www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xwel.xyz/
Effective URL:
https://www.nytimes.com/section/us
Submission: On March 04 via api (March 4th 2020, 7:16:26 am UTC) from DE

Summary HTTP 110 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 17 domains to perform 110 HTTP transactions. The main IP is 151.101.113.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	167.99.26.105 167.99.26.105	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
40	151.101.113.164 151.101.113.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:814::2013	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1 1	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
9	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400c:c0a::5c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f1:... 2a02:26f0:f1:191::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	52.22.52.90 52.22.52.90	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.101.22 143.204.101.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	52.59.16.172 52.59.16.172	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1 2	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:7000:18:1fcd:349:ca21	16509 (AMAZON-02) (AMAZON-02)
1	3.225.50.203 3.225.50.203	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
2	34.227.153.53 34.227.153.53	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700:303... 2606:4700:3036::6812:206c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.37.33.211 23.37.33.211	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:303... 2606:4700:3032::6812:216c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
110	27

4 167.99.26.105 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

xwel.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 151.101.113.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cigsvc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:814::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.164 (United States) 1 redirects

ASN54113 (FASTLY, US)

nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::5c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
payments.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients2.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f1:191::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.22.52.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-52-90.compute-1.amazonaws.com

et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.22 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-22.fra50.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.16.172 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-16-172.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.38 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7000:18:1fcd:349:ca21 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.50.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-50-203.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.227.153.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-153-53.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6812:206c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.33.211 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-33-211.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6812:216c (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	nytimes.com 1 redirects www.nytimes.com a.et.nytimes.com samizdat-graphql.nytimes.com nytimes.com cigsvc.nytimes.com et.nytimes.com meter-svc.nytimes.com purr.nytimes.com a.nytimes.com mwcm.nytimes.com	615 KB
26	nyt.com g1.nyt.com static01.nyt.com a1.nyt.com	2 MB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net 5290727.fls.doubleclick.net	104 KB
11	google.com 2 redirects news.google.com pay.google.com payments.google.com clients2.google.com adservice.google.com www.google.com	56 KB
6	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	12 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	234 KB
4	xwel.xyz 1 redirects xwel.xyz	1 MB
3	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	118 KB
2	typekit.net use.typekit.net p.typekit.net	1001 B
2	datadome.co js.datadome.co api-js.datadome.co	23 KB
1	chartbeat.net pnytimes.chartbeat.net	168 B
1	chartbeat.com static.chartbeat.com	14 KB
1	google.de www.google.de	109 B
1	google.nl adservice.google.nl	778 B
1	gstatic.com www.gstatic.com	82 KB
1	googletagmanager.com www.googletagmanager.com	55 KB
110	17

	Domain	Requested by
17	static01.nyt.com	www.nytimes.com
11	a.et.nytimes.com	www.nytimes.com
10	www.nytimes.com	xwel.xyz www.nytimes.com
9	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net
8	et.nytimes.com	www.nytimes.com xwel.xyz
8	g1.nyt.com	www.nytimes.com
5	news.google.com	www.nytimes.com news.google.com
4	xwel.xyz	1 redirects xwel.xyz
3	platform.iteratehq.com	xwel.xyz platform.iteratehq.com
3	pagead2.googlesyndication.com	www.nytimes.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.nytimes.com
2	iteratehq.com	www.nytimes.com
2	errors.client.optimizely.com	www.nytimes.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	pay.google.com	news.google.com
2	samizdat-graphql.nytimes.com	www.nytimes.com
1	p.typekit.net
1	use.typekit.net
1	pnytimes.chartbeat.net	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	a1.nyt.com	xwel.xyz
1	static.chartbeat.com	xwel.xyz
1	api-js.datadome.co	www.nytimes.com
1	www.google.de	www.nytimes.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	a.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	js.datadome.co	xwel.xyz
1	cigsvc.nytimes.com	www.nytimes.com
1	cdn.optimizely.com	www.nytimes.com
1	clients2.google.com	news.google.com
1	www.gstatic.com	www.nytimes.com
1	payments.google.com	1 redirects
1	nytimes.com	1 redirects
1	www.googletagmanager.com	www.nytimes.com
110	40

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
nytimes.com
cn.nytimes.com
cooking.nytimes.com
parenting.nytimes.com
thewirecutter.com
nytconferences.com
store.nytimes.com
account.nytimes.com
eedition.nytimes.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
spiderbites.nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
a.et.nytimes.com COMODO RSA Domain Validation Secure Server CA	`2018-08-27` - `2020-08-26`	2 years	crt.sh
*.news.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2019-10-08` - `2021-10-21`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2019-04-10` - `2020-04-10`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
errors.client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://www.nytimes.com/section/us
Frame ID: 4272733C9AB75930869037612A3F3BD5
Requests: 106 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}
Frame ID: 4A8F5E781DC468157A7E490C6DB85632
Requests: 1 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=439807
Frame ID: 36734937CA6E39C40DDF5F9CE756D73A
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJKVvY6jgOgCFRHhuwgdnz4Kzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8222761767565;gtm=2wg2q2;auiddc=350670500.1583306170;u4=;u5=undefined;u6=undefined;u7=4cA1kKpTTjkM8QVNw5CbKs;u8=;u10=http%3A%2F%2Fxwel.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus
Frame ID: D8C5B1D31F7EF535B22683FFAF1C09EF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 47B1BD4FBF683BF101A2B870934EEC3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://xwel.xyz/ Page URL
http://xwel.xyz/Home/Process HTTP 302
https://www.nytimes.com/section/us Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

Kestrel (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^Kestrel/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

headers server /^Kestrel/i

Page Statistics

110
Requests

97 %
HTTPS

60 %
IPv6

17
Domains

40
Subdomains

27
IPs

5
Countries

4095 kB
Transfer

7382 kB
Size

25
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log In

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://cn.nytimes.com/
Title: 中文网

Search URL Search Domain Scan URL

URL: https://cooking.nytimes.com/
Title: Cooking

Search URL Search Domain Scan URL

URL: https://parenting.nytimes.com/
Title: parenting

Search URL Search Domain Scan URL

URL: https://thewirecutter.com/
Title: Wirecutter

Search URL Search Domain Scan URL

URL: http://nytconferences.com/
Title: Live Events

Search URL Search Domain Scan URL

URL: https://store.nytimes.com/
Title: NYT store

Search URL Search Domain Scan URL

URL: https://account.nytimes.com/
Title: manage my account

Search URL Search Domain Scan URL

URL: http://eedition.nytimes.com/cgi-bin/signup.cgi?cc=37FYY
Title: replica edition

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2020 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014892108-Privacy-policy
Title: Your Ad Choices

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://spiderbites.nytimes.com/
Title: Site Map

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xwel.xyz/ Page URL
http://xwel.xyz/Home/Process HTTP 302
https://www.nytimes.com/section/us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://nytimes.com/ads/google/adsbygoogle.js HTTP 301
https://www.nytimes.com/ads/google/adsbygoogle.js

Request Chain 45

https://payments.google.com/payments/v4/js/integrator.js?ss=md HTTP 301
https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst

Request Chain 69

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=993505856&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Fxwel.xyz%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=dock&ea=impression&el=gdpr&_u=YEBAAEAB~&jid=1544958179&gjid=977975482&cid=151746725.1583306169&tid=UA-58630905-2&_gid=306864738.1583306169&_r=1&gtm=2wg2q2P528B3&cg1=null&cg2=null&cg3=collection&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd3=&cd9=9&cd14=null&cd21=collection&cd26=null&cd27=null&cd28=null&cd29=null&cd30=null&cd36=&cd42=nyt-vi&cd48=null&cd49=&cd51=nyt-vi&cd52=collection&cd54=null&cd57=0&cd58=0&cd59=&cd60=&cd63=4cA1kKpTTjkM8QVNw5CbKs&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=4cA1kKpTTjkM8QVNw5CbKs&cd172=desktop&cd173=desktop&z=296640288 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-2&cid=151746725.1583306169&jid=1544958179&_gid=306864738.1583306169&gjid=977975482&_v=j81&z=296640288 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=151746725.1583306169&jid=1544958179&_v=j81&z=296640288 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=151746725.1583306169&jid=1544958179&_v=j81&z=296640288&slf_rd=1&random=3011943129

