB
4 facebook.com
www.facebook.com
458 B
3 google.com
adservice.google.com
www.google.com
459 B
3 google.de
adservice.google.de
www.google.de
387 B
3 bluekai.com
tags.bluekai.com
stags.bluekai.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
1 KB
3 optimizely.com
cdn.optimizely.com
errors.client.optimizely.com
168 KB
2 facebook.net
connect.facebook.net
30 KB
2 google-analytics.com
www.google-analytics.com
14 KB
2 cloudfront.net
dc8xl0ndzn2cb.cloudfront.net
30 KB
1 keywee.co
p2.keywee.co
292 B
1 yahoo.com
sp.analytics.yahoo.com
1 KB
1 pinterest.com
ct.pinterest.com
378 B
1 chartbeat.net
pnytimes.chartbeat.net
213 B
1 bkrtx.com
tags.bkrtx.com
31 KB
1 chartbeat.com
static.chartbeat.com
14 KB
1 yimg.com
s.yimg.com
4 KB
1 googleadservices.com
www.googleadservices.com
7 KB
1 pinimg.com
s.pinimg.com
16 KB
1 googletagservices.com
www.googletagservices.com
8 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 twitter.com
platform.twitter.com
242 B
1 googletagmanager.com
www.googletagmanager.com
52 KB
1 bulletinintelligence.com
mailview.bulletinintelligence.com
424 B
81 27
Domain Requested by
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
ad.doubleclick.net
tpc.googlesyndication.com
7 securepubads.g.doubleclick.net www.googletagservices.com
www.nytimes.com
securepubads.g.doubleclick.net
6 samizdat-graphql.nytimes.com www.nytimes.com
6 static01.nyt.com www.nytimes.com
6 www.nytimes.com www.nytimes.com
4 www.facebook.com www.nytimes.com
connect.facebook.net
4 et.nytimes.com www.nytimes.com
3 sb.scorecardresearch.com 1 redirects www.nytimes.com
www.googletagmanager.com
2 errors.client.optimizely.com www.nytimes.com
2 ad.doubleclick.net 1 redirects www.nytimes.com
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 stags.bluekai.com www.nytimes.com
tags.bkrtx.com
2 www.google.de www.nytimes.com
2 www.google.com 1 redirects www.nytimes.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net dc8xl0ndzn2cb.cloudfront.net
connect.facebook.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 meter-svc.nytimes.com www.nytimes.com
2 dc8xl0ndzn2cb.cloudfront.net www.nytimes.com
dc8xl0ndzn2cb.cloudfront.net
2 a1.nyt.com www.googletagmanager.com
www.nytimes.com
1 p2.keywee.co www.nytimes.com
1 sp.analytics.yahoo.com s.yimg.com
1 ct.pinterest.com www.nytimes.com
1 pnytimes.chartbeat.net www.nytimes.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net 1 redirects
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 tags.bkrtx.com www.googletagmanager.com
1 static.chartbeat.com www.nytimes.com
1 s.yimg.com www.nytimes.com
1 tags.bluekai.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 s.pinimg.com www.nytimes.com
1 www.googletagservices.com www.nytimes.com
1 a.nytimes.com www.nytimes.com
1 static.ads-twitter.com www.nytimes.com
1 platform.twitter.com 1 redirects
1 cigsvc.nytimes.com www.nytimes.com
1 cdn.optimizely.com www.nytimes.com
1 www.googletagmanager.com www.nytimes.com
1 mailview.bulletinintelligence.com 1 redirects
81 42
Subject Issuer Validity Valid
nytimes.com
COMODO RSA Organization Validation Secure Server CA
2018-07-10 -
2020-01-18
2 years crt.sh
*.doubleclick.net
Google Internet Authority G3
2018-06-19 -
2018-08-28
2 months crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA
2018-01-30 -
2019-01-29
a year crt.sh
tpc.googlesyndication.com
Google Internet Authority G3
2018-06-19 -
2018-08-28
2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2017-12-15 -
2019-03-22
a year crt.sh

This page contains 8 frames:

Primary Page: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Frame ID: C7D0B8F4BA9875076CBCD41DA36E1F38
Requests: 70 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CPOrvIKgytwCFY-H1Qod0zkJ5g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=2647110884600;gtm=G7n;u4=;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=null;u11=1;u12=100000005884893;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html
Frame ID: 5A7CD08677BB8D8B72A5BA22F312F335
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=newsletters%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&phint=referrer%3D&phint=section%3DBusiness%20Day&phint=subsection%3D&phint=pagetype%3DArticle&phint=keywords%3DSuits%20and%20Litigation%20(Civil)%2CWells%20Fargo%20%26%20Company&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3D&phint=contenttype%3Darticle&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&limit=3&r=48257424
Frame ID: 9405B9608483360A08E0CCC31DDF4FBF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: 23EEDB64811DC8B91689FF393DC8B425
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B21080064.225148537;dc_pre=CKz3-oKgytwCFdKwewodRDIAVQ;dc_trk_aid=423200409;dc_trk_cid=103664029;ord=166697048;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Frame ID: 33143B3CA4792E36A22161B2D1C5CF3C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: 1EB1A54618EDE1CF4E37D6404066B9A7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B221307FC0E9357FB730C4854124CDC6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/6uQTKQJz.html
Frame ID: 2789E080D5462A30E228C470EFAB79B6
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://mailview.bulletinintelligence.com/mailview.aspx?m=2018050702capone&r=email-3e3f&l=02d-49a&t=c HTTP 302
    https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • url /\.aspx(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • url /\.aspx(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 50%
Detected patterns
  • url /\.aspx(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • script /chartbeat\.js/i
  • env /^_sf_(?:endpt|async_config)$/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
  • env /^google_tag_manager$/i

Overall confidence: 50%
Detected patterns
  • env /^head$/i

Overall confidence: 100%
Detected patterns
  • env /^optimizely$/i

Overall confidence: 100%
Detected patterns
  • env /^YAHOO$/i

Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

81
Requests

32 %
HTTPS

40 %
IPv6

27
Domains

42
Subdomains

40
IPs

5
Countries

1417 kB
Transfer

4749 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mailview.bulletinintelligence.com/mailview.aspx?m=2018050702capone&r=email-3e3f&l=02d-49a&t=c HTTP 302
    https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1533071400517&ns_c=UTF-8&c8=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1533071400517&ns_c=UTF-8&c8=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&c9=
Request Chain 14
  • https://platform.twitter.com/oct.js HTTP 302
  • https://static.ads-twitter.com/oct.js
Request Chain 37
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=2647110884600;gtm=G7n;u4=;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=null;u11=1;u12=100000005884893;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CPOrvIKgytwCFY-H1Qod0zkJ5g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=2647110884600;gtm=G7n;u4=;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=null;u11=1;u12=100000005884893;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html
Request Chain 38
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=544131708&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&ul=en-us&de=UTF-8&dt=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=2056886974&gjid=1875206117&cid=399665550.1533071402&tid=UA-58630905-2&_gid=214252476.1533071402&_r=1&gtm=G7nP528B3&cg1=business&cg2=null&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&cd3=&cd4=Business%20Day&cd9=9&cd10=null&cd13=null&cd14=business_desk&cd15=earned&cd16=referring_links&cd17=100000005884893&cd18=STACY%20COWLEY&cd19=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million&cd21=Article&cd23=Business%20Day&cd26=2018&cd27=2018-05-04-19&cd28=Friday&cd29=19&cd30=1528504553000&cd34=NEWS&cd36=Business%20Day&cd37=336&cd38=Business&cd42=nyt-vi&cd43=Suits%20and%20Litigation%20(Civil)&cd44=Wells%20Fargo%20%26%20Company&cd48=May&cd49=super_short_100_399&cd51=nyt-vi&cd53=Business&cd54=business_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd65=anon&cd67=0&cd95=&cd129=21&cd135=&z=353436696 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-2&cid=399665550.1533071402&jid=2056886974&_gid=214252476.1533071402&gjid=1875206117&_v=j68&z=353436696 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=399665550.1533071402&jid=2056886974&_v=j68&z=353436696 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=399665550.1533071402&jid=2056886974&_v=j68&z=353436696&slf_rd=1&random=3562980284
Request Chain 68
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B21080064.225148537;dc_trk_aid=423200409;dc_trk_cid=103664029;ord=166697048;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B21080064.225148537;dc_pre=CKz3-oKgytwCFdKwewodRDIAVQ;dc_trk_aid=423200409;dc_trk_cid=103664029;ord=166697048;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wells-fargo-shareholder-suit-phony-accounts.html
www.nytimes.com/2018/05/04/business/
Redirect Chain
  • http://mailview.bulletinintelligence.com/mailview.aspx?m=2018050702capone&r=email-3e3f&l=02d-49a&t=c
  • https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
176 KB
35 KB
Document
General
Full URL
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
2ec1c0efb115ffa9d85c4f4885d2fe5af05afc1911309521f3a2b3a5b50f87b6
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
X-Frame-Options DENY

Request headers

:method
GET
:authority
www.nytimes.com
:scheme
https
:path
/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C7D0B8F4BA9875076CBCD41DA36E1F38

Response headers

status
200
server
nginx
content-type
text/html; charset=utf-8
cache-control
no-cache
x-nyt-data-last-modified
Tue, 31 Jul 2018 21:09:59 GMT
last-modified
Tue, 31 Jul 2018 21:09:59 GMT
x-pagetype
vi-story
x-vi-compatibility
Compatible
alt-svc
clear
content-encoding
gzip
x-nyt-route
vi-story
x-origin-time
2018-07-31 21:10:00 UTC
accept-ranges
bytes
date
Tue, 31 Jul 2018 21:10:00 GMT
age
0
x-served-by
cache-jfk8142-JFK, cache-fra19120-FRA
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1533071399.425061,VS0,VE673
vary
Accept-Encoding, Fastly-SSL
set-cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; Expires=Wed, 31 Jul 2019 21:10:00 GMT; Path=/; Domain=.nytimes.com vi_www_hp=z00; path=/; domain=.nytimes.com; expires=Wed, 01 Jan 2020 00:00:00 GMT nyt-gdpr=1; Expires=Wed, 01 Aug 2018 03:10:00 GMT; Path=/; Domain=.nytimes.com nyt-us=0; Expires=Wed, 01 Aug 2018 03:10:00 GMT; Path=/; Domain=.nytimes.com
x-frame-options
DENY
x-gdpr
1
x-api-version
F-F-VI
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length
35056

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Server
Microsoft-IIS/7.5
Set-Cookie
ASP.NET_SessionId=n0rlasabivqfifspthdgjazb; path=/; HttpOnly
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-BNN-Server
bnnapp4
Date
Tue, 31 Jul 2018 21:09:58 GMT
Content-Length
209
global-056783652904d5f6bb81036368f3e6cb.css
www.nytimes.com/vi-assets/static-assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-056783652904d5f6bb81036368f3e6cb.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
708a44345a5416d6894d7095cc34ce52ab134941d0836d9f543d082ab6e56362
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

:path
/vi-assets/static-assets/global-056783652904d5f6bb81036368f3e6cb.css
pragma
no-cache
cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.nytimes.com
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
:scheme
https
:method
GET
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:00 GMT
content-encoding
gzip
x-api-version
F-X
age
8833334
x-guploader-uploadid
AEnB2Ur1WqYUzmQhemSx0gBtr6OfhsadSZLd9VTf--yNi1ySUXbIw7bAtT8Yfp54xV37CaTgD0OGu-LH1WGWiEVxSVoqd0ROlw
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-origin-time
2018-04-20 15:27:45 UTC
x-served-by
cache-fra19120-FRA
accept-ranges
bytes
last-modified
Fri, 20 Apr 2018 15:20:30 GMT
server
UploadServer
x-timer
S1533071400.111184,VS0,VE0
etag
"056783652904d5f6bb81036368f3e6cb"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=QuoqmQ== md5=BWeDZSkE1fa7gQNjaPPmyw==
x-goog-generation
1524237630374150
expires
Sat, 20 Apr 2019 15:27:45 GMT
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
4699
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length
1815
content-type
text/css
x-cache-hits
55833
main-994a9dad8d460a127e500fa7fa642f20.css
www.nytimes.com/vi-assets/static-assets/
250 KB
33 KB
Stylesheet
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-994a9dad8d460a127e500fa7fa642f20.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d8845ac65ab9d65c951af8e1bfc148effe88d1b3747cb22a4a542b263da724cb
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