Request Chain 78

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8222761767565;gtm=2wg2q2;auiddc=350670500.1583306170;u4=;u5=undefined;u6=undefined;u7=4cA1kKpTTjkM8QVNw5CbKs;u8=;u10=http%3A%2F%2Fxwel.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJKVvY6jgOgCFRHhuwgdnz4Kzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8222761767565;gtm=2wg2q2;auiddc=350670500.1583306170;u4=;u5=undefined;u6=undefined;u7=4cA1kKpTTjkM8QVNw5CbKs;u8=;u10=http%3A%2F%2Fxwel.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
xwel.xyz/ 3 KB
3 KB 379ms
310ms Document
text/html 167.99.26.105
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://xwel.xyz/
Protocol: HTTP/1.1
Server: 167.99.26.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash: fd5d68c2ad95c95fb7d7fec7b83cb486f928d224383d04e2c9940df5e5e368f4

Request headers

Host: xwel.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 07:16:05 GMT
Content-Type: text/html; charset=utf-8
Server: Kestrel
Cache-Control: no-store,no-cache
Pragma: no-cache
Transfer-Encoding: chunked

GET
H/1.1 200
OK jquery.min.js Show response
xwel.xyz/lib/jquery/dist/ 85 KB
85 KB 163ms
163ms Script
application/javascript 167.99.26.105
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://xwel.xyz/lib/jquery/dist/jquery.min.js
Requested by: Host: xwel.xyz
URL: http://xwel.xyz/
Protocol: HTTP/1.1
Server: 167.99.26.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

Referer: http://xwel.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 07:16:05 GMT
Last-Modified: Wed, 27 Nov 2019 19:56:12 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d5a55cb8008591"
Content-Length: 86929
Content-Type: application/javascript

GET
H/1.1 200
OK playcanvas-latest.min.js Show response
xwel.xyz/lib/ 1009 KB
1010 KB 313ms
300ms Script
application/javascript 167.99.26.105
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://xwel.xyz/lib/playcanvas-latest.min.js
Requested by: Host: xwel.xyz
URL: http://xwel.xyz/
Protocol: HTTP/1.1
Server: 167.99.26.105 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Kestrel /
Resource Hash: a43bedf6f55ec114cc6274c90f19feecd05d875404b168167b1c62c8dcd41505

Request headers

Referer: http://xwel.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 04 Mar 2020 07:16:06 GMT
Last-Modified: Thu, 21 Nov 2019 18:48:48 GMT
Server: Kestrel
Accept-Ranges: bytes
ETag: "1d5a09c4f122df3"
Content-Length: 1033715
Content-Type: application/javascript

GET
H2

200

Primary Request us Show response
www.nytimes.com/section/
Redirect Chain

http://xwel.xyz/Home/Process
https://www.nytimes.com/section/us

458 KB
72 KB

67ms
23ms

Document
text/html

151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/section/us

Requested by

Host: xwel.xyz
URL: http://xwel.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1274c34812544f3af0548092081681d85d38c164c6df3d489a66494bb38ad8aa

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /section/us
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: http://xwel.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://xwel.xyz/

Response headers

status: 200
server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Wed, 04 Mar 2020 07:12:00 GMT
last-modified: Wed, 04 Mar 2020 07:12:00 GMT
x-pagetype: vi-collection
x-vi-compatibility: Compatible
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=600,no-cache
x-nyt-route: vi-collection
x-origin-time: 2020-03-04 07:12:32 UTC
accept-ranges: bytes
date: Wed, 04 Mar 2020 07:16:08 GMT
age: 247
x-served-by: cache-jfk8124-JFK, cache-hhn4057-HHN
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1583306168.191925,VS0,VE2
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=4cA1kKpTTjkM8QVNw5CbKs; Expires=Thu, 04 Mar 2021 07:16:08 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure nyt-gdpr=1; Expires=Wed, 04 Mar 2020 13:16:08 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhhpnh; Expires=Thu, 04 Mar 2021 07:16:08 GMT; Path=/; Domain=.nytimes.com
x-gdpr: 1
x-frame-options: DENY
x-api-version: F-F-VI
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 72373

Redirect headers

Date: Wed, 04 Mar 2020 07:16:07 GMT
Server: Kestrel
Content-Length: 0
Cache-Control: no-store,no-cache
Pragma: no-cache
Location: https://www.nytimes.com/section/us

GET
H2 200 web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 55ms
43ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-cache-hits: 32799
age: 12582244
status: 200
x-guploader-uploadid: AEnB2UqZX-0rcj3yQk5qLFuUQjG0CW5bahs57tIvcyLx71ybEZvhFJit-0uMADU_T6_kcv4a-Mol_lJZwGavc2G8BBcSZvAaRIU-NjnCvPafKSNcGLI5YZw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
content-length: 9922
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583306168.236835,VS0,VE0
etag: "b3e9eedd81b658bb38d40b91c6568d7a"
vary: Accept-Encoding, Origin
x-goog-hash: crc32c=ho+bKQ==, md5=s+nu3YG2WLs41AuRxlaNeg==
x-goog-generation: 1570567624278152
via: 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 9922
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Fri, 09 Oct 2020 16:12:03 GMT

GET
H2 200 global-42db6c8821fec0e2b3837b2ea2ece8fe.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
2 KB 21ms
20ms Stylesheet
text/css 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-42db6c8821fec0e2b3837b2ea2ece8fe.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

746d0e28e8c2d90701e3449f9d382be10b7c7916151c4c3cb5495d7b497c4122

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-api-version: F-X
age: 985960
x-guploader-uploadid: AEnB2UqmigfKUK9AVhGJKCteMcE3FUCsU9xvcpMDTFxA9DhWkHaqrifkK-tE7dfUPZR4jXVCZz6HT7bLon1nXp2hA-XcEHDXf-u9jOyW4fizYuTu6BPyRHo
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-21 21:23:27 UTC
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
last-modified: Fri, 21 Feb 2020 20:53:44 GMT
server: UploadServer
x-timer: S1583306168.225090,VS0,VE1
etag: "42db6c8821fec0e2b3837b2ea2ece8fe"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=kfeHYA==, md5=QttsiCH+wOKzg3suouzo/g==
x-goog-generation: 1582318424792323
expires: Sat, 20 Feb 2021 21:23:27 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 4619
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 1813
content-type: text/css; charset=utf-8
x-cache-hits: 34211

GET
H2 200 adslot-df60c69ae832943d22c0.js Show response
www.nytimes.com/vi-assets/static-assets/ 11 KB
5 KB 22ms
21ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-df60c69ae832943d22c0.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4e0f32d4e30e0a6e969beef61ec0faff6051e64ddf950c08fb85b495811da9c2

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-api-version: F-X
age: 399954
x-guploader-uploadid: AEnB2UpVdO713uw2Vy1nizo-jZ2Rg_NzhDeZeirlNOZXmOje4UgPjX76-_LlJZ6w8GUG92T40bLOauy1x5Jz_mOYkKIQud5SiQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:34 UTC
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:34 GMT
server: UploadServer
x-timer: S1583306168.233036,VS0,VE1
etag: "ca4f5029955768da7e187801e2d7d1d0"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=mLsjBQ==, md5=yk9QKZVXaNp+GHgB4tfR0A==
x-goog-generation: 1582904254960427
expires: Sat, 27 Feb 2021 16:10:14 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 11121
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 4276
content-type: application/javascript
x-cache-hits: 28499

GET
H2 200 03virus-washington01-threeByTwoMediumAt2X-v2.jpg
static01.nyt.com/images/2020/03/03/us/03virus-washington01/ 284 KB
284 KB 23ms
21ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/03virus-washington01/03virus-washington01-threeByTwoMediumAt2X-v2.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2c4cecad1c8c0ff250579439976e672cc55a64923acfbbae77bca772f6955230

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 16761
status: 200
x-guploader-uploadid: AEnB2UqVfM4_plXQ73MFNoz8Ojns78PInH2B1AWsQjhFLaK7fkIh_HraWvbBpbVsF390vsbPOp3qkQ3jLBvhuJDZSS7_j05xUg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 290576
x-served-by: cache-bwi5125-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 02:36:30 GMT
server: UploadServer
x-timer: S1583306168.234338,VS0,VE1
etag: "9dae3d5da0b061d8d9fee522f4bfc01f"
vary: Origin
x-goog-hash: crc32c=gbmScA==, md5=na49XaCwYdjZ/uUi9L/AHw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 02:36:47 GMT

GET
H2 200 03virus-washington01-thumbStandard.jpg
static01.nyt.com/images/2020/03/03/us/03virus-washington01/ 6 KB
7 KB 27ms
26ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/03virus-washington01/03virus-washington01-thumbStandard.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 643a5f374bfa5f0c8d5184f7f43b07893bfdf419dec0e0c688a97ce9774404d5

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 19434
status: 200
x-guploader-uploadid: AEnB2UpZ4QmKB-mYnw2nlPIqrEewEzp6lhCCXsFg0pzteALSsYpZ6aB_cj6EKabQ6D1K7m7oqRoPdRE6eJdglWhwdVAzg1fqpQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 3, 4
content-length: 6542
x-served-by: cache-bwi5135-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 01:51:17 GMT
server: UploadServer
x-timer: S1583306168.255052,VS0,VE0
etag: "a202eee15095a201a2a7e1177959fb93"
vary: Origin
x-goog-hash: crc32c=ZxTtUw==, md5=ogLu4VCVogGip+EXeVn7kw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 01:52:14 GMT

GET
H2 200 TORNADO-HP-slide-WQI2-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/03/03/us/TORNADO-HP-slide-WQI2/ 237 KB
238 KB 22ms
21ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/TORNADO-HP-slide-WQI2/TORNADO-HP-slide-WQI2-threeByTwoMediumAt2X.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ad8b645d5613015f69f9b913ac953103c9a37cce96f024e5634a3f11ebabe38a

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 25050
status: 200
x-guploader-uploadid: AEnB2Urh8vkrh_pouq4iQIa2Y0arBEQoBbSdaDR4UCLNwCwaAQYz9bLz0CGqFc8HbdFYr4ndXSzBt_Pbb06fVMS-jfY-bd3-0w
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 242803
x-served-by: cache-bwi5134-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 00:13:58 GMT
server: UploadServer
x-timer: S1583306168.282159,VS0,VE1
etag: "6ca19b567d793607dc924056832d5458"
vary: Origin
x-goog-hash: crc32c=IyvIKA==, md5=bKGbVn15NgfckkBWgy1UWA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 00:18:38 GMT

GET
H2 200 TORNADO-HP-slide-WQI2-thumbStandard-v2.jpg
static01.nyt.com/images/2020/03/03/us/TORNADO-HP-slide-WQI2/ 7 KB
8 KB 23ms
20ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/TORNADO-HP-slide-WQI2/TORNADO-HP-slide-WQI2-thumbStandard-v2.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 10ad3c36159d7efaa645110f07dba1553f7ce03452fb02ba1545fa6b5bd9b5d6

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 1291
status: 200
x-guploader-uploadid: AEnB2UpyjCs_Izy4AgyfUAbRJ3PM0Z5qjiSOeHTqmmDiIur5F9YO2hflIwHGPXEg1rSiIGGB04iCsMR4PehYbuq7UUN8360rTQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 7422
x-served-by: cache-bwi5145-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 06:54:35 GMT
server: UploadServer
x-timer: S1583306168.303123,VS0,VE1
etag: "1bef315bfa371a2fafcea7d0d1ef07d2"
vary: Origin
x-goog-hash: crc32c=xjQiBA==, md5=G+8xW/o3Gi+vzqfQ0e8H0g==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 06:54:37 GMT

GET
H2 200 03virus-religion01-threeByTwoMediumAt2X.jpg
static01.nyt.com/images/2020/03/03/us/03virus-religion01/ 95 KB
95 KB 26ms
22ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/03virus-religion01/03virus-religion01-threeByTwoMediumAt2X.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d533a6958f89c2a9142bff2b06bc23a888ccea9165dbf7edb5cff9606f54fae1

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 65614
status: 200
x-guploader-uploadid: AEnB2Uq3e9b5yzLFAEsy6uvIyCdIeOQFW5RrZU-_q-L-DmRmjcIlQMAMXP3cRF32NXzx-lsyi7btP3FkRHB9Q_Agj2gEwBaqXA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 4
content-length: 97221
x-served-by: cache-bwi5144-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 10:00:14 GMT
server: UploadServer
x-timer: S1583306168.305167,VS0,VE0
etag: "8918e7bffcdcaff3aa0432bf7a7761b2"
vary: Origin
x-goog-hash: crc32c=c8o1xA==, md5=iRjnv/zcr/OqBDK/endhsg==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 13:02:34 GMT

GET
H2 200 03virus-religion01-thumbStandard.jpg
static01.nyt.com/images/2020/03/03/us/03virus-religion01/ 6 KB
6 KB 30ms
26ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/03virus-religion01/03virus-religion01-thumbStandard.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0e7538a51c25c7b83a187a12ae055d941a81a12fc70dd1edeb411f275693f59d

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 76130
status: 200
x-guploader-uploadid: AEnB2UpFt__PI0oLJMqJDqnD2B9b3nZgLPUpPahsfpqyZP0xTPsPKpqY7Yj4CXeD9ucR9YpKwaDFKrmJoLBKHUS4JzVD8Uy3GQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 2
content-length: 5971
x-served-by: cache-bwi5120-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 10:00:14 GMT
server: UploadServer
x-timer: S1583306168.305263,VS0,VE0
etag: "9707ee3b205b9181412acf99f991d5e2"
vary: Origin
x-goog-hash: crc32c=kOfyTA==, md5=lwfuOyBbkYFBKs+Z+ZHV4g==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 10:07:16 GMT

GET
H2 200 FPO-DURST-12-threeByTwoMediumAt2X-v2.jpg
static01.nyt.com/images/2020/03/04/us/04DURST-CASE2/ 318 KB
319 KB 31ms
28ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/04/us/04DURST-CASE2/FPO-DURST-12-threeByTwoMediumAt2X-v2.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 91db50aacff019605bd6632a2e1a844cc662a3373af33a8fb4aff84eeb5abfc9

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 28237
status: 200
x-guploader-uploadid: AEnB2Ur8_kiEIoAFLnO1Awsoz8qqWAwxoz9pjIzNSdcBqQ0ew0Z0xZ971lBOeUpP3XKvjrm1FYxu728r4-GKyE1dwXZxSN62jg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 1
content-length: 325902
x-served-by: cache-bwi5146-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 23:25:29 GMT
server: UploadServer
x-timer: S1583306168.305255,VS0,VE1
etag: "0dc3f3ac44dc9519656b2ffe50fdb21b"
vary: Origin
x-goog-hash: crc32c=fHu7Ew==, md5=DcPzrETclRllay/+UP2yGw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 23:25:30 GMT

GET
H2 200 FPO-DURST-12-thumbStandard.jpg
static01.nyt.com/images/2020/03/04/us/04DURST-CASE2/ 6 KB
6 KB 30ms
27ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/04/us/04DURST-CASE2/FPO-DURST-12-thumbStandard.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0476b9f4e1652de48e298e06f2c4d65ce15650b96798811e4d5fd3699334d35f