:path
/vi-assets/static-assets/main-994a9dad8d460a127e500fa7fa642f20.css
pragma
no-cache
cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.nytimes.com
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
:scheme
https
:method
GET
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:00 GMT
content-encoding
gzip
x-api-version
F-X
age
535851
x-guploader-uploadid
AEnB2UoV_71C0mXfzvn2bhUj0Z1yCpnFcfKDXQ0gI8AguCJpzFjcgFeCKlYjsT7Q-oE36IOh3SCJizZC5CGdfVFVsEFJvDmJB7gSWPYtO2SSpbYNM_05voM
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-origin-time
2018-07-25 16:19:09 UTC
x-served-by
cache-fra19120-FRA
accept-ranges
bytes
last-modified
Wed, 25 Jul 2018 16:13:56 GMT
server
UploadServer
x-timer
S1533071400.111225,VS0,VE0
etag
"99416b01325dd0916f9813b3dc035d77"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=dw9mxg== md5=mUFrATJd0JFvmBOz3ANddw==
x-goog-generation
1532535236851697
expires
Thu, 25 Jul 2019 16:19:08 GMT
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
255950
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length
33246
content-type
text/css
x-cache-hits
13859
merlin_137698059_b01aad42-154c-4e00-b0ab-21566537a804-jumbo.jpg
static01.nyt.com/images/2018/05/05/business/05WELLS/
60 KB
60 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/05/05/business/05WELLS/merlin_137698059_b01aad42-154c-4e00-b0ab-21566537a804-jumbo.jpg?quality=90&auto=webp
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4d3a21a043c3c9a3aa8dfbacc559c5cc8a1d3538660fc207152d7e6dca9ebeba

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:00 GMT
via
1.1 varnish, 1.1 varnish
age
454181
x-goog-storage-class
MULTI_REGIONAL
x-cache
HIT, MISS
fastly-io-info
ifsz=96029 idim=1024x683 ifmt=jpeg ofsz=61316 odim=1024x683 ofmt=webp
status
200
fastly-stats
io=1
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
61316
x-served-by
cache-iad2146-IAD, cache-fra19120-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
server
UploadServer
x-timer
S1533071400.134121,VS0,VE97
etag
"VsdwsKWxOKdYUZ4mDZHET7sktz8BOMMjMWeoYYsTy5Q"
vary
Accept
x-goog-hash
crc32c=TMBkKg==, md5=yobdvQnrRkxb3L6mhpkW/A==
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 26 Jul 2018 15:00:19 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-guploader-uploadid
AEnB2Up9npfMkYZOxnY7D1vF5IlIxLVayvFmVzFNa5jKfNbJUUVSk883HbuDawAif_euB8V0cn3QzZL1xfpf1XSLTYEbGURhYQ
x-cache-hits
1, 0
Cookie set /
et.nytimes.com/
253 B
957 B
XHR
General
Full URL
https://et.nytimes.com/
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.50.248 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-168-50-248.compute-1.amazonaws.com
Software
/
Resource Hash
76a7f363f80faa9ef02ec912c68497cd78112e1f1bcd4d828cefe7f8bf71acbc

Request headers

Pragma
no-cache
Origin
https://www.nytimes.com
Accept-Encoding
gzip, deflate
Host
et.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
Connection
keep-alive
Content-Length
1969
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.nytimes.com
Set-Cookie
et-a1=%257B%2522agentId%2522%253A%2522YhnjHNL0am0ZH-blGEqn0F%2522%252C%2522agentStarted%2522%253A1533071400494%252C%2522sessionIndex%2522%253A1%252C%2522sessionStarted%2522%253A1533071400494%252C%2522lastModified%2522%253A1533071400517%252C%2522lastUpdate%2522%253A1533071400517%257D; Domain=et.nytimes.com; Path=/; Expires=Wed, 31 Jul 2019 21:10:00 GMT nyt-a=YhnjHNL0am0ZH-blGEqn0F; Domain=.nytimes.com; Path=/; Expires=Wed, 31 Jul 2019 21:10:00 GMT
Date
Tue, 31 Jul 2018 21:10:00 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
253
Content-Type
application/json
vendor-bcee3610af1aeb501b95.js
www.nytimes.com/vi-assets/static-assets/
888 KB
271 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3bae7356ca2eb0180c9c18848de062052e83765208573ece77936e4d675432db
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

:path
/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
pragma
no-cache
cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.nytimes.com
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
:scheme
https
:method
GET
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:00 GMT
content-encoding
gzip
x-api-version
F-X
age
107838
x-guploader-uploadid
AEnB2UrbH_edvKtJwFm_ZRjkIEm2EyRHZQMCaryVBfXlzgE1QlAg5e4xKEueOwWyQG7qZSd8--nK3TQIJFV9x0hRGlL6QrkZPa9P-q8LULuM8Cc9d6qGsMQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-origin-time
2018-07-30 15:12:42 UTC
x-served-by
cache-fra19120-FRA
accept-ranges
bytes
last-modified
Mon, 30 Jul 2018 15:05:17 GMT
server
UploadServer
x-timer
S1533071400.138352,VS0,VE0
etag
"bcee3610af1aeb501b9590474a61c764"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=cfd3hQ== md5=vO42EK8a61AblZBHSmHHZA==
x-goog-generation
1532963117869689
expires
Tue, 30 Jul 2019 15:12:42 GMT
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
909511
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length
276647
content-type
application/javascript
x-cache-hits
4611
main-48eb8c10fcf3633c605b.js
www.nytimes.com/vi-assets/static-assets/
126 KB
30 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-48eb8c10fcf3633c605b.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b25d2aedd94210379a163cd2fdb2cf2403d1e2466cdfd737b546349324c76d90
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

:path
/vi-assets/static-assets/main-48eb8c10fcf3633c605b.js
pragma
no-cache
cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.nytimes.com
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
:scheme
https
:method
GET
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:00 GMT
content-encoding
gzip
x-api-version
F-X
age
107838
x-guploader-uploadid
AEnB2UoYN7KGMuXS5dqpIyT4fDQ1H-o5w_Ao-SH3wkrs7uWSC2ig0gf1ab1D9kREsKse8PEvClpkO5Ie_DeoQcbC3XWvnQVFKLjKWw01JGGYBAdIaGpblZ0
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-origin-time
2018-07-30 15:12:42 UTC
x-served-by
cache-fra19120-FRA
accept-ranges
bytes
last-modified
Mon, 30 Jul 2018 15:05:16 GMT
server
UploadServer
x-timer
S1533071400.138657,VS0,VE0
etag
"48eb8c10fcf3633c605bbe6786ecab86"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=CgwjxA== md5=SOuMEPzzYzxgW75nhuyrhg==
x-goog-generation
1532963116915198
expires
Tue, 30 Jul 2019 15:12:42 GMT
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
129379
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length
29737
content-type
application/javascript
x-cache-hits
4590
gtm.js
www.googletagmanager.com/
237 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
2a00:1450:4001:814::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
48476f6dc353fc33bc71b28d1d64d1069e9c5bc0700bff20d809130bf2edba3d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:00 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
53585
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
220 B
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.nytimes.com

Response headers

Access-Control-Allow-Origin
*
Content-Type
application/font-woff2
Cookie set pixel
et.nytimes.com/
43 B
774 B
Image
General
Full URL
https://et.nytimes.com/pixel?url=https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html&referrer=&subject=module-interactions&moduleData=%7B%22module%22%3A%22nyt-vi-page-pixel%22%2C%22pgType%22%3A%22%22%2C%22eventName%22%3A%22Impression%22%2C%22action%22%3A%22Impression%22%7D&sourceApp=nyt-vi&instant=1&_=1533071400251
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.50.248 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-168-50-248.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
et.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Jul 2018 21:10:00 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS UNI"
Set-Cookie
et-a1=%257B%2522agentId%2522%253A%2522YhnjHNL0am0ZH-blGEqn0F%2522%252C%2522agentStarted%2522%253A1533071400494%252C%2522sessionIndex%2522%253A1%252C%2522sessionStarted%2522%253A1533071400494%252C%2522lastModified%2522%253A1533071400630%252C%2522lastUpdate%2522%253A1533071400630%257D; Domain=et.nytimes.com; Path=/; Expires=Wed, 31 Jul 2019 21:10:00 GMT nyt-a=YhnjHNL0am0ZH-blGEqn0F; Domain=.nytimes.com; Path=/; Expires=Wed, 31 Jul 2019 21:10:00 GMT
Cache-Control
max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT
vi_article.js
cdn.optimizely.com/public/3013110282/s/
791 KB
168 KB
Script
General
Full URL
https://cdn.optimizely.com/public/3013110282/s/vi_article.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
SPDY
Server
2.19.34.83 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-34-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
06eb923ba58b5afc0c41c83aa6acac3caa55c45e8b407abaa092ef7ea9938e1a
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
Re_A6XxgLkCNz3DfDqEZX_Az5l2MZ5XU
content-encoding
gzip
etag
"c613ca9c3469544c6b1a182c3f7dd051"
x-amz-request-id
2471F52C10FDC2B2
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=86400
vary
Accept-Encoding
content-length
170887
x-amz-id-2
axPfo7fT2cpDFnY5Cb4Yus5SCG261zPzy44qzZ5CzJc8cM960jeSqwiEoE2eQBW13kHbGv7K99c=
last-modified
Tue, 31 Jul 2018 19:59:20 GMT
server
AmazonS3
date
Tue, 31 Jul 2018 21:10:00 GMT
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
3450
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
ip_seg_v2.rep
cigsvc.nytimes.com/r1/jp/
170 B
460 B
Script
General
Full URL
https://cigsvc.nytimes.com/r1/jp/ip_seg_v2.rep?&callback=callback
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
2cf6e4d35c7d458f75c427ca0a22dbc160febeab23c643e2595b09b08117ab10

Request headers

:path
/r1/jp/ip_seg_v2.rep?&callback=callback
pragma
no-cache
cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cigsvc.nytimes.com
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
:scheme
https
:method
GET
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:00 GMT
via
1.1 varnish
x-timer
S1533071400.429611,VS0,VE176
vary
Accept-Encoding
x-cache
MISS
content-type
application/javascript;charset=UTF-8
status
200
expires
0
cache-control
no-cache, no-cache="set-cookie"
x-cache-hits
0
set-cookie
AWSELB=33AF8F8F14709F8F35D07A974C89BBB3EAC27E1CEFF8AA9F7ED3CFCA2354EDD0D8B81DC0DDBF3308DE5FFA8B88AE0250C375598DEB523036A34CD48C773D0D07189E90DC6B;PATH=/;MAX-AGE=60
accept-ranges
bytes
x-served-by
cache-fra19120-FRA
story-fde98d22fd71c08f81ae.js
www.nytimes.com/vi-assets/static-assets/
1 MB
263 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/story-fde98d22fd71c08f81ae.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6dd1de0a9420b9088245b7d8328c8e7d5bd4c04bfd260f1ff02280e5f9c8772e
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