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 28237
status: 200
x-guploader-uploadid: AEnB2UrHx9XD8BEGNlYAsgKP2yD3pk75dO5V82B7RZfhmI5WfcoFSByeBLEW0h7hLFFirDT6qXvlLX7jgfajwmLZqF0Lfafokw
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 2
content-length: 6076
x-served-by: cache-bwi5134-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 23:25:29 GMT
server: UploadServer
x-timer: S1583306168.305475,VS0,VE0
etag: "9c3245a004c11b71dd5f782341b43475"
vary: Origin
x-goog-hash: crc32c=jMpM1Q==, md5=nDJFoATBG3HdX3gjQbQ0dQ==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 23:25:30 GMT

GET
H2 200 03dc-trump-videoLarge.jpg
static01.nyt.com/images/2020/03/03/us/politics/03dc-trump/ 106 KB
106 KB 40ms
40ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03dc-trump/03dc-trump-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: dbd88786bc26d8f74ca90d0fb57d7f6875eeaae3d4c3fae88a4424bfe725fa24

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 17879
status: 200
x-guploader-uploadid: AEnB2UrDOWas01OXO_8zVMVt7gDb1DaUcbNuir9akCJjwD9UPgO-384rC58EZS31fg0SZtY58QHDtziHW-WpqiN1udBFhDML6A
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 2
content-length: 108254
x-served-by: cache-bwi5138-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 02:03:38 GMT
server: UploadServer
x-timer: S1583306168.314806,VS0,VE0
etag: "eca584ae7d9833bcc7ff27ce6060490f"
vary: Origin
x-goog-hash: crc32c=BlwndA==, md5=7KWErn2YM7zH/yfOYGBJDw==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 02:18:09 GMT

GET
H2 200 coronavirus-us-cases-map-promo-1583277425489-videoLarge.png
static01.nyt.com/images/2020/03/03/us/coronavirus-us-cases-map-promo-1583277425489/ 140 KB
140 KB 41ms
40ms Image
image/png 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/coronavirus-us-cases-map-promo-1583277425489/coronavirus-us-cases-map-promo-1583277425489-videoLarge.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f734e3f571c4d8d7abedddf036063124002749f532a51e9d618f0facf952a247

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 28043
status: 200
x-guploader-uploadid: AEnB2UoJaovqtlm63A7lO8Vy0tYXdBP4a_oeIGRn8FjU1201pQshY-7yuDU3UCJKkp0MRMD0qx0s7N8Eu8PnGwKOV7ERGdvmwQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 1
content-length: 142986
x-served-by: cache-bwi5138-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 23:17:22 GMT
server: UploadServer
x-timer: S1583306168.326197,VS0,VE1
etag: "0a062d3e90175b88f6c8d2c6144c552a"
vary: Origin
x-goog-hash: crc32c=Jrfxhw==, md5=CgYtPpAXW4j2yNLGFExVKg==
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 23:28:44 GMT

GET
H2 200 03VIRUS-HEALTH1-videoLarge.jpg
static01.nyt.com/images/2020/03/03/science/03VIRUS-HEALTH1/ 99 KB
100 KB 40ms
40ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/science/03VIRUS-HEALTH1/03VIRUS-HEALTH1-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 485472da610eb5563536090f56a4d9ddd3431db0abc9029aebc277d2694b66d3

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 30254
status: 200
x-guploader-uploadid: AEnB2Ur-wltj-thIPF9hNHVzz54FTEQzY_HtEQ_Es5KGrn4DYKdpl1LmLxXkxGeUs9bdcSeRosge4m9ndaGbgxC_CKAO-i1wPA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 5, 2
content-length: 101385
x-served-by: cache-bwi5121-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 22:50:14 GMT
server: UploadServer
x-timer: S1583306168.333604,VS0,VE0
etag: "f0fccd56bbb7feb4423f65324dfe85a8"
vary: Origin
x-goog-hash: crc32c=I3mMWA==, md5=8PzNVru3/rRCP2UyTf6FqA==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 22:51:54 GMT

GET
H2 200 merlin_168830418_8f69779a-7daa-4afe-98ac-a8a38eab09d8-videoLarge.jpg
static01.nyt.com/images/2020/03/03/business/03DC-Fed-01/ 31 KB
32 KB 41ms
40ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/business/03DC-Fed-01/merlin_168830418_8f69779a-7daa-4afe-98ac-a8a38eab09d8-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d42e60fd52c55ff118b8bdedb7a2b6f842af7fdcfae8e1d586b5cd2ebda54720

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 51864
status: 200
x-guploader-uploadid: AEnB2UrNwnvDvLEWAjuqv97o0KbIbn6KFW-NzYy5SWs3TZfsaIP0cNbmLkaLxeWuB_BYEpGcnCNiXQmpNIUOoBjmbBRjldfYmg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 1, 2
content-length: 32194
x-served-by: cache-bwi5130-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 03 Mar 2020 16:42:41 GMT
server: UploadServer
x-timer: S1583306168.333871,VS0,VE0
etag: "9178b3967dd7a8e05205f9aa40bf9eea"
vary: Origin
x-goog-hash: crc32c=jj+Ulg==, md5=kXizln3XqOBSBfmqQL+e6g==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Tue, 03 Mar 2020 16:51:44 GMT

GET
H2 200 merlin_169961982_1e71d8e3-1164-477c-bf1c-58d611001fbd-videoLarge.jpg
static01.nyt.com/images/2020/03/03/us/politics/03dc-virus-1-sub/ 79 KB
80 KB 35ms
34ms Image
image/jpeg 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03dc-virus-1-sub/merlin_169961982_1e71d8e3-1164-477c-bf1c-58d611001fbd-videoLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 66722bbae6b00aba39daf09445f9d984141b9a980c0a4d4c85e3ed32774fad36

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 20865
status: 200
x-guploader-uploadid: AEnB2Up3RHlHoYVbd1L2tI4Vrvzr_UPZfvwYlmho-jc_E6m1o7aqMkQYht3AVZtw9I4JYJ2acBwpIY2RtP1xU8YBtAqJXp7TUg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 2
content-length: 81149
x-served-by: cache-bwi5132-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 04 Mar 2020 01:27:20 GMT
server: UploadServer
x-timer: S1583306168.346649,VS0,VE0
etag: "7e1ee193892c7c6639d36127a7f86882"
vary: Origin
x-goog-hash: crc32c=r8USeQ==, md5=fh7hk4ksfGY502Enp/hogg==
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
expires: Wed, 04 Mar 2020 01:28:23 GMT

GET
H2 200 02-live-stevens-165-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/04/02/us/politics/03warren-mass/ 18 KB
18 KB 36ms
36ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/04/02/us/politics/03warren-mass/02-live-stevens-165-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ad6f7c6a3d605237858956cd5788c2219ab9734132118de62197a3c68dd3a29c

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 5746
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=14023 idim=210x140 ifmt=jpeg ofsz=18206 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 1
fastly-stats: io=1
content-length: 18206
x-served-by: cache-bwi5142-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583306168.346723,VS0,VE1
etag: "tZgyGUb9BTdR4R7XYRS2l1q+sIsMYJ7U3vmGUPCWQBM"
vary: Accept
x-goog-hash: crc32c=Swqp5Q==, md5=xXnp4QBL3QUlso4uzq/ftA==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Ur5WdYNXxTzf7hfJ_ypF5YOvGVDtP0b73ogqJ69mgRGZ_wlo-DYL3e06xwDSiuz8QWcUdBPRgj239mrdh4nevBk9BHNww
expires: Wed, 04 Mar 2020 05:40:22 GMT

GET
H2 200 03campaign-ledeall-biden-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/03/us/politics/03campaign-ledeall-biden/ 14 KB
14 KB 21ms
21ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/03/us/politics/03campaign-ledeall-biden/03campaign-ledeall-biden-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 04d393f6c6313d588dbd262c8dffbb6c8e2ac1a91eb4ce9b96a595823ae1b46a

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 13094
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=13899 idim=210x140 ifmt=jpeg ofsz=13946 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 5, 1
fastly-stats: io=1
content-length: 13946
x-served-by: cache-bwi5129-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583306168.370276,VS0,VE1
etag: "03zGMfTh/V6jA7Uuxi4+4obl5q/74EeOqNveiMe4QeA"
vary: Accept
x-goog-hash: crc32c=Elaclg==, md5=WLPvoJTKDndc1KQcSKOieg==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Uq8BHo1IPsl7GABNdKg-j5XiiFndoTTW87CIUNsY3nk0dAJ2rVqZSGgORSCSzXJceTBLtOBn-h5odn9e74W-9RIA7ATwQ
expires: Wed, 04 Mar 2020 03:37:53 GMT

GET
H2 200 04virus-briefing-korea-mediumThreeByTwo210-v2.jpg
static01.nyt.com/images/2020/03/04/world/04virus-briefing-korea/ 18 KB
18 KB 22ms
22ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/04/world/04virus-briefing-korea/04virus-briefing-korea-mediumThreeByTwo210-v2.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fe500e6388080919e60c5dee6de8a63a263e4797ecfe5566c1288d9e22aad388

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 1554
status: 200
x-cache: MISS, HIT
fastly-io-info: ifsz=14355 idim=210x140 ifmt=jpeg ofsz=18518 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 0, 1
fastly-stats: io=1
content-length: 18518
x-served-by: cache-bwi5124-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583306168.377167,VS0,VE1
etag: "v++lWA44RDDMZIjQK8yjvveve4LqcPHyoIgtyHiPAmU"
vary: Accept
x-goog-hash: crc32c=gebYpQ==, md5=9CwJFmeBgUzXYptK0to2DA==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2UqMD2Ro1a5a1nzma824DYvtd4WUIACP4Zg7pE1up19fRULc2i_AaCqn9SbQVsunAEXT_VlV1P7SyYfqR3PIGKiOISgM0g
expires: Wed, 04 Mar 2020 06:50:14 GMT

GET
H2 200 supertuesday-texas-standard-dem3x2-mediumThreeByTwo210.jpg
static01.nyt.com/images/2020/03/02/us/politics/supertuesday-texas-standard-dem3x2/ 3 KB
4 KB 21ms
21ms Image
image/webp 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2020/03/02/us/politics/supertuesday-texas-standard-dem3x2/supertuesday-texas-standard-dem3x2-mediumThreeByTwo210.jpg?quality=100&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d279442edb49313137892ffd946d31db08b8980f8927e0802799da28d3290a69

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 34145
status: 200
x-cache: HIT, HIT
fastly-io-info: ifsz=5741 idim=210x140 ifmt=jpeg ofsz=3462 odim=210x140 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-cache-hits: 2, 1
fastly-stats: io=1
content-length: 3462
x-served-by: cache-bwi5150-BWI, cache-hhn4057-HHN
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1583306168.380373,VS0,VE1
etag: "45izwwb06k5d+Y7jRMi11iWQtfK83I3GcEnt4EIWcfg"
vary: Accept
x-goog-hash: crc32c=wqXL7A==, md5=Nl5IRQq5qhkRb8pFhJ2NAw==
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
x-guploader-uploadid: AEnB2Upe0XkMiiO3KDyDJmfJ6XFVwV3o5A6vUBcJnstNiSUjSdYohMNfH6HOMGYO7BAbe4Z-0Pbb7Tg7xv99QgHcy4yxqByelA
expires: Tue, 03 Mar 2020 21:47:02 GMT

GET
H2 200 vendor-af4ece1529932f717d31.js Show response
www.nytimes.com/vi-assets/static-assets/ 807 KB
252 KB 30ms
28ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fb71626a34be4f2c6159597e984a506ad6eeb622e927efc06629be1a0deaf944

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-api-version: F-X
age: 399953
x-guploader-uploadid: AEnB2UrmWjKJed9ul9J2-z6H-r7lmh3yPyn6908i-NsgX6u0rPlQZhLz9ESsGCxtwVX1D42sd86RIX536dVLbyCMLog-C5Fd-g
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:35 UTC
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:35 GMT
server: UploadServer
x-timer: S1583306168.305445,VS0,VE1
etag: "1fbb72ae7a54576c5818acec60aeede3"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=RNKL0w==, md5=H7tyrnpUV2xYGKzsYK7t4w==
x-goog-generation: 1582904255610610
expires: Sat, 27 Feb 2021 16:10:15 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 826000
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 257046
content-type: application/javascript
x-cache-hits: 1078

GET
H2 200 collections-7d3782ed458d47bce88a.js Show response
www.nytimes.com/vi-assets/static-assets/ 435 KB
115 KB 29ms
27ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/collections-7d3782ed458d47bce88a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

244d6f7fb2c90144ed282f16dc6fa7a47ea302bb415a05ff2e9a973b4da68903

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-api-version: F-X
age: 399939
x-guploader-uploadid: AEnB2UrgbzcIf1kS0YvDeBdK8GnfEoW7I0U9lJey9R6-Yz28yinyknbumSWUjVO5K0XCLufdOlJP35VU4kr8boc56K0ssjrOUQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:50 UTC
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 14:59:03 GMT
server: UploadServer
x-timer: S1583306168.305449,VS0,VE1
etag: "275e804dfe1c132c1a0ac823e5d016e3"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=MUC/sA==, md5=J16ATf4cEywaCsgj5dAW4w==
x-goog-generation: 1582901943495155
expires: Sat, 27 Feb 2021 16:10:30 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 445445
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 117100
content-type: application/javascript
x-cache-hits: 10989

GET
H2 200 main-d9338936524886deb17e.js Show response
www.nytimes.com/vi-assets/static-assets/ 463 KB
125 KB 30ms
27ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

945014dcd60469e50bf03305fe4c18e28ef319f6b750b9be7d5894d7f54823fd

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-api-version: F-X
age: 399953
x-guploader-uploadid: AEnB2UpWR-kAblClamMOhVw8SreLgJqE6C8WdMauoyhYkEvsFxIlYvp1ec1Nrc_DHoiJB7DkjO_RGjwze46iFLSb_cFYZsyz8g
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:35 UTC
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:35 GMT
server: UploadServer
x-timer: S1583306168.305607,VS0,VE0
etag: "dbdba7f953447c6e78b156091699a276"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=T85L2g==, md5=29un+VNEfG54sVYJFpmidg==
x-goog-generation: 1582904255449391
expires: Sat, 27 Feb 2021 16:10:15 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 473600
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 127504
content-type: application/javascript
x-cache-hits: 25796

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 268 KB
55 KB 46ms
43ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a26d2cec4c729e6f9a7608393eb6e1831b545cd1ad5d36e7123d88b3712e795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 56009
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 127ms
105ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

OPTIONS
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 0
549 B 72ms
20ms XHR
text/plain 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.65 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Referer: https://www.nytimes.com/section/us
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 google, 1.1 varnish
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-nyt-meridiem: AM
age: 33
x-cache: HIT
status: 200
samizdat-x-instance: a8e0066
x-samizdat-query-exe-id: be0e58e03759051f
content-length: 0
x-served-by: cache-hhn4079-HHN
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-0.5.65
x-timer: S1583306168.347600,VS0,VE0
x-nyt-continent: EU
access-control-max-age: 300
access-control-allow-methods: GET, POST
x-nyt-region: NB
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: NL
accept-ranges: bytes
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
x-cache-hits: 5

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 127 KB
38 KB 52ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9b6109ebb33e991f5b3c7ce32ca1706e18741d0ddebfdef3f279b93617b26d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 19:14:10 GMT
server: sffe
age: 253
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38366
x-xss-protection: 0
expires: Wed, 04 Mar 2020 08:01:55 GMT

GET
H2

200

adsbygoogle.js Show response
www.nytimes.com/ads/google/
Redirect Chain

https://nytimes.com/ads/google/adsbygoogle.js
https://www.nytimes.com/ads/google/adsbygoogle.js