:path
/vi-assets/static-assets/story-fde98d22fd71c08f81ae.js
pragma
no-cache
cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.nytimes.com
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
:scheme
https
:method
GET
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:00 GMT
content-encoding
gzip
x-api-version
F-X
age
94238
x-guploader-uploadid
AEnB2UrVDIAQgmjGrhaRPquUNsxx4C9AXEGwFMWR2kQEYzgUynS8pR7RiquiI_SsuWgRgPv_qaXln8g-mNV_CrfStDgGLnYlJbEgvu1z-aMUJJ_X5kxvsS0
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-origin-time
2018-07-30 18:59:30 UTC
x-served-by
cache-fra19120-FRA
accept-ranges
bytes
last-modified
Mon, 30 Jul 2018 18:31:13 GMT
server
UploadServer
x-timer
S1533071400.488862,VS0,VE0
etag
"fde98d22fd71c08f81ae827aaef41af0"
vary
Accept-Encoding, Fastly-SSL
x-goog-hash
crc32c=Tg6OtQ== md5=/emNIv1xwI+BroJ6rvQa8A==
x-goog-generation
1532975473615241
expires
Tue, 30 Jul 2019 18:59:22 GMT
cache-control
public,max-age=31536000
x-nyt-route
vi-assets
x-goog-stored-content-length
1085251
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length
268009
content-type
application/javascript
x-cache-hits
3504
comscore-streaming.js
a1.nyt.com/analytics/
103 KB
19 KB
Script
General
Full URL
https://a1.nyt.com/analytics/comscore-streaming.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
SPDY
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-goog-hash
crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
date
Tue, 31 Jul 2018 21:10:00 GMT
content-encoding
gzip
age
12541
x-guploader-uploadid
AEnB2UoIc3GxTR-8jE4KVInY9Bjw2ferlbRz2CbF-5bwxlDqVXZepMYlBc8UCsu2UqrqyllYqkjlyKwMIwVrTl805z1nuow30Q
x-cache
HIT
x-goog-storage-class
REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
18717
via
1.1 varnish
x-served-by
cache-fra19120-FRA
accept-ranges
bytes
expires
Fri, 11 May 2018 17:39:04 GMT
last-modified
Thu, 26 Apr 2018 19:02:40 GMT
server
UploadServer
x-timer
S1533071401.560625,VS0,VE0
etag
"04e0b9556a78ce5cedf86a34e5483036"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1524769360625634
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
105675
x-nyt-pagetype
nyt-dti-analytic
content-type
application/javascript
x-cache-hits
393
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1533071400517&ns_c=UTF-8&c8=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Tim...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1533071400517&ns_c=UTF-8&c8=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Ti...
0
248 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1533071400517&ns_c=UTF-8&c8=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&c9=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Server
104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Jul 2018 21:10:00 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1533071400517&ns_c=UTF-8&c8=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&c7=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&c9=
Pragma
no-cache
Date
Tue, 31 Jul 2018 21:10:00 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
5 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
104.244.43.176 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
age
76264
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-tw-fra1-cr1-17-TWFRA1
last-modified
Tue, 23 Jan 2018 19:05:33 GMT
x-timer
S1533071401.396046,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes

Redirect headers

Location
https://static.ads-twitter.com/oct.js
Date
Tue, 31 Jul 2018 21:10:00 GMT
Server
ECS (fcn/418C)
Content-Length
0
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
keywee.js
dc8xl0ndzn2cb.cloudfront.net/js/nytimes/v1/
30 KB
6 KB
Script
General
Full URL
https://dc8xl0ndzn2cb.cloudfront.net/js/nytimes/v1/keywee.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Server
52.222.163.145 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-163-145.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f2bd151ab7132a097522eee5582fa0820c62e8ce72e8935a26d94ebfd85e713

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 15 Jun 2017 00:45:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Apr 2017 07:46:06 GMT
Server
AmazonS3
Age
2135067
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront)
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
YW2lEIEbn8P4cU7_9pGw54xqgWO8VLAM15UEkQY6I82v3l9vIqKaZg==
v2
samizdat-graphql.nytimes.com/graphql/
0
705 B
Fetch
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.150.166 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-150-166.compute-1.amazonaws.com
Software
samizdat-graphql-0.3.13 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Accept-Encoding
gzip, deflate
Host
samizdat-graphql.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Connection
keep-alive
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-continent,x-nyt-country,x-nyt-gmt-offset,x-nyt-region
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-continent,x-nyt-country,x-nyt-gmt-offset,x-nyt-region

Response headers

Date
Tue, 31 Jul 2018 21:10:01 GMT
Server
samizdat-graphql-0.3.13
Surrogate-Control
max-age=30, stale-while-revalidate=10, stale-if-error=86400
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
https://www.nytimes.com
Samizdat-X-Instance
i-06cb72f069dc8c099
Access-Control-Max-Age
300
Cache-Control
max-age=30
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
NYT-App-Type, NYT-App-Version, NYT-Token, Content-Type, Origin, Accept, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-gmt-offset
Content-Length
0
v2
samizdat-graphql.nytimes.com/graphql/
0
705 B
Fetch
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.150.166 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-150-166.compute-1.amazonaws.com
Software
samizdat-graphql-0.3.13 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Accept-Encoding
gzip, deflate
Host
samizdat-graphql.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Connection
keep-alive
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-continent,x-nyt-country,x-nyt-gmt-offset,x-nyt-region
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-continent,x-nyt-country,x-nyt-gmt-offset,x-nyt-region

Response headers

Date
Tue, 31 Jul 2018 21:10:01 GMT
Server
samizdat-graphql-0.3.13
Surrogate-Control
max-age=30, stale-while-revalidate=10, stale-if-error=86400
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
https://www.nytimes.com
Samizdat-X-Instance
i-06cb72f069dc8c099
Access-Control-Max-Age
300
Cache-Control
max-age=30
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
NYT-App-Type, NYT-App-Version, NYT-Token, Content-Type, Origin, Accept, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-gmt-offset
Content-Length
0
adsbygoogle.js
static01.nyt.com/ads/google/
28 B
476 B
Script
General
Full URL
https://static01.nyt.com/ads/google/adsbygoogle.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/story-fde98d22fd71c08f81ae.js
Protocol
SPDY
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:01 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-guploader-uploadid
AEnB2UoRPvwL_lQzNOPFhXLfLBPksQrVou6zE-9dsb6jerkqT4zq-ASFciT2V9oa2pRUaxgoR-IwgGzRp1xR4Qe9gNG7YhTe9w
x-cache
MISS, MISS
x-goog-storage-class
REGIONAL
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
28
x-served-by
cache-iad2144-IAD, cache-fra19120-FRA
x-nyt-gcs-bucket
nyt-ads-static-assets
last-modified
Fri, 23 Mar 2018 21:06:07 GMT
server
UploadServer
x-timer
S1533071401.191879,VS0,VE153
etag
"45047d08e5481aa5674276ae1810c88d"
vary
Origin, Accept-Encoding
x-goog-hash
crc32c=A0srKQ==, md5=RQR9COVIGqVnQnauGBDIjQ==
content-type
text/javascript
expires
Tue, 31 Jul 2018 21:10:01 GMT
cache-control
private, max-age=0
accept-ranges
bytes, bytes, bytes, bytes
x-cache-hits
0, 0
data-layer
a.nytimes.com/svc/nyt/
2 KB
2 KB
Fetch
General
Full URL
https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2013 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
87ec755472a9e5bb5d154dfee92dbe991db4de5f71ed142b5fe3703f3b51db81

Request headers

:path
/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&
pragma
no-cache
cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
origin
https://www.nytimes.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
a.nytimes.com
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com

Response headers

date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
server
Google Frontend
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
cf165d6d2ac73732a63a6454103aa0b9
cache-control
private
access-control-allow-credentials
true
set-cookie
jkidd-s=referrer=&landing=&start=1533071401275&isNew=1&pageIndex=1; Path=/; Domain=a.nytimes.com; HttpOnly jkidd-p=prevPage=&currPage=; Path=/; Domain=a.nytimes.com; Max-Age=31536000; HttpOnly jkidd-l=uid=0&sessionIndex=1&sessionStart=1533071401275&isNewSession=1&lastRequest=1533071401275&prevRequest=0&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&firstReferrer=&firstLanding=&firstSeen=1533071401275&browserSession=1&pageIndex=1&totalSessionTime=0&avgSessionTime=0&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon; Path=/; Domain=a.nytimes.com; Max-Age=31536000; HttpOnly
access-control-allow-headers
Content-Type, x-requested-by, *
content-length
834
expires
Tue, 31 Jul 2018 21:10:01 GMT
Cookie set meter.js
meter-svc.nytimes.com/
359 B
1 KB
Script
General
Full URL
https://meter-svc.nytimes.com/meter.js?url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&callback=jsonp_1533071401192_90094
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.226.233 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-196-226-233.compute-1.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
81b65abe85d904f82547ed0f508df4cdb5e9478717c5c971d13aeda781d15a7a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
meter-svc.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Cookie
nyt-a=YhnjHNL0am0ZH-blGEqn0F; vi_www_hp=z00; nyt-gdpr=1; nyt-us=0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Set-Cookie
nyt-m=9F424429744B4B689325A1EFCCDEDF70&e=i.1533081600&t=i.5&v=i.1&l=l.15.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1&n=i.2&g=i.0&rc=i.0&er=i.1533072144&vr=l.4.1.0.0.0&pr=l.4.1.0.0.0&vp=i.0&gf=l.10.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1&ft=i.0&fv=i.0&gl=l.2.-1.-1&rl=l.1.-1&cav=i.1&imu=i.1&igu=i.1&prt=i.5&kid=i.1&ica=i.1&iue=i.0&ier=i.0&iub=i.0&ifv=i.0&igd=i.0&iga=i.1&imv=i.1&igf=i.0&iru=i.1&ird=i.0&ira=i.1&iir=i.1; expires=Sun, 30-Jul-2023 21:22:24 GMT; path=/; domain=.nytimes.com
Date
Tue, 31 Jul 2018 21:22:24 GMT
Server
nginx/1.10.2
Connection
keep-alive
Content-Length
359
Content-Type
application/x-javascript
v2
samizdat-graphql.nytimes.com/graphql/
0
705 B
Fetch
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.49.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-49-235.compute-1.amazonaws.com
Software
samizdat-graphql-0.3.13 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Accept-Encoding
gzip, deflate
Host
samizdat-graphql.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Connection
keep-alive
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-continent,x-nyt-country,x-nyt-gmt-offset,x-nyt-region
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-continent,x-nyt-country,x-nyt-gmt-offset,x-nyt-region

Response headers

Date
Tue, 31 Jul 2018 21:10:01 GMT
Server
samizdat-graphql-0.3.13
Surrogate-Control
max-age=30, stale-while-revalidate=10, stale-if-error=86400
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
https://www.nytimes.com
Samizdat-X-Instance
i-06cb72f069dc8c099
Access-Control-Max-Age
300
Cache-Control
max-age=30
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
NYT-App-Type, NYT-App-Version, NYT-Token, Content-Type, Origin, Accept, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-gmt-offset
Content-Length
0
gpt.js
www.googletagservices.com/tag/js/
20 KB
8 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/story-fde98d22fd71c08f81ae.js
Protocol
SPDY
Server
2a00:1450:4001:810::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d27366f3c007b3b07059ff401c9b040fa32aa355ed7cfbb321acb076b5145d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"6 / 334 of 1000 / last-modified: 1533045705"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7848
x-xss-protection
1; mode=block
expires
Tue, 31 Jul 2018 21:10:01 GMT
Cookie set /
et.nytimes.com/
92 B
815 B
XHR
General
Full URL
https://et.nytimes.com/
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.33.253 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-234-33-253.compute-1.amazonaws.com
Software
/
Resource Hash
ff3bf65503e9fd9997a23b49076e8d5dc01adc047a97c61dc725b1733bcb3a46

Request headers

Pragma
no-cache
Origin
https://www.nytimes.com
Accept-Encoding
gzip, deflate
Host
et.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
text/plain; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Connection
keep-alive
Content-Length
2542
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
text/plain; charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.nytimes.com
Set-Cookie
et-a1=%257B%2522agentId%2522%253A%2522a7f555b51b14f2f06006afff2d6a8ce4%2522%252C%2522agentStarted%2522%253A1533071401785%252C%2522sessionIndex%2522%253A1%252C%2522sessionStarted%2522%253A1533071401785%252C%2522lastModified%2522%253A1533071401785%252C%2522lastUpdate%2522%253A1533071401785%257D; Domain=et.nytimes.com; Path=/; Expires=Wed, 31 Jul 2019 21:10:01 GMT nyt-a=a7f555b51b14f2f06006afff2d6a8ce4; Domain=.nytimes.com; Path=/; Expires=Wed, 31 Jul 2019 21:10:01 GMT
Date
Tue, 31 Jul 2018 21:10:01 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
92
Content-Type
application/json
core.js
s.pinimg.com/ct/
44 KB
16 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Server
2600:1480:3000:41:: , United States, ASN33905 (AKAMAI-AMS, US),
Reverse DNS
Software
/
Resource Hash
145bd665e4e4ce3e3bad95b097c7d876b92a4129a551b6753f1b36dd147fd058