28 B
858 B

22ms
21ms

Script
text/javascript

151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/ads/google/adsbygoogle.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-api-version: F-X
age: 381158
status: 200
x-guploader-uploadid: AEnB2UqSzdoT2XYwRS7aQ5nVbHyiFGq5zidlieOPxqu0Yrq-KV-ykDEp4bK0A6mABGifXPe4S_fWKf8UzPxAhEKtGfq7fnM_sCvBcQVK1nywyJ1Kgbqlc20
x-cache: HIT
x-goog-storage-class: REGIONAL
x-cache-hits: 15671
x-origin-time: 2020-02-21 21:23:29 UTC
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
last-modified: Fri, 23 Mar 2018 21:06:07 GMT
server: UploadServer
x-timer: S1583306168.392267,VS0,VE1
etag: "45047d08e5481aa5674276ae1810c88d"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=A0srKQ==, md5=RQR9COVIGqVnQnauGBDIjQ==
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-route: ads-static-assets
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 48
expires: Fri, 21 Feb 2020 21:23:29 GMT

Redirect headers

date: Wed, 04 Mar 2020 07:16:08 GMT
server: Varnish
x-api-version: F-0
location: https://www.nytimes.com/ads/google/adsbygoogle.js
x-cache: HIT
status: 301
x-nyt-route: ads-static-assets
x-cache-hits: 0
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-ams21035-AMS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 43 KB
15 KB 71ms
28ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-df60c69ae832943d22c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

858292766479bd2d103d91a37dc1b75630c1a71752bd906734030b90dafe5fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "446 / 413 of 1000 / last-modified: 1583259623"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14543
x-xss-protection: 0
expires: Wed, 04 Mar 2020 07:16:08 GMT

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 90ms
46ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish
x-cache-hits: 19547
age: 12582224
status: 200
x-guploader-uploadid: AEnB2Up5b7PfGZv4RqbljtTDYqwDMI5XtzuWVOYK_dNdS4SzTmVNeee3gZJhLHJAS7ubs9gDh4PXQH1rDQ5XvEd1osbVbXA-066TUtvEtKhm1WTPGXfo7WU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 19836
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583306168.378568,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
vary: Origin
x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
x-goog-generation: 1570567625340998
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 09 Oct 2020 16:12:23 GMT

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 90ms
47ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish
x-cache-hits: 19540
age: 7715588
status: 200
x-guploader-uploadid: AEnB2Uo8O16xxVBZibKNiwZZ3qT6z5QOqTB-6PZeM6-0y1HJP6ICtKy7qGojcfWLkXkhunmxIp7PejfMIAxBhKZxo6XauZxqjw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 20312
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583306168.378575,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
vary: Origin
x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
x-goog-generation: 1570567625401061
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 20312
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Sat, 05 Dec 2020 00:03:01 GMT

GET
H2 200 cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 64ms
21ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish
x-cache-hits: 9171
age: 12582163
status: 200
x-guploader-uploadid: AEnB2Uqp4-mTR0T9nXGPsd7CD7ntpetqrG7bbZ8AlZcBvXj27Brg2MN9HGoWYiau2QcpAceEjidYMkrRrkC2U5oy_1zi8H6ttZFq2zzX1VN6soIvG56s_pc
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 28276
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583306168.378546,VS0,VE0
etag: "530cfb72378419eedb60da7e266ad5f1"
vary: Origin
x-goog-hash: crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
x-goog-generation: 1570567624458394
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28276
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 09 Oct 2020 16:13:25 GMT

GET
H2 200 imperial-normal-500.40c94ccc25e2212b8946a7d732251d86.woff2
g1.nyt.com/fonts/family/imperial/ 28 KB
28 KB 64ms
21ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-500.40c94ccc25e2212b8946a7d732251d86.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a0b165f1c573dbbe6726db97a5d4a9c3d74a3d8e71c528c1cd057b92314a86be

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish
x-cache-hits: 4717
age: 12582146
status: 200
x-guploader-uploadid: AEnB2UrKpJ5QhM7u0Alo4Kxv_tetyz_Q-mnWHnWwaLAXATdzmr7BZTr7LF__dVLBzyj31seUDINw3D7KuXcn2em-RJU1PA_z2A6MzIcx45mEVAWzA534Cfw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 28252
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583306168.378548,VS0,VE0
etag: "40c94ccc25e2212b8946a7d732251d86"
vary: Origin
x-goog-hash: crc32c=L+c2+A==, md5=QMlMzCXiISuJRqfXMiUdhg==
x-goog-generation: 1570567625851656
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28252
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 09 Oct 2020 16:13:40 GMT

GET
H2 200 cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 90ms
47ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-500.a22ae3ed1e775ce90ced16f1822f4ddc.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish
x-cache-hits: 15559
age: 12582169
status: 200
x-guploader-uploadid: AEnB2Ur43kygUXuO7yU5X7o1AtxsDv3sEwtSnpBY8yR4MnfgHOLca4n58mirV9N_pg9NB4MscQDILtE0SiQfubzvQPMKn3ndi_gvv13k58xJJ3nq5eOBwMc
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 28604
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583306168.378757,VS0,VE0
etag: "a22ae3ed1e775ce90ced16f1822f4ddc"
vary: Origin
x-goog-hash: crc32c=zgCcGg==, md5=oirj7R53XOkM7Rbxgi9N3A==
x-goog-generation: 1570567624224052
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 28604
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 09 Oct 2020 16:13:18 GMT

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 101ms
58ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish
x-cache-hits: 17578
age: 713550
status: 200
x-guploader-uploadid: AEnB2UqqJSUZXyTtp3V9A5h2huP-Amdm9M63XU2S3ZzuwEuoJVg4oZZLfOvLYKJUS89n3T0fr582JPQzGK3nBWNV9CdNjDMtJ9tiNdDDU8HP-SmyT8bQjNk
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 29076
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 08 Oct 2019 20:47:04 GMT
server: UploadServer
x-timer: S1583306168.379091,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
vary: Origin
x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
x-goog-generation: 1570567624300845
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29076
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Wed, 24 Feb 2021 01:03:38 GMT

GET
H2 200 imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
g1.nyt.com/fonts/family/imperial/ 28 KB
29 KB 101ms
58ms Font
font/woff2 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.2531995fefd3b997f9c4d564ebe89268.woff2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.5810def60210a2fa7d0848f37e3fa048bb6147b1.css
Origin: https://www.nytimes.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish
x-cache-hits: 16368
age: 12582225
status: 200
x-guploader-uploadid: AEnB2Uqr1ksv5nNCMJJjB958Div1EEFIIwfzRXTdzXyzTID2vPI0nT5CCsW6JH-3NgBIudO_UxXSGFi3g_TcNB549jwSHSNlYHL7zPr-s7ZAvU7s_Sod0nU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 29016
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 08 Oct 2019 20:47:05 GMT
server: UploadServer
x-timer: S1583306168.379061,VS0,VE0
etag: "2531995fefd3b997f9c4d564ebe89268"
vary: Origin
x-goog-hash: crc32c=1n93EQ==, md5=JTGZX+/TuZf5xNVk6+iSaA==
x-goog-generation: 1570567625845342
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29016
x-nyt-pagetype: nyt5-asset
accept-ranges: bytes
content-type: font/woff2
expires: Fri, 09 Oct 2020 16:12:23 GMT

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 97 B
620 B 21ms
21ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-0.5.65 /
Resource Hash: 5fd0d7eeaa3e0910d9c2f341dc08041ca07118ff200078104700c06892c52647

Request headers

Origin: https://www.nytimes.com
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json
Referer: https://www.nytimes.com/section/us
nyt-app-version: 0.0.5
Sec-Fetch-Dest: empty

Response headers

x-samizdat-query-sup-code
date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-nyt-meridiem: AM
age: 36
x-cache: HIT
status: 200
samizdat-x-instance: a8e0066
x-samizdat-query-field-errors: 0
x-cache-hits: 7
x-samizdat-query-exe-id: 11ead5bd43a800bb
content-length: 98
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: NB
server: samizdat-graphql-0.5.65
x-timer: S1583306168.390911,VS0,VE0
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-subscriber, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:AM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: NL
accept-ranges: bytes
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 payframe
pay.google.com/gp/p/ui/ Frame 4A8F 0
0 117ms
69ms Document
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pVW+B+7hM2e3xS0PJk94Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-pVW+B+7hM2e3xS0PJk94Zg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https://www.nytimes.com&mid=%{merchantId}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nytimes.com/section/us