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding
gzip
X-CDN
akamai
ETag
"73fa7d1211ea0dd72369b4fb3eb504e1"
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN
Cache-Control
max-age=1209600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15599
conversion_async.js
www.googleadservices.com/pagead/
18 KB
7 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
SPDY
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
cafe /
Resource Hash
f3ca766f15c08a52b36c3d080fa934f2c5b3c758e8c8a6e099d464e8375e4a8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
6845
x-xss-protection
1; mode=block
server
cafe
etag
2112158640234685715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Jul 2018 21:10:01 GMT
analytics.js
www.google-analytics.com/
34 KB
14 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
SPDY
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3452
date
Tue, 31 Jul 2018 20:12:29 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Tue, 31 Jul 2018 22:12:29 GMT
50550
tags.bluekai.com/site/
41 B
602 B
Script
General
Full URL
https://tags.bluekai.com/site/50550?ret=js&limit=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
HTTP/1.1
Server
172.227.114.224 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-114-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Jul 2018 21:10:01 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/javascript
Content-Length
41
BK-Server
f975
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ytc.js
s.yimg.com/wi/
15 KB
4 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software
ATS /
Resource Hash
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
last-modified
Thu, 17 May 2018 12:53:58 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript
status
200
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
strict-transport-security
max-age=15552000
accept-ranges
bytes
content-length
4111
via
http/1.1 spdc0013.pbp.ir2.yahoo.com (ApacheTrafficServer), https/1.1 e7.ycpi.deb.yahoo.com (ApacheTrafficServer [cMsSf ])
chartbeat.js
static.chartbeat.com/js/
34 KB
14 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
2600:9000:2043:9c00:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
cb9babbd8dd457f73a6d5313bde435278858e7a8de71b03c0ae6396526baaffd

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 19:10:21 GMT
content-encoding
gzip
last-modified
Thu, 07 Jun 2018 02:29:34 GMT
server
nginx
age
7180
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=86400
x-amz-cf-id
mADaTob6gIsQRGZzXxd5LefhYkIO6PLgxCa50iZLE6SEXQIt2H_Uxw==
via
1.1 1280e48937eca7de58e32cd35415f48a.cloudfront.net (CloudFront)
expires
Wed, 01 Aug 2018 19:10:21 GMT
bk-coretag.js
tags.bkrtx.com/js/
31 KB
31 KB
Script
General
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
HTTP/1.1
Server
104.111.238.79 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-238-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 31 Jul 2018 21:10:01 GMT
Last-Modified
Mon, 23 Jul 2018 20:07:28 GMT
Server
Apache
ETag
"3160052-7a94-571b031e6f476"
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31380
Expires
Tue, 07 Aug 2018 21:10:01 GMT
show-ads.js
a1.nyt.com/analytics/
45 B
742 B
Script
General
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
age
12494
x-guploader-uploadid
AEnB2UoKtLA4qlBDlToQDUkGuSAsF0e68VIOXtd2cWx32bFOoDuUHALXEqpse8yzsFJKr4JWIsqNQSZT3d_74wtG049mN46X-A
x-cache
HIT
x-goog-storage-class
REGIONAL
status
200
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
65
via
1.1 varnish
x-served-by
cache-fra19120-FRA
accept-ranges
bytes
expires
Fri, 11 May 2018 17:40:18 GMT
last-modified
Thu, 26 Apr 2018 19:02:40 GMT
server
UploadServer
x-timer
S1533071401.476862,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-goog-generation
1524769360952155
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
45
x-nyt-pagetype
nyt-dti-analytic
content-type
application/javascript
x-cache-hits
341
sp.js
dc8xl0ndzn2cb.cloudfront.net/
65 KB
23 KB
Script
General
Full URL
https://dc8xl0ndzn2cb.cloudfront.net/sp.js
Requested by
Host: dc8xl0ndzn2cb.cloudfront.net
URL: https://dc8xl0ndzn2cb.cloudfront.net/js/nytimes/v1/keywee.js
Protocol
HTTP/1.1
Server
52.222.163.168 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-163-168.fra54.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fddc7902ebf1de2a57a737a41bf2a5357fcd264246f1c58d5713a19a99a2019b

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Oct 2017 22:06:09 GMT
Content-Encoding
gzip
Last-Modified
Sun, 26 Apr 2015 13:52:29 GMT
Server
AmazonS3
Age
24620633
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 d76fac2b5a2f460a1cbffb76189f59ef.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
OowFkAB4XZ58h8sTqGkYGJLK7VN-2kSJm_JOeZBbXGBSEIEjdoBh9w==
fbevents.js
connect.facebook.net/en_US/
43 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dc8xl0ndzn2cb.cloudfront.net
URL: https://dc8xl0ndzn2cb.cloudfront.net/js/nytimes/v1/keywee.js
Protocol
SPDY
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b6143b6b4d86918d18cd84b60ae0f37f74522fc145896a4f9645746070cb28d4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
13455
x-xss-protection
0
pragma
public
x-fb-debug
rPBikrjLK9x9qPqKv0pWzJ18l8b52IEBxZqyaC+28jSMHZf47viKS0F5rDJAe5Y4EE+QcSGb7L7RlJI5/+9Uzg==
x-frame-options
DENY
date
Tue, 31 Jul 2018 21:10:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_235.js
securepubads.g.doubleclick.net/gpt/
179 KB
62 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
sffe /
Resource Hash
5618d2ea6cde29cc1d3c435d908b962a2e14111af849e234a7bba77ba2a7c79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Jul 2018 14:55:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
62989
x-xss-protection
1; mode=block
expires
Tue, 31 Jul 2018 21:10:01 GMT
activityi;dc_pre=CPOrvIKgytwCFY-H1Qod0zkJ5g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=2647110884600;gtm=G7n;u4=;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=null;u11=1;u12=10000000588...
5290727.fls.doubleclick.net/ Frame 5A7C
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=2647110884600;gtm=G7n;u4=;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=null;u11=1;u12=100000005...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CPOrvIKgytwCFY-H1Qod0zkJ5g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=2647110884600;gtm=G7n;u4=;u5=undefined;u6=undefined;u7=undefined;u8=unde...
0
0
Document
General
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CPOrvIKgytwCFY-H1Qod0zkJ5g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=2647110884600;gtm=G7n;u4=;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=null;u11=1;u12=100000005884893;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.16.166 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s11-in-f166.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
5290727.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPOrvIKgytwCFY-H1Qod0zkJ5g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=2647110884600;gtm=G7n;u4=;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=null;u11=1;u12=100000005884893;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C7D0B8F4BA9875076CBCD41DA36E1F38
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 31 Jul 2018 21:10:01 GMT
expires
Tue, 31 Jul 2018 21:10:01 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
439
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUmf4PawnEaUUch74LmgpGUOl6wjTlZuBnQZf6BbxQzfWorDyB8rQ3gxqRX0; expires=Thu, 30-Jul-2020 21:10:01 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Tue, 31 Jul 2018 21:10:01 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CPOrvIKgytwCFY-H1Qod0zkJ5g;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=2647110884600;gtm=G7n;u4=;u5=undefined;u6=undefined;u7=undefined;u8=undefined;u10=null;u11=1;u12=100000005884893;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html;~oref=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Tue, 31-Jul-2018 21:25:01 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=544131708&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&ul=e...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-2&cid=399665550.1533071402&jid=2056886974&_gid=214252476.1533071402&gjid=1875206117&_v=j68&z=353436696
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=399665550.1533071402&jid=2056886974&_v=j68&z=353436696
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=399665550.1533071402&jid=2056886974&_v=j68&z=353436696&slf_rd=1&random=3562980284
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=399665550.1533071402&jid=2056886974&_v=j68&z=353436696&slf_rd=1&random=3562980284
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=399665550.1533071402&jid=2056886974&_v=j68&z=353436696&slf_rd=1&random=3562980284
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008590664/?random=1533071401603&cv=9&fst=1533071401603&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G7n&sendb=1&frm=0&url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&tiba=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
125bc5964e61f9361e9859a5b9893bc70967d83b8eeba0fad33284f9866594b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1019
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pnytimes.chartbeat.net/
43 B
213 B
Image
General
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&u=DcO7rzBS7dFqBlOCGD&d=nytimes.com&g=16698&g0=business%2Cbusiness_desk&g1=STACY%20COWLEY&n=1&f=00001&c=0&x=0&m=0&y=3887&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2479&t=i0aGQ6-4XMDhuuU8CZ0kpLCIpug1&V=106&i=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million&tz=0&_acct=anon&sn=1&sv=DaYizTD0Ovd_TsqVngOxU3B5U2nj&sd=1&im=06679ff3&_
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Server
54.225.141.30 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-225-141-30.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
v2
samizdat-graphql.nytimes.com/graphql/
62 B
602 B
Other
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.49.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-49-235.compute-1.amazonaws.com
Software
samizdat-graphql-0.3.13 /
Resource Hash
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

Cookie
edu_cig_opt=%7B%22isEduUser%22%3Afalse%7D; b2b_cig_opt=%7B%22isCorpUser%22%3Afalse%7D; walley=GA1.2.399665550.1533071402; walley_gid=GA1.2.214252476.1533071402; _gat_UA-58630905-2=1; nyt-m=9F424429744B4B689325A1EFCCDEDF70&e=i.1533081600&t=i.5&v=i.1&l=l.15.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1&n=i.2&g=i.0&rc=i.0&er=i.1533072144&vr=l.4.1.0.0.0&pr=l.4.1.0.0.0&vp=i.0&gf=l.10.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1&ft=i.0&fv=i.0&gl=l.2.-1.-1&rl=l.1.-1&cav=i.1&imu=i.1&igu=i.1&prt=i.5&kid=i.1&ica=i.1&iue=i.0&ier=i.0&iub=i.0&ifv=i.0&igd=i.0&iga=i.1&imv=i.1&igf=i.0&iru=i.1&ird=i.0&ira=i.1&iir=i.1
Origin
https://www.nytimes.com
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYOpRoYg5X01qAqNyBDM32EI/E77nkFzd2rrVjhdi/VAZfBIrPayyYykIIN+d5GMImm3wg6CmTTkBo7ixmwd7Xv24QSDpjuX0gQ1eqxOEWZ0FHWZWkh4jfLcwqkgKmfHJuvOctEiE/Wic5Qrle323SMDKF8sAqClv8VKA8hyrXHbPDAlAaxq3EPOGjJqpHEdWNVg2S0pN62NSmSudT/ap/BqZf7FqsI2cUxv2mUKzmyy+rYwbhd8TRgj1kFprNOaldrluO4dXjubJIY4qEyJY5Dc/F03sGED4AiGBPVYtPh8zscG64yJJ9Njs1ReyUCSX4jYmxoZOnO+6GfXE0s2xQIDAQAB
nyt-app-type
project-vi
x-nyt-gmt-offset
200
nyt-app-version
0.0.3
Accept-Encoding
gzip, deflate
Connection
keep-alive
Content-Length
285
Pragma
no-cache
x-nyt-country
DE
Host
samizdat-graphql.nytimes.com
x-nyt-continent
EU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json
x-nyt-region
BY
accept
*/*
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYOpRoYg5X01qAqNyBDM32EI/E77nkFzd2rrVjhdi/VAZfBIrPayyYykIIN+d5GMImm3wg6CmTTkBo7ixmwd7Xv24QSDpjuX0gQ1eqxOEWZ0FHWZWkh4jfLcwqkgKmfHJuvOctEiE/Wic5Qrle323SMDKF8sAqClv8VKA8hyrXHbPDAlAaxq3EPOGjJqpHEdWNVg2S0pN62NSmSudT/ap/BqZf7FqsI2cUxv2mUKzmyy+rYwbhd8TRgj1kFprNOaldrluO4dXjubJIY4qEyJY5Dc/F03sGED4AiGBPVYtPh8zscG64yJJ9Njs1ReyUCSX4jYmxoZOnO+6GfXE0s2xQIDAQAB
x-nyt-country
DE
x-nyt-continent
EU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
x-nyt-region
BY
accept
*/*
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
nyt-app-version
0.0.3
x-nyt-gmt-offset
200

Response headers

Date
Tue, 31 Jul 2018 21:10:01 GMT
Content-Encoding
gzip
Server
samizdat-graphql-0.3.13
Etag
B40A740546986CA56CC4AA38D583ABB6
Surrogate-Control
max-age=30, stale-while-revalidate=10, stale-if-error=86400
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.nytimes.com
Samizdat-X-Instance
i-064030958b694b2bb
Cache-Control
private no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
77
v2
samizdat-graphql.nytimes.com/graphql/
24 KB
4 KB
Other
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.49.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-49-235.compute-1.amazonaws.com
Software
samizdat-graphql-0.3.13 /
Resource Hash
5a0459d439cea1b2c2af7d688fb9f3f5772c69ffac35a026a05a597e7eb35f29

Request headers

Cookie
edu_cig_opt=%7B%22isEduUser%22%3Afalse%7D; b2b_cig_opt=%7B%22isCorpUser%22%3Afalse%7D; walley=GA1.2.399665550.1533071402; walley_gid=GA1.2.214252476.1533071402; _gat_UA-58630905-2=1; nyt-m=9F424429744B4B689325A1EFCCDEDF70&e=i.1533081600&t=i.5&v=i.1&l=l.15.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1&n=i.2&g=i.0&rc=i.0&er=i.1533072144&vr=l.4.1.0.0.0&pr=l.4.1.0.0.0&vp=i.0&gf=l.10.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1&ft=i.0&fv=i.0&gl=l.2.-1.-1&rl=l.1.-1&cav=i.1&imu=i.1&igu=i.1&prt=i.5&kid=i.1&ica=i.1&iue=i.0&ier=i.0&iub=i.0&ifv=i.0&igd=i.0&iga=i.1&imv=i.1&igf=i.0&iru=i.1&ird=i.0&ira=i.1&iir=i.1
Origin
https://www.nytimes.com
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYOpRoYg5X01qAqNyBDM32EI/E77nkFzd2rrVjhdi/VAZfBIrPayyYykIIN+d5GMImm3wg6CmTTkBo7ixmwd7Xv24QSDpjuX0gQ1eqxOEWZ0FHWZWkh4jfLcwqkgKmfHJuvOctEiE/Wic5Qrle323SMDKF8sAqClv8VKA8hyrXHbPDAlAaxq3EPOGjJqpHEdWNVg2S0pN62NSmSudT/ap/BqZf7FqsI2cUxv2mUKzmyy+rYwbhd8TRgj1kFprNOaldrluO4dXjubJIY4qEyJY5Dc/F03sGED4AiGBPVYtPh8zscG64yJJ9Njs1ReyUCSX4jYmxoZOnO+6GfXE0s2xQIDAQAB
nyt-app-type
project-vi
x-nyt-gmt-offset
200
nyt-app-version
0.0.3
Accept-Encoding
gzip, deflate
Connection
keep-alive
Content-Length
172
Pragma
no-cache
x-nyt-country
DE
Host
samizdat-graphql.nytimes.com
x-nyt-continent
EU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json
x-nyt-region
BY
accept
*/*
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYOpRoYg5X01qAqNyBDM32EI/E77nkFzd2rrVjhdi/VAZfBIrPayyYykIIN+d5GMImm3wg6CmTTkBo7ixmwd7Xv24QSDpjuX0gQ1eqxOEWZ0FHWZWkh4jfLcwqkgKmfHJuvOctEiE/Wic5Qrle323SMDKF8sAqClv8VKA8hyrXHbPDAlAaxq3EPOGjJqpHEdWNVg2S0pN62NSmSudT/ap/BqZf7FqsI2cUxv2mUKzmyy+rYwbhd8TRgj1kFprNOaldrluO4dXjubJIY4qEyJY5Dc/F03sGED4AiGBPVYtPh8zscG64yJJ9Njs1ReyUCSX4jYmxoZOnO+6GfXE0s2xQIDAQAB
x-nyt-country
DE
x-nyt-continent
EU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
x-nyt-region
BY
accept
*/*
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
nyt-app-version
0.0.3
x-nyt-gmt-offset
200

Response headers

Date
Tue, 31 Jul 2018 21:10:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Jul 2018 21:08:05 GMT
Server
samizdat-graphql-0.3.13
Etag
5B7D971003CF68B893BA9A2CFE526063
Surrogate-Control
max-age=30, stale-while-revalidate=10, stale-if-error=86400
Vary
Accept-Encoding, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-gmt-offset, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.nytimes.com
Samizdat-X-Instance
i-064030958b694b2bb
Cache-Control
max-age=30
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3319
100468016962764
connect.facebook.net/signals/config/
80 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/100468016962764?v=2.8.24&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
aa1619dddf6ae1e53f10086b7d574873ba2aa8e7e44c22861c86bf1defb8e361
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16716
x-xss-protection
0
pragma
public
x-fb-debug
XVA3gYiUGTalL7ZsmNr0phGHL/aB3mqP92TLsrcw2F+72/Re9ISlEnH3hxuX0jOXKaBg9FoaPB1G0yqQn0jp7g==
x-frame-options
DENY
date
Tue, 31 Jul 2018 21:10:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
378 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2614963538652&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1533071401718
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Server
151.101.12.84 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Jul 2018 21:10:01 GMT
Age
0
Content-Type
image/gif
Access-Control-Allow-Origin
*
Pinterest-Generated-By
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
X-Pinterest-RID
385078252303
Expires
Sat, 01 Jan 2000 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/
0
1 KB
Script
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Tue%2C%2031%20Jul%202018%2021%3A10%3A01%20GMT&n=0&b=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&.yp=10005754&f=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&enc=UTF-8
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
SPDY
Server
188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:01 GMT
via
http/1.1 spdc0022.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
status
204
50136
stags.bluekai.com/site/
62 B
527 B
Image
General
Full URL
https://stags.bluekai.com/site/50136?limit=1&id=undefined&gtmcb=1610594028
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Server
172.227.114.224 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-114-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Jul 2018 21:10:01 GMT
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
62
BK-Server
5561
Expires
Thu, 01 Dec 1994 16:00:00 GMT
meter-echo.js
meter-svc.nytimes.com/
460 B
691 B
Script
General
Full URL
https://meter-svc.nytimes.com/meter-echo.js?callback=jsonp_1533071401785_34939
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.82.207 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-235-82-207.compute-1.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
566caa133434a6387d1d488ea87564d30092748bda46dec98c5f75328bea477b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
meter-svc.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Cookie
edu_cig_opt=%7B%22isEduUser%22%3Afalse%7D; b2b_cig_opt=%7B%22isCorpUser%22%3Afalse%7D; walley=GA1.2.399665550.1533071402; walley_gid=GA1.2.214252476.1533071402; _gat_UA-58630905-2=1; nyt-m=9F424429744B4B689325A1EFCCDEDF70&e=i.1533081600&t=i.5&v=i.1&l=l.15.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1&n=i.2&g=i.0&rc=i.0&er=i.1533072144&vr=l.4.1.0.0.0&pr=l.4.1.0.0.0&vp=i.0&gf=l.10.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1&ft=i.0&fv=i.0&gl=l.2.-1.-1&rl=l.1.-1&cav=i.1&imu=i.1&igu=i.1&prt=i.5&kid=i.1&ica=i.1&iue=i.0&ier=i.0&iub=i.0&ifv=i.0&igd=i.0&iga=i.1&imv=i.1&igf=i.0&iru=i.1&ird=i.0&ira=i.1&iir=i.1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 31 Jul 2018 21:22:24 GMT
Cache-Control
max-age=300
Expires
Tue, 31-Jul-2018 21:27:24 GMT
Server
nginx/1.10.2
Connection
keep-alive
Content-Length
460
Content-Type
application/x-javascript
v2
samizdat-graphql.nytimes.com/graphql/
55 B
592 B
Other
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.150.166 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-150-166.compute-1.amazonaws.com
Software
samizdat-graphql-0.3.13 /
Resource Hash
36bef25f1e7ddc82a58af7d43bf35562ab45d6625b2e8bff47ea4d5f85357b82

Request headers

Cookie
edu_cig_opt=%7B%22isEduUser%22%3Afalse%7D; b2b_cig_opt=%7B%22isCorpUser%22%3Afalse%7D; walley=GA1.2.399665550.1533071402; walley_gid=GA1.2.214252476.1533071402; _gat_UA-58630905-2=1; nyt-m=9F424429744B4B689325A1EFCCDEDF70&e=i.1533081600&t=i.5&v=i.1&l=l.15.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1.-1&n=i.2&g=i.0&rc=i.0&er=i.1533072144&vr=l.4.1.0.0.0&pr=l.4.1.0.0.0&vp=i.0&gf=l.10.3341332402.-1.-1.-1.-1.-1.-1.-1.-1.-1&ft=i.0&fv=i.0&gl=l.2.-1.-1&rl=l.1.-1&cav=i.1&imu=i.1&igu=i.1&prt=i.5&kid=i.1&ica=i.1&iue=i.0&ier=i.0&iub=i.0&ifv=i.0&igd=i.0&iga=i.1&imv=i.1&igf=i.0&iru=i.1&ird=i.0&ira=i.1&iir=i.1; nyt-a=a7f555b51b14f2f06006afff2d6a8ce4
Origin
https://www.nytimes.com
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYOpRoYg5X01qAqNyBDM32EI/E77nkFzd2rrVjhdi/VAZfBIrPayyYykIIN+d5GMImm3wg6CmTTkBo7ixmwd7Xv24QSDpjuX0gQ1eqxOEWZ0FHWZWkh4jfLcwqkgKmfHJuvOctEiE/Wic5Qrle323SMDKF8sAqClv8VKA8hyrXHbPDAlAaxq3EPOGjJqpHEdWNVg2S0pN62NSmSudT/ap/BqZf7FqsI2cUxv2mUKzmyy+rYwbhd8TRgj1kFprNOaldrluO4dXjubJIY4qEyJY5Dc/F03sGED4AiGBPVYtPh8zscG64yJJ9Njs1ReyUCSX4jYmxoZOnO+6GfXE0s2xQIDAQAB
nyt-app-type
project-vi
x-nyt-gmt-offset
200
nyt-app-version
0.0.3
Accept-Encoding
gzip, deflate
Connection
keep-alive
Content-Length
170
Pragma
no-cache
x-nyt-country
DE
Host
samizdat-graphql.nytimes.com
x-nyt-continent
EU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json
x-nyt-region
BY
accept
*/*
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com
nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYOpRoYg5X01qAqNyBDM32EI/E77nkFzd2rrVjhdi/VAZfBIrPayyYykIIN+d5GMImm3wg6CmTTkBo7ixmwd7Xv24QSDpjuX0gQ1eqxOEWZ0FHWZWkh4jfLcwqkgKmfHJuvOctEiE/Wic5Qrle323SMDKF8sAqClv8VKA8hyrXHbPDAlAaxq3EPOGjJqpHEdWNVg2S0pN62NSmSudT/ap/BqZf7FqsI2cUxv2mUKzmyy+rYwbhd8TRgj1kFprNOaldrluO4dXjubJIY4qEyJY5Dc/F03sGED4AiGBPVYtPh8zscG64yJJ9Njs1ReyUCSX4jYmxoZOnO+6GfXE0s2xQIDAQAB
x-nyt-country
DE
x-nyt-continent
EU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
nyt-app-type
project-vi
content-type
application/json
x-nyt-region
BY
accept
*/*
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
nyt-app-version
0.0.3
x-nyt-gmt-offset
200