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
expires: Wed, 04 Mar 2020 07:16:08 GMT
date: Wed, 04 Mar 2020 07:16:08 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-pVW+B+7hM2e3xS0PJk94Zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-pVW+B+7hM2e3xS0PJk94Zg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=199=fLRavAY23LoGSxMPTJ9spaxLa38YcnkxDgIBR6Rp5jrFNYT8ol0LctV1oju_OdlmQ9oEHmloRfHWBIZdLN5u61KCYMlj9Y7ifvPPuhm0GtZmB3iXi-PDqLBPLG3ghlECqpernIqQPuhZMUik1aI37-JaIXuFOBKfHNH98MXzCIg; expires=Thu, 03-Sep-2020 07:16:08 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 19 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 07:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 879
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5809
x-xss-protection: 0
expires: Wed, 04 Mar 2020 07:51:29 GMT

GET
H2 200 serviceiframe
news.google.com/swg/_/ui/v1/ Frame 3673 0
0 83ms
82ms Document
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=439807

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O6mgqNdp+DV7MzKex8vACQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-O6mgqNdp+DV7MzKex8vACQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=439807
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nytimes.com/section/us

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 04 Mar 2020 07:16:08 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-O6mgqNdp+DV7MzKex8vACQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-O6mgqNdp+DV7MzKex8vACQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=199=N3a-eOSHSe1UkWo30uFaeIYA5rAjUO06iK_6FQp3HH2sSmrv6sBnk4tYgIAHCD1d4YC_DOA3KXpShej6FG7S2wbTZCauH6lBar0_eA_n-dmAC7ytQsF9QsJ47_DqcJTmaQXyLRVz3HFwFdRm1od4Zyxd0KNbIDanDDkCLX_MPNg; expires=Thu, 03-Sep-2020 07:16:08 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 7ms
6ms Other
image/svg+xml 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Wed, 04 Mar 2020 07:15:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Oct 2018 21:24:31 GMT
server: sffe
age: 16
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1049
x-xss-protection: 0
expires: Wed, 04 Mar 2020 08:05:52 GMT

GET
H2 200 pay
pay.google.com/gp/p/ui/ 0
0 114ms
74ms Other
text/html 2a00:1450:400c:c0a::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/gp/p/ui/pay?_=439807
Requested by: Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2

200

m=b2,aist,ist,qst
www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/
Redirect Chain

https://payments.google.com/payments/v4/js/integrator.js?ss=md
https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst

0
82 KB

7ms
6ms

Other
text/javascript

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 16:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Feb 2020 16:16:35 GMT
server: sffe
age: 483483
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 83696
x-xss-protection: 0
expires: Fri, 26 Feb 2021 16:58:06 GMT

Redirect headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 301
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 269
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/_/billing/_/js/k=billing.ims.en_US.v3256Pr22CA.O/am=lZA/d=1/ct=zgms/rs=AChpKPBtEv-_MEBo7cTIfeqaA18GQ6cjOw/m=b2,aist,ist,qst
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src clients2.google.com/gr/GrDataFetcher.swf;report-uri /payments/cspreport;script-src 'report-sample' 'nonce-3ATSS0PQMVwdZCPPaEGUPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gr_full_2.0.6.js
clients2.google.com/gr/ 0
9 KB 46ms
6ms Other
text/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://clients2.google.com/gr/gr_full_2.0.6.js

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Wed, 04 Mar 2020 06:38:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
age: 2287
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8665
x-xss-protection: 0
expires: Wed, 04 Mar 2020 07:38:01 GMT

GET
H2 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
983 B 74ms
73ms Fetch
application/json 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X38ZRfQjWrtpwWTPeBb3fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientHttp/cspreport;worker-src 'self', script-src 'nonce-X38ZRfQjWrtpwWTPeBb3fA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-X38ZRfQjWrtpwWTPeBb3fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientHttp/cspreport;worker-src 'self', script-src 'nonce-X38ZRfQjWrtpwWTPeBb3fA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vi_article.js Show response
cdn.optimizely.com/public/3013110282/s/ 384 KB
117 KB 27ms
14ms Script
text/javascript 2a02:26f0:f1:191::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/3013110282/s/vi_article.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f1:191::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d247b1d1593bd99f20a224e2dfeb16c6838906bd292589770ced6b4c6713d137

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: dvDpXF4Zip3MGQLRUPRBddiE4H_qqgOs
content-encoding: gzip
x-amz-request-id: 06793609A0F05387
status: 200
access-control-max-age: 86400
date: Wed, 04 Mar 2020 07:16:08 GMT
x-amz-replication-status: PENDING
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:f1:191::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
content-length: 119082
x-amz-id-2: HTsspxLOc8tucM76TjeuhqH1wL0jxGKwrztH3J6yhNmgedLlACvwN1YgTYf8gVmOUPvoaR44Z3w=
last-modified: Thu, 27 Feb 2020 19:40:27 GMT
server: AmazonS3
etag: "6bfb76e02e11aed7f9954e279562892a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 11981
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ip_seg_v2.rep Show response
cigsvc.nytimes.com/r1/jp/ 170 B
457 B 121ms
115ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cigsvc.nytimes.com/r1/jp/ip_seg_v2.rep?&callback=callback
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 07:16:08 GMT
via: 1.1 varnish
x-timer: S1583306169.553695,VS0,VE94
x-served-by: cache-hhn4057-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript;charset=UTF-8
status: 200
cache-control: no-cache, no-cache="set-cookie"
x-cache-hits: 0
accept-ranges: bytes
content-length: 170
expires: 0

GET
H2 200 vendors~audio~capsule~cityguides~collections~home~liveblog~paidpost~slideshow~story~video-a0858e7019e1cacc56e5.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
11 KB 22ms
21ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~cityguides~collections~home~liveblog~paidpost~slideshow~story~video-a0858e7019e1cacc56e5.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

366e4c8ace6dc121105fc314b7f16460c4b4104d9332df35dada900f13b73d94

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-api-version: F-X
age: 399949
x-guploader-uploadid: AEnB2UoFldL5gLZo4G7iPeYM4RsvZUkQ38QtHuJ-8iLvZ22V7WK4KfUPEdxG7mpil_9-bnq6XX_1F4oSD_urF-ad3pwY7Ve1SA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-28 16:10:40 UTC
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
last-modified: Fri, 28 Feb 2020 15:37:35 GMT
server: UploadServer
x-timer: S1583306169.609904,VS0,VE1
etag: "15ea2c11caaeb29731c5a05e605e22a4"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=330J8w==, md5=FeosEcquspcxxaBeYF4ipA==
x-goog-generation: 1582904255574957
expires: Sat, 27 Feb 2021 16:10:19 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 50949
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 10820
content-type: application/javascript
x-cache-hits: 23748

GET
H2 200 vendors~collections~search-ea1b23ff3c707b0e23b6.js Show response
www.nytimes.com/vi-assets/static-assets/ 44 KB
10 KB 22ms
21ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~collections~search-ea1b23ff3c707b0e23b6.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7183c7c50e8cff0e4cb7344483d5f69ec786ef306383c7a3a2d2b1ced6a54b7f

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-api-version: F-X
age: 985960
x-guploader-uploadid: AEnB2Upq7kj9jTI1DJ3RZvsFCqCLSNLE8ZNqULLQr1yrQKWmI0XPwFdwI4tSLhMONR-V1nAgcu8Q4B6403GP6SINOmyq6ErPMdsdBfiDUmK2Dshe1ehPMBc
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-21 21:23:28 UTC
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
last-modified: Fri, 21 Feb 2020 20:53:45 GMT
server: UploadServer
x-timer: S1583306169.610122,VS0,VE1
etag: "293774f25a0a2afac04168ec8195b52d"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=YImd6A==, md5=KTd08loKKvrAQWjsgZW1LQ==
x-goog-generation: 1582318425300280
expires: Sat, 20 Feb 2021 21:23:28 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 44694
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 9886
content-type: application/javascript
x-cache-hits: 16071