Response headers

Date
Tue, 31 Jul 2018 21:10:02 GMT
Content-Encoding
gzip
Server
samizdat-graphql-0.3.13
Etag
FAA8C838D21EED9B94398FB48DFA393D
Surrogate-Control
max-age=30, stale-while-revalidate=10, stale-if-error=86400
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.nytimes.com
Samizdat-X-Instance
i-07c88bec456b1bf79
Cache-Control
private no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
i
p2.keywee.co/
43 B
292 B
Image
General
Full URL
https://p2.keywee.co/i?e=pv&url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&page=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&tv=js-2.4.3&tna=cf&aid=18&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=8bda82ee-d44d-4a5b-9aa8-19993f6119b3&dtm=1533071401875&vp=1600x1200&ds=1585x4000&vid=1&duid=b9a868aa7dcd62d3&fp=3998842399
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
34.206.29.55 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-206-29-55.compute-1.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200, 200 OK
date
Tue, 31 Jul 2018 21:10:02 GMT
x-content-type-options
nosniff
server
nginx/1.8.1
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
/
www.google.com/ads/user-lists/1008590664/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/user-lists/1008590664/?random=1533071401603&cv=9&fst=1533070800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G7n&sendb=1&frm=0&url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&tiba=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&async=1&fmt=3&cdct=2&is_vtc=1&random=1811286578&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
2a00:1450:4001:814::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:01 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/ads/user-lists/1008590664/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/user-lists/1008590664/?random=1533071401603&cv=9&fst=1533070800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G7n&sendb=1&frm=0&url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&tiba=Wells%20Fargo%20Agrees%20to%20Settle%20With%20Shareholders%20for%20%24480%20Million%20-%20The%20New%20York%20Times&async=1&fmt=3&cdct=2&is_vtc=1&random=1811286578&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:01 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set 50134
stags.bluekai.com/site/ Frame 9405
0
0
Document
General
Full URL
https://stags.bluekai.com/site/50134?ret=html&phint=regid&phint=usertype%3Danon&phint=userloggedin%3Dfalse&phint=coresubtenure%3D&phint=corestop%3D&phint=corepromo%3Dfalse&phint=ingrace%3Dfalse&phint=giftrecipient%3Dfalse&phint=childsubrecipient%3Dfalse&phint=bundlecoredigi%3D&phint=bundlecorehd%3D&phint=bundlexword%3D&phint=bundlecooking%3D&phint=bundleother%3D&phint=b2bentitle%3Dfalse&phint=marketingoptin%3Dfalse&phint=formercoresub%3Dfalse&phint=formeredusub%3Dfalse&phint=formerhdsub%3Dfalse&phint=retentionscore%3D&phint=newsletters%3D&phint=topwatseg%3D&phint=sassegment%3D&phint=hdstopreasoncode%3D&phint=businessname%3D&phint=corpadblock%3Dfalse&phint=isedu%3D&phint=propensityedu%3D&phint=propensityscore&phint=activedays%3D1&phint=metercount%3D&phint=propensitysection&phint=propensitytype&phint=propensitysite&phint=url%3Dhttps%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&phint=referrer%3D&phint=section%3DBusiness%20Day&phint=subsection%3D&phint=pagetype%3DArticle&phint=keywords%3DSuits%20and%20Litigation%20(Civil)%2CWells%20Fargo%20%26%20Company&phint=sourceapp%3Dnyt-vi&phint=browsername%3DChrome&phint=funnelpropensity%3D0&phint=column%3D&phint=collectionname%3D&phint=contenttype%3Darticle&phint=xwordstenure%3D&phint=cookingtenure%3D&phint=xwordsstop%3D&phint=cookingstop%3D&phint=productswitch%3D&phint=giftsubgiver%3Dfalse&phint=formerxwordsub%3Dfalse&phint=formercookingsub%3Dfalse&phint=watsegs%3D&phint=edusub%3D&limit=3&r=48257424
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.114.224 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-114-224.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Accept-Encoding
gzip, deflate
Cookie
bkdc=iad; bku=5LD99Y7xRar7Cp5S
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C7D0B8F4BA9875076CBCD41DA36E1F38
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html

Response headers

Content-Type
text/html
Content-Length
1571
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Pragma
no-cache
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control
max-age=0, no-cache, no-store
BK-Server
d4c
Date
Tue, 31 Jul 2018 21:10:02 GMT
Connection
keep-alive
Set-Cookie
bku=5LD99Y7xRar7Cp5S; expires=Sun, 27-Jan-2019 21:10:01 GMT; path=/; domain=.bluekai.com
ads
securepubads.g.doubleclick.net/gampad/
41 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4047467005998257&correlator=1805431661826318&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21061742%2C21062287&vrg=235&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F29390238%2Fnyt%2Fbusiness&sz=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&scp=ver%3Dvi%26sov%3D1%26sub%3Danon%26vp%3Dlarge%26test%3Dprojectvi%26abra_dfp%3Dmkt_dfp_lanes_5%2Cdfp_hb_in_body_0%2Cmkt_wm_offer_fm_dfp_0718_1_freetrial%26template%3Darticle%26hasVideo%3D%26aid%3DYhnjHNL0am0ZH-blGEqn0F%26plat%3Dweb%26auth%3Dstacycowley%26typ%3Dart%26edn%3Dus%26des%3Dsuitsandlitigationcivil%26org%3Dwellsfargocompany%26coll%3Dbusinessday%26id%3D100000005884893%26als_test%3Dtrue%26brandsensitive%3Dfalse%26ledemedsz%3Dnone%26prop%3Dnyt%26section%3Dbusiness%26artlen%3Dshort%26emotions%3Dnoemotion%26page_view_id%3Dcc663d7e-0313-4415-8caf-d99bab97907a%26gdprUser%3Dtrue%26pos%3Dtop%26div%3Dtop%26request_time%3D1850&cookie_enabled=1&bc=7&abxe=1&lmt=1533071399&dt=1533071401975&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=77&adk=1842410607&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&dssz=60&icsg=150502359041&mso=33554432&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x-1&msz=1585x-1&ga_vid=399665550.1533071402&ga_sid=1533071402&ga_hid=544131708
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
cafe /
Resource Hash
685ce78cf6093b7225ca91a7538d9054560e6482a67d8c9d8b1ec985f50d8f1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
11013
x-xss-protection
1; mode=block
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_235.js
securepubads.g.doubleclick.net/gpt/
42 KB
16 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_235.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
sffe /
Resource Hash
21e105e01591b5b04ef09d2e63dd1dbbd39b41bc45dd029f6f1ef2cd79a637bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 23 Jul 2018 14:55:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16416
x-xss-protection
1; mode=block
expires
Tue, 31 Jul 2018 21:10:02 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/
0
0
Other
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Protocol
SPDY
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires
Fri, 19 Jul 2019 09:15:13 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Mon, 11 Jun 2018 14:38:59 GMT
content-type
text/html
ads
securepubads.g.doubleclick.net/gampad/
461 B
426 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4047467005998257&correlator=1805431661826318&output=json_html&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21061742%2C21062287&vrg=235&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F29390238%2Fnyt%2Fbusiness&sz=150x50&scp=ver%3Dvi%26sov%3D1%26sub%3Danon%26vp%3Dlarge%26test%3Dprojectvi%26abra_dfp%3Dmkt_dfp_lanes_5%2Cdfp_hb_in_body_0%2Cmkt_wm_offer_fm_dfp_0718_1_freetrial%26template%3Darticle%26hasVideo%3D%26aid%3DYhnjHNL0am0ZH-blGEqn0F%26plat%3Dweb%26auth%3Dstacycowley%26typ%3Dart%26edn%3Dus%26des%3Dsuitsandlitigationcivil%26org%3Dwellsfargocompany%26coll%3Dbusinessday%26id%3D100000005884893%26als_test%3Dtrue%26brandsensitive%3Dfalse%26ledemedsz%3Dnone%26prop%3Dnyt%26section%3Dbusiness%26artlen%3Dshort%26emotions%3Dnoemotion%26page_view_id%3Dcc663d7e-0313-4415-8caf-d99bab97907a%26gdprUser%3Dtrue%26pos%3Dsponsor%26div%3Dsponsor%26request_time%3D1891&cookie_enabled=1&bc=7&abxe=1&lmt=1533071399&dt=1533071401998&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=2612080232&gut=v2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&dssz=61&icsg=150502359041&mso=33554432&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=399665550.1533071402&ga_sid=1533071402&ga_hid=544131708
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
cafe /
Resource Hash
27bf5fc6027e1a0653520dfce8dab110d5a31c5e723db9c7a186d29a93b3f25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
330
x-xss-protection
1; mode=block
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
5 KB
3 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4047467005998257&correlator=1805431661826318&output=json_html&callback=googletag.impl.pubads.callbackProxy3&impl=fif&adsid=NT&eid=21061742%2C21062287&vrg=235&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F29390238%2Fnyt%2Fbusiness&sz=1x1%7C640x480&scp=ver%3Dvi%26sov%3D1%26sub%3Danon%26vp%3Dlarge%26test%3Dprojectvi%26abra_dfp%3Dmkt_dfp_lanes_5%2Cdfp_hb_in_body_0%2Cmkt_wm_offer_fm_dfp_0718_1_freetrial%26template%3Darticle%26hasVideo%3D%26aid%3DYhnjHNL0am0ZH-blGEqn0F%26plat%3Dweb%26auth%3Dstacycowley%26typ%3Dart%26edn%3Dus%26des%3Dsuitsandlitigationcivil%26org%3Dwellsfargocompany%26coll%3Dbusinessday%26id%3D100000005884893%26als_test%3Dtrue%26brandsensitive%3Dfalse%26ledemedsz%3Dnone%26prop%3Dnyt%26section%3Dbusiness%26artlen%3Dshort%26emotions%3Dnoemotion%26page_view_id%3Dcc663d7e-0313-4415-8caf-d99bab97907a%26gdprUser%3Dtrue%26pos%3Dinterstitial%26div%3Dinterstitial%26request_time%3D1905&cookie_enabled=1&bc=7&abxe=1&lmt=1533071399&dt=1533071402015&frm=20&biw=1585&bih=1200&oid=3&adx=0&ady=0&adk=1901412585&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&dssz=61&icsg=150502359041&mso=33554432&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=399665550.1533071402&ga_sid=1533071402&ga_hid=544131708
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
cafe /
Resource Hash
03f068eb4f4d909c89dba2b6dd46ffceb05ccd06eabcbeecda647dd22b243d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2678
x-xss-protection
1; mode=block
google-lineitem-id
4740016457
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138239486484
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
250 B
Image
General
Full URL
https://www.facebook.com/tr/?id=100468016962764&ev=PageView&dl=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&rl=&if=false&ts=1533071402039&sw=1600&sh=1200&v=2.8.24&r=stable&ec=0&o=28&it=1533071401714&exp=button_click_send_beacon
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 31 Jul 2018 21:10:02 GMT
/
www.facebook.com/tr/
44 B
104 B
Image
General
Full URL
https://www.facebook.com/tr/?id=100468016962764&ev=ViewContent&dl=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&rl=&if=false&ts=1533071402044&cd[content_category]=business&cd[content_ids]=%5B3341332402%5D&cd[content_type]=product&cd[value]=1&cd[currency]=USD&sw=1600&sh=1200&v=2.8.24&r=stable&ec=1&o=28&it=1533071401714&exp=button_click_send_beacon
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 31 Jul 2018 21:10:02 GMT
/
www.facebook.com/tr/
44 B
104 B
Image
General
Full URL
https://www.facebook.com/tr/?id=100468016962764&ev=KeyweeCE1&dl=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&rl=&if=false&ts=1533071402047&cd[category]=business&cd[section]=&cd[tsop]=0&cd[lop]=0&cd[noad30]=0&cd[noadic30]=0&cd[nodaiccm]=0&cd[nodacm]=0&cd[cat-business]=1&cd[ar30d]=0&cd[arcm]=0&cd[aric30d]=0&cd[ariccm]=0&cd[kar30d]=0&cd[karcm]=0&cd[karic30d]=0&cd[kariccm]=0&cd[ts30d]=0&cd[tscm]=0&cd[tsic30d]=0&cd[tsiccm]=0&sw=1600&sh=1200&v=2.8.24&r=stable&ec=2&o=28&it=1533071401714&exp=button_click_send_beacon
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 31 Jul 2018 21:10:02 GMT
ads
securepubads.g.doubleclick.net/gampad/
11 KB
4 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4047467005998257&correlator=1805431661826318&output=json_html&callback=googletag.impl.pubads.callbackProxy4&impl=fif&adsid=NT&eid=21061742%2C21062287&vrg=235&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-29&iu=%2F29390238%2Fnyt%2Fbusiness&sz=320x50&fluid=height&scp=ver%3Dvi%26sov%3D1%26sub%3Danon%26vp%3Dlarge%26test%3Dprojectvi%26abra_dfp%3Dmkt_dfp_lanes_5%2Cdfp_hb_in_body_0%2Cmkt_wm_offer_fm_dfp_0718_1_freetrial%26template%3Darticle%26hasVideo%3D%26aid%3DYhnjHNL0am0ZH-blGEqn0F%26plat%3Dweb%26auth%3Dstacycowley%26typ%3Dart%26edn%3Dus%26des%3Dsuitsandlitigationcivil%26org%3Dwellsfargocompany%26coll%3Dbusinessday%26id%3D100000005884893%26als_test%3Dtrue%26brandsensitive%3Dfalse%26ledemedsz%3Dnone%26prop%3Dnyt%26section%3Dbusiness%26artlen%3Dshort%26emotions%3Dnoemotion%26page_view_id%3Dcc663d7e-0313-4415-8caf-d99bab97907a%26gdprUser%3Dtrue%26pos%3Dribbon%26div%3Dribbon%26request_time%3D2326&cookie_enabled=1&bc=7&abxe=1&lmt=1533071399&dt=1533071402442&frm=20&biw=1585&bih=1200&oid=3&adx=1108&ady=1249&adk=833391001&gut=v2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&dssz=61&icsg=150502359041&mso=33554432&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=270x-1&msz=270x-1&ga_vid=399665550.1533071402&ga_sid=1533071402&ga_hid=544131708
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
cafe /
Resource Hash
4936b38510b6fffc97fed90b9e0765d60c3d6e2e8a4f5c8b4bb0b9a20860d620
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
4371
x-xss-protection
1; mode=block
google-lineitem-id
4745509085
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138239295062
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
01dc-trolls-thumbLarge.jpg
static01.nyt.com/images/2018/08/01/us/01dc-trolls/
10 KB
10 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/08/01/us/01dc-trolls/01dc-trolls-thumbLarge.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
31d964f4886c442175db75e3993fad263cf447a5b33a3ce4a4d5ef00dea749e0

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
via
1.1 varnish, 1.1 varnish
age
17895
x-guploader-uploadid
AEnB2UqgBYaZgqcE9VbUjoPgwVI3E8T7Osks__2_sva9nRRONkTKPIlgPJ1slSzCTeu5qSophFBsadMj1TTg0rNlo_NY_itTBg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
9979
x-served-by
cache-iad2145-IAD, cache-fra19120-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Tue, 31 Jul 2018 16:11:40 GMT
server
UploadServer
x-timer
S1533071403.550931,VS0,VE0
etag
"ae442d62864ccbab74dd7ae6ea92fd35"
vary
Origin
x-goog-hash
crc32c=Ed2PKA==, md5=rkQtYoZMy6t03Xrm6pL9NQ==
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 31 Jul 2018 16:11:47 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-cache-hits
1, 174
0805-BKS-Cover-thumbLarge.jpg
static01.nyt.com/images/2018/08/05/books/review/0805-BKS-Cover/
11 KB
12 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/08/05/books/review/0805-BKS-Cover/0805-BKS-Cover-thumbLarge.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
591630ffb178064a3cbd099a815af7c735408848c57a086895da7b1f429271cf

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
via
1.1 varnish, 1.1 varnish
age
84557
x-guploader-uploadid
AEnB2UoRmaJtbj0pAjpT6vGaHMAoGsH6KuZ0jkTGOQozDhStaP7JswN0N3TEGoX0TZALNXF0fII7K7VoH__JsAAIGWB3OldCaA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
11546
x-served-by
cache-iad2151-IAD, cache-fra19120-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Mon, 30 Jul 2018 21:40:41 GMT
server
UploadServer
x-timer
S1533071403.551797,VS0,VE0
etag
"db301da23384fe6be3e50a9ec8c324d0"
vary
Origin
x-goog-hash
crc32c=/yRZTQ==, md5=2zAdojOE/mvj5QqeyMMk0A==
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 30 Jul 2018 21:40:44 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-cache-hits
3, 448
01dc-manafort1-thumbLarge.jpg
static01.nyt.com/images/2018/08/01/us/politics/01dc-manafort1/
12 KB
12 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/08/01/us/politics/01dc-manafort1/01dc-manafort1-thumbLarge.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b835062a8f802a8a4ed9596579b58d48e080f5f0727288003876d94b9f24a790

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
via
1.1 varnish, 1.1 varnish
age
13943
x-guploader-uploadid
AEnB2UokJXfohC8R2eLbcZDHR_Mmejy-kBmUCxchIE_u8Ipj5BbVw-Dzx4-Qb5SEqI2dj9D8qw8CI5b_F1cRGTL_4P-wN20MqA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
12013
x-served-by
cache-iad2143-IAD, cache-fra19120-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Tue, 31 Jul 2018 17:10:13 GMT
server
UploadServer
x-timer
S1533071403.551801,VS0,VE0
etag
"514c336c45a859969cffcf487bbb8aa4"
vary
Origin
x-goog-hash
crc32c=jSRz3g==, md5=UUwzbEWoWZac/89Ie7uKpA==
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 31 Jul 2018 17:17:39 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-cache-hits
2, 35
31separate-01-print-thumbLarge-v2.jpg
static01.nyt.com/images/2018/07/31/us/31separate-01-print/
8 KB
8 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/07/31/us/31separate-01-print/31separate-01-print-thumbLarge-v2.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
151.101.13.164 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09dd8b9e9b44f4cf1420526638274c21e63b4995ff53be4128eaf94af7ccfcea

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 21:10:02 GMT
via
1.1 varnish, 1.1 varnish
age
32754
x-guploader-uploadid
AEnB2UpdRVPrmSCmStlOlXp2HK_PW_BOpw58xKRgYQHONKxmar_ZKinw7rfd8Ba4NHGwRRxpdQsWpT1uQsJpoXNyXXlExSF5BQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7882
x-served-by
cache-iad2146-IAD, cache-fra19120-FRA
x-nyt-gcs-bucket
cms-gke-prd-publish-images-storage
last-modified
Tue, 31 Jul 2018 12:01:54 GMT
server
UploadServer
x-timer
S1533071403.551863,VS0,VE0
etag
"d5dd1d0a47bd0a0b30e0bbaf8afe0428"
vary
Origin
x-goog-hash
crc32c=cbGYYg==, md5=1d0dCke9Cgsw4Luviv4EKA==
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 31 Jul 2018 12:04:08 GMT
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges
bytes
x-cache-hits
2, 241
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame 23EE
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_235.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-29/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C7D0B8F4BA9875076CBCD41DA36E1F38
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
1479
date
Thu, 19 Jul 2018 09:15:13 GMT
expires
Fri, 19 Jul 2019 09:15:13 GMT
last-modified
Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, immutable, max-age=31536000
age
1079689
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
osd.js
pagead2.googlesyndication.com/pagead/
70 KB
26 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Protocol
SPDY
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
758b94ed453fec7dacb05e6662f18e65ff001244b47758aaa69eea4322a33aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 31 Jul 2018 20:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3243
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26269
x-xss-protection
1; mode=block
server
cafe
etag
6791782517364381875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 31 Jul 2018 21:15:59 GMT
B21080064.225148537;dc_pre=CKz3-oKgytwCFdKwewodRDIAVQ;dc_trk_aid=423200409;dc_trk_cid=103664029;ord=166697048;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/ Frame 3314
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B21080064.225148537;dc_trk_aid=423200409;dc_trk_cid=103664029;ord=166697048;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B21080064.225148537;dc_pre=CKz3-oKgytwCFdKwewodRDIAVQ;dc_trk_aid=423200409;dc_trk_cid=103664029;ord=166697048;dc_lat=;dc_rd...
7 KB
6 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B21080064.225148537;dc_pre=CKz3-oKgytwCFdKwewodRDIAVQ;dc_trk_aid=423200409;dc_trk_cid=103664029;ord=166697048;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
172.217.22.102 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f102.1e100.net
Software
cafe /
Resource Hash
df622c791477d7e716cfb0f2192b8ec3552258c35beff2fbec55a0942ec0bd49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
5617
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B21080064.225148537;dc_pre=CKz3-oKgytwCFdKwewodRDIAVQ;dc_trk_aid=423200409;dc_trk_cid=103664029;ord=166697048;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20180730/r20110914/activeview/ Frame 3314
71 KB
26 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180730/r20110914/activeview/osd_listener.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Protocol
SPDY
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
42885a03ca9bfe466a0ba3d5d0754fe8b37e506f1c8e5334a4d519abd0788e07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 30 Jul 2018 13:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
115536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26366
x-xss-protection
1; mode=block
server
cafe
etag
7132534005209257656
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Aug 2018 13:04:26 GMT
imgad
tpc.googlesyndication.com/pagead/ Frame 3314
97 KB
97 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/imgad?id=CICAgKCb5Zq7vgEQARgBMgjGZy2eqKARxw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_235.js
Protocol
SPDY
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
c54c32eb67744b32acefb7bc609d37aebdae82c08298775f1ec2f7974d03dc6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 30 Jul 2018 14:02:33 GMT
x-content-type-options
nosniff
server
cafe
age
112049
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
98872
x-xss-protection
1; mode=block
expires
Mon, 06 Aug 2018 14:02:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3314
0
56 B
Image
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-v-yPMSQJE3qNDD1AZuCPvqwtzlGJVemta808rX19ecj69oGVTQTvEBMz_ynUTtsZY-R7JykuTDZLlO2JVYfnqW7hF0TcvupwXe2frQl_7lgI3R478Sd8lmLjogUiJ3sbMUH83eGvnjuJ3k5-TKitJdsoz-j22SQv9wcCzVdAIDhQnsAELVYHyrTY4f-XliBivATdculdojop9rdPsANPBKVGjiHingxIIJFBQEgPKEtn1GUHGARXPWqDTK3LqtKfD95e9ep0fCPW7ppu&sai=AMfl-YS_c1e6MAMg8JHnFLnzxvDjn_Zf6voNd8_E2nMPukWSnXb-wKPo9FONnv4LAmIlS8dZC6cO-eRaDvB3aCfKqS6BmQeVCmM7AIfEoAhEJx5NxkxRayhRxj4P4oFy&sig=Cg0ArKJSzBwwKToyvkyfEAE&urlfix=1&adurl=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control
private
content-type
text/html; charset=UTF-8
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame 1EB1
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_235.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-29/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C7D0B8F4BA9875076CBCD41DA36E1F38
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
1479
date
Thu, 19 Jul 2018 09:15:13 GMT
expires
Fri, 19 Jul 2019 09:15:13 GMT
last-modified
Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, immutable, max-age=31536000
age
1079689
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
/
www.facebook.com/tr/ Frame B221
0
0
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
5457
pragma
no-cache
cache-control
no-cache
origin
https://www.nytimes.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
accept-encoding
gzip, deflate
cookie
fr=00ppPqLsbp88MDiA5..BbYNAq...1.0.BbYNAq.
Origin
https://www.nytimes.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C7D0B8F4BA9875076CBCD41DA36E1F38
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html

Response headers

status
200
content-type
text/plain
content-length
0
server
proxygen-bolt
date
Tue, 31 Jul 2018 21:10:02 GMT
V6zvOIoD.js
tpc.googlesyndication.com/sodar/ Frame 3314
40 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/V6zvOIoD.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/trackimpj/N296811.6440THENEWYORKTIMESCOMPA/B21080064.225148537;dc_pre=CKz3-oKgytwCFdKwewodRDIAVQ;dc_trk_aid=423200409;dc_trk_cid=103664029;ord=166697048;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
Protocol
SPDY
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
57acef388a037b38756fdd178f355217378fa2a6a9a92d0bd9655e48a9b811cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 17 Jul 2018 00:23:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Jan 2018 21:45:00 GMT
server
sffe
age
1284405
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
15146
x-xss-protection
1; mode=block
expires
Wed, 17 Jul 2019 00:23:17 GMT
truncated
/ Frame 3314
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26079f1dc748eabef2f59b7528c133c5eda4395bc98ef333b24200a61da6bd8e

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
6uQTKQJz.html
tpc.googlesyndication.com/sodar/ Frame 2789
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/6uQTKQJz.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/V6zvOIoD.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/6uQTKQJz.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
C7D0B8F4BA9875076CBCD41DA36E1F38
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
7233
date
Thu, 19 Jul 2018 18:17:55 GMT
expires
Fri, 19 Jul 2019 18:17:55 GMT
last-modified
Tue, 02 Jan 2018 21:45:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
1047128
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
cs.js
sb.scorecardresearch.com/c2/3005403/
0
400 B
Script
General
Full URL
https://sb.scorecardresearch.com/c2/3005403/cs.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
HTTP/1.1
Server
104.111.214.103 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-214-103.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 31 Jul 2018 21:10:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2013 17:55:29 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1384365329"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
20
Expires
Fri, 03 Aug 2018 21:10:03 GMT
log
errors.client.optimizely.com/
13 B
407 B
XHR
General
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-bcee3610af1aeb501b95.js
Protocol
HTTP/1.1
Server
34.231.112.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-231-112-174.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 31 Jul 2018 21:10:03 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
activeview
pagead2.googlesyndication.com/pcs/ Frame 3314
42 B
114 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss4aSwWQilJuwRnc4CNLchvXqvKiidQ7EL9_H4-t2jR8pT7SmoeTrdaYkq25Oym_6Jd2W87Vyge4aBYM23ygB-BaftLW3bDQuk&sig=Cg0ArKJSzGqVPYFT-0PQEAE&r=z&adk=1901412585&tt=430&bs=1585,1200&mtos=0,0,0,0,0&tos=0,0,0,0,0&p=0,0,0,0&mcvt=0&rs=3&ht=0&mc=0&lte=-1&bas=0&bac=0&avms=geo&rst=1533071402641&rpt=328&bos=1600,1200&ps=1585,4057&ss=1600,1200&pt=-1&deb=1-0-3-4-4--1-5-1&tvt=420&op=1&id=osdim&ti=1&uc=1&tgt=BODY&cl=1&cec=6&clc=0&cac=0&cd=0x0&v=r20180730
Protocol
SPDY
Server
2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Jul 2018 21:10:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
errors.client.optimizely.com/
0
241 B
XHR
General
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Server
34.231.112.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-231-112-174.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Origin
https://www.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.nytimes.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Tue, 31 Jul 2018 21:10:03 GMT
Content-Type
text/plain
Cookie set /
et.nytimes.com/
115 B
775 B
Script
General
Full URL
https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2018%2F05%2F04%2Fbusiness%2Fwells-fargo-shareholder-suit-phony-accounts.html&referrer=&clientTimeStamp=1533071401436&totalTime=4804&evtUUID=5b7105e8-cc21-4592-af79-acb41fe52d05&incognitoEnabled=false&activeTime=5000&adBlockEnabled=false&depth=0&viewport=%7B%7D&performance=%7B%22domInteractive%22%3A1031%2C%22domContentLoaded%22%3A1287%2C%22requestStart%22%3A204%2C%22responseStart%22%3A883%2C%22pageLoadTime%22%3A4103%7D&presentation=%7B%22pageType%22%3A%22Article%22%7D&page_view_id=cc663d7e-0313-4415-8caf-d99bab97907a&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22timing%22%2C%22context%22%3A%22script-load%22%2C%22label%22%3A%22meter%22%2C%22region%22%3A%22593%22%7D%7D%2C%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22timing%22%2C%22context%22%3A%22script-load%22%2C%22label%22%3A%22cig%22%2C%22region%22%3A%221084%22%7D%7D%2C%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22timing%22%2C%22context%22%3A%22script-load%22%2C%22label%22%3A%22optlyScript%22%2C%22region%22%3A%22979%22%7D%7D%5D&sourceApp=nyt-vi&callback=window.EventTracker.cb1&datumId=e685ecd5256a4248&agentId=a7f555b51b14f2f06006afff2d6a8ce4
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.204.77 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-227-204-77.compute-1.amazonaws.com
Software
/
Resource Hash
3fd237b433e2312ed679cf5fa668f75ef4e2a519a388ee2df87dc2064917ff05

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
et.nytimes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.nytimes.com/2018/05/04/business/wells-fargo-shareholder-suit-phony-accounts.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Set-Cookie
et-a1=%257B%2522agentId%2522%253A%2522a7f555b51b14f2f06006afff2d6a8ce4%2522%252C%2522agentStarted%2522%253A1533071401785%252C%2522sessionIndex%2522%253A1%252C%2522sessionStarted%2522%253A1533071401785%252C%2522lastModified%2522%253A1533071406609%252C%2522lastUpdate%2522%253A1533071406609%257D; Domain=et.nytimes.com; Path=/; Expires=Wed, 31 Jul 2019 21:10:06 GMT nyt-a=a7f555b51b14f2f06006afff2d6a8ce4; Domain=.nytimes.com; Path=/; Expires=Wed, 31 Jul 2019 21:10:06 GMT
Date
Tue, 31 Jul 2018 21:10:06 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
application/javascript

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| NYT_ENVIRONMENT string| NYT_RELEASE string| JKIDD_PATH string| WEDDINGS_PATH string| GDPR_PATH number| SENTRY_SAMPLE_RATE boolean| INSTALL_RAVEN function| readCookie undefined| mediaScript undefined| cid undefined| domain object| match string| mediaNetCID object| advBidxc function| testCookie undefined| gptScript object| googletag object| NYTD function| reportViRolloutToABRA object| __emotion undefined| observer object| __preloadedData function| webpackJsonp object| dataLayer object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime object| __SECRET_EMOTION__ function| _ object| optimizely object| NYToptly object| google_tag_manager object| nytAnalytics object| head object| script function| sprintf function| vsprintf string| ASSETTYPE function| EventTracker number| pageEventTrackerTimeout object| pageEventTracker function| pintrk string| campaignParams object| campaignParamsRegex function| campaignParamCompare function| getSrcParamValuesMap function| getValueWithDefault function| getQueryMap function| getCampaignMapping boolean| notprod string| GoogleAnalyticsObject function| ga object| dotq object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript object| opty_payload undefined| jkidd_data_user_tracking object| Keywee object| GlobalSnowplowNamespace function| snowplow function| fbq function| _fbq boolean| _adBlockCheck object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| ns_ object| twttr object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| adBlockDetected object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY number| index string| tagId object| YAHOO undefined| I13N_Conf undefined| YWA_Global_Conf object| bk_results object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut boolean| bk_ignore_meta boolean| bk_allow_multiple_calls object| Snowplow object| GPT_jstiming object| closure_memoize_cache_ undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log (Line 1)
Message:
opty_payload
console-api log URL: https://www.nytimes.com/vi-assets/static-assets/main-48eb8c10fcf3633c605b.js(Line 1)
Message:
Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.nytimes.com
a1.nyt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
cdn.optimizely.com
cigsvc.nytimes.com
connect.facebook.net
ct.pinterest.com
dc8xl0ndzn2cb.cloudfront.net
errors.client.optimizely.com
et.nytimes.com
googleads.g.doubleclick.net
mailview.bulletinintelligence.com
meter-svc.nytimes.com
p2.keywee.co
pagead2.googlesyndication.com
platform.twitter.com
pnytimes.chartbeat.net
s.pinimg.com
s.yimg.com
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sp.analytics.yahoo.com
stags.bluekai.com
static.ads-twitter.com
static.chartbeat.com
static01.nyt.com
stats.g.doubleclick.net
tags.bkrtx.com
tags.bluekai.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
104.111.214.103
104.111.238.79
104.244.43.176
151.101.12.84
151.101.13.164
172.217.16.166
172.217.22.102
172.217.22.98
172.227.114.224
188.125.66.33
2.19.34.83
216.58.208.34
2600:1480:3000:41::
2600:9000:2043:9c00:18:1fcd:348:2461
2606:2800:234:59:254c:406:2366:268c
2a00:1288:80:800::7001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:814::2001
2a00:1450:4001:814::2003
2a00:1450:4001:814::2004
2a00:1450:4001:814::2008
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81d::2013
2a00:1450:4001:821::2002
2a00:1450:400c:c0c::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8186:face:b00c:0:50fb
34.196.226.233
34.206.29.55
34.227.204.77
34.231.112.174
34.232.49.235
34.234.33.253
34.235.82.207
35.168.50.248
52.222.163.145
52.222.163.168
54.225.141.30
54.236.150.166
69.174.55.131
03f068eb4f4d909c89dba2b6dd46ffceb05ccd06eabcbeecda647dd22b243d05
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06eb923ba58b5afc0c41c83aa6acac3caa55c45e8b407abaa092ef7ea9938e1a
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
09dd8b9e9b44f4cf1420526638274c21e63b4995ff53be4128eaf94af7ccfcea
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
125bc5964e61f9361e9859a5b9893bc70967d83b8eeba0fad33284f9866594b4
145bd665e4e4ce3e3bad95b097c7d876b92a4129a551b6753f1b36dd147fd058
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
21e105e01591b5b04ef09d2e63dd1dbbd39b41bc45dd029f6f1ef2cd79a637bf
26079f1dc748eabef2f59b7528c133c5eda4395bc98ef333b24200a61da6bd8e
27bf5fc6027e1a0653520dfce8dab110d5a31c5e723db9c7a186d29a93b3f25a
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6
2cf6e4d35c7d458f75c427ca0a22dbc160febeab23c643e2595b09b08117ab10
2ec1c0efb115ffa9d85c4f4885d2fe5af05afc1911309521f3a2b3a5b50f87b6
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31d964f4886c442175db75e3993fad263cf447a5b33a3ce4a4d5ef00dea749e0
34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93
36bef25f1e7ddc82a58af7d43bf35562ab45d6625b2e8bff47ea4d5f85357b82
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3bae7356ca2eb0180c9c18848de062052e83765208573ece77936e4d675432db
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
3fd237b433e2312ed679cf5fa668f75ef4e2a519a388ee2df87dc2064917ff05
42885a03ca9bfe466a0ba3d5d0754fe8b37e506f1c8e5334a4d519abd0788e07
48476f6dc353fc33bc71b28d1d64d1069e9c5bc0700bff20d809130bf2edba3d
4936b38510b6fffc97fed90b9e0765d60c3d6e2e8a4f5c8b4bb0b9a20860d620
4d3a21a043c3c9a3aa8dfbacc559c5cc8a1d3538660fc207152d7e6dca9ebeba
5618d2ea6cde29cc1d3c435d908b962a2e14111af849e234a7bba77ba2a7c79f
566caa133434a6387d1d488ea87564d30092748bda46dec98c5f75328bea477b
57acef388a037b38756fdd178f355217378fa2a6a9a92d0bd9655e48a9b811cd
591630ffb178064a3cbd099a815af7c735408848c57a086895da7b1f429271cf
5a0459d439cea1b2c2af7d688fb9f3f5772c69ffac35a026a05a597e7eb35f29
685ce78cf6093b7225ca91a7538d9054560e6482a67d8c9d8b1ec985f50d8f1b
6dd1de0a9420b9088245b7d8328c8e7d5bd4c04bfd260f1ff02280e5f9c8772e
708a44345a5416d6894d7095cc34ce52ab134941d0836d9f543d082ab6e56362
758b94ed453fec7dacb05e6662f18e65ff001244b47758aaa69eea4322a33aa0
76a7f363f80faa9ef02ec912c68497cd78112e1f1bcd4d828cefe7f8bf71acbc
7f2bd151ab7132a097522eee5582fa0820c62e8ce72e8935a26d94ebfd85e713
81b65abe85d904f82547ed0f508df4cdb5e9478717c5c971d13aeda781d15a7a
87ec755472a9e5bb5d154dfee92dbe991db4de5f71ed142b5fe3703f3b51db81
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
aa1619dddf6ae1e53f10086b7d574873ba2aa8e7e44c22861c86bf1defb8e361
b25d2aedd94210379a163cd2fdb2cf2403d1e2466cdfd737b546349324c76d90
b6143b6b4d86918d18cd84b60ae0f37f74522fc145896a4f9645746070cb28d4
b835062a8f802a8a4ed9596579b58d48e080f5f0727288003876d94b9f24a790
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
c54c32eb67744b32acefb7bc609d37aebdae82c08298775f1ec2f7974d03dc6b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb9babbd8dd457f73a6d5313bde435278858e7a8de71b03c0ae6396526baaffd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d27366f3c007b3b07059ff401c9b040fa32aa355ed7cfbb321acb076b5145d18
d8845ac65ab9d65c951af8e1bfc148effe88d1b3747cb22a4a542b263da724cb
df622c791477d7e716cfb0f2192b8ec3552258c35beff2fbec55a0942ec0bd49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3ca766f15c08a52b36c3d080fa934f2c5b3c758e8c8a6e099d464e8375e4a8b
fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c
fddc7902ebf1de2a57a737a41bf2a5357fcd264246f1c58d5713a19a99a2019b
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
ff3bf65503e9fd9997a23b49076e8d5dc01adc047a97c61dc725b1733bcb3a46