GET
H2 200 vendors~collections-2504d14f604a7a4963cd.js Show response
www.nytimes.com/vi-assets/static-assets/ 28 KB
8 KB 23ms
22ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~collections-2504d14f604a7a4963cd.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

2f1854fe522e040274f3f7ff6099b5ad70baf11f08aa79e9481eaa4818a9d2f9

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-api-version: F-X
age: 489057
x-guploader-uploadid: AEnB2UoL4IKFcugZas7B45LFD5z0tSY3qQtUFVmkqeu4PLHeRCAKCHIhLpN5_snlADx8XnDuUizdbqCpDC3XDGrU3tvgJgQx1ci7ja_7Hmol2eiIcEMi10o
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-origin-time: 2020-02-27 15:25:11 UTC
x-served-by: cache-hhn4057-HHN
accept-ranges: bytes
last-modified: Thu, 27 Feb 2020 12:51:25 GMT
server: UploadServer
x-timer: S1583306169.610282,VS0,VE0
etag: "de39c6ede84c26e052d3946caf97ec2d"
vary: Accept-Encoding, Fastly-SSL
x-goog-hash: crc32c=ZiyRuw==, md5=3jnG7ehMJuBS05Rsr5fsLQ==
x-goog-generation: 1582807885776308
expires: Fri, 26 Feb 2021 15:25:11 GMT
cache-control: public,max-age=31536000
x-nyt-route: vi-assets
x-goog-stored-content-length: 28375
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src https: blob:; object-src https:; child-src https: data: blob:; form-action https:; block-all-mixed-content;
content-length: 8126
content-type: application/javascript
x-cache-hits: 10540

POST
H2 200 track
a.et.nytimes.com/ 0
0 112ms
111ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H/1.1 200
OK / Show response
et.nytimes.com/ 614 B
1 KB 491ms
169ms XHR
application/json 52.22.52.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.52.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-52-90.compute-1.amazonaws.com
Software: /
Resource Hash: d8e209582ff2bc0fc5e8de0f468859654f609cc88ce782f23e0d5c66190ec687

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Date: Wed, 04 Mar 2020 07:16:09 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 614
Content-Type: application/json

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
js.datadome.co/ 128 KB
22 KB 78ms
33ms Script
text/javascript 143.204.101.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: xwel.xyz
URL: http://xwel.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.22 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-22.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

ed8ab4b5ad016ad6b66cd70b80eebb79b8da7c98ad5e385a1ff45b8a9f70a141

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:08:16 GMT
content-encoding: gzip
age: 472
x-cache: Hit from cloudfront
status: 200
strict-transport-security: max-age=15768000
content-length: 22430
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
last-modified: Thu, 27 Feb 2020 09:08:06 GMT
server: Apache
etag: "20144-59f8b0f249752-gzip"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 5sg48XxEHMR28f9FgBQBSDG3Hl30R8OhgVml_BcnB_l0ucpN6MkVzQ==
expires: Wed, 04 Mar 2020 08:08:16 GMT

GET
H/1.1 200
OK pixel.gif
et.nytimes.com/ 0
0 429ms
123ms Image
application/json 52.22.52.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://et.nytimes.com/pixel.gif?subject=ab-expose&test=DFP_als&variant=1_als&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&instant=1&skipAugment=true&gtm=GTM-P528B3-361-Production&et2_pageview_id=4uEB40Wo2Gy878YS6MfnoT3G
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.52.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-52-90.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H/1.1 200
OK pixel.gif
et.nytimes.com/ 0
0 435ms
117ms Image
application/json 52.22.52.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://et.nytimes.com/pixel.gif?subject=ab-expose&test=dfp_adslot4v2&variant=1_external&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&instant=1&skipAugment=true&gtm=GTM-P528B3-361-Production&et2_pageview_id=4uEB40Wo2Gy878YS6MfnoT3G
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.52.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-52-90.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 109 B
778 B 31ms
15ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020030201.js Show response
securepubads.g.doubleclick.net/gpt/ 164 KB
60 KB 29ms
28ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

227bdf139a3bf9f7c2945b1015c9e25b43e5af3dfd77d9dca46ae79e01ea6e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 14:06:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61409
x-xss-protection: 0
expires: Wed, 04 Mar 2020 07:16:08 GMT

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 513 B
1 KB 370ms
240ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referer=http%3A%2F%2Fxwel.xyz%2F
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.241.35.241 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 725787c589300a6312f087835c7f93db2f0b36906cada7a6dc0bcefff3b46457

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
status: 200
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 513

GET
H2 200 preferences
purr.nytimes.com/v1/ 0
0 185ms
113ms Fetch
text/html 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/preferences
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
server: Google Frontend
status: 200
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: bef9c470f4410bb9ee1611920ff13b40
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Wed, 04 Mar 2020 07:16:09 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 1 KB
2 KB 200ms
139ms XHR
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=http%3A%2F%2Fxwel.xyz%2F&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5d0ce7898798bdf967a601cf37fb443c3b7f47c8f4e6be18e00f6a6888510aab

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: gzip
status: 200
x-appengine-log-flush-count: 1
content-length: 681
expires: Wed, 04 Mar 2020 07:16:09 GMT
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 4aa9a310bcd14626d12f33f92e4d2128
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
x-jkidd-testing-keys: regi=; ip=[2a01:4f8:192:5414::2]:80; agent=4cA1kKpTTjkM8QVNw5CbKs; asset=https://www.nytimes.com/section/us;

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5038
date: Wed, 04 Mar 2020 05:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Wed, 04 Mar 2020 07:52:11 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
104ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H/1.1 200
OK / Show response
et.nytimes.com/ 101 B
805 B 108ms
108ms XHR
application/json 52.22.52.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.52.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-52-90.compute-1.amazonaws.com
Software: /
Resource Hash: 2f724783deda4d87d843c9c2768097ab367c5b87774ab3b8aee077dcd88a08f8

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Date: Wed, 04 Mar 2020 07:16:09 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 101
Content-Type: application/json

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=993505856&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Fxwel.xyz%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-58630905-2&cid=151746725.1583306169&jid=1544958179&_gid=306864738.1583306169&gjid=977975482&_v=j81&z=296640288
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=151746725.1583306169&jid=1544958179&_v=j81&z=296640288
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=151746725.1583306169&jid=1544958179&_v=j81&z=296640288&slf_rd=1&random=3011943129

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=151746725.1583306169&jid=1544958179&_v=j81&z=296640288&slf_rd=1&random=3011943129

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 07:16:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Mar 2020 07:16:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-58630905-2&cid=151746725.1583306169&jid=1544958179&_v=j81&z=296640288&slf_rd=1&random=3011943129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
api-js.datadome.co/js/ 2 B
279 B 122ms
23ms XHR
application/json 52.59.16.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.16.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-16-172.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 04 Mar 2020 07:16:09 GMT
Server: DataDome
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 2
Expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 B
395 B 220ms
220ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1631129307532729&correlator=2448530785553124&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065628%2C21062833&vrg=2020030201&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1199&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583305920697%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cmkt_dfp_ods_2_test%26page_view_id%3D4uEB40Wo2Gy878YS6MfnoT3G%26sov%3D2%26aid%3D4cA1kKpTTjkM8QVNw5CbKs&cookie_enabled=1&bc=31&abxe=1&lmt=1583305920&dt=1583306169412&dlt=1583306168212&idt=1170&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=64&adks=634834303&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxwel.xyz%2F&dssz=39&icsg=213887984&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x0&msz=1585x0&ga_vid=151746725.1583306169&ga_sid=1583306169&ga_hid=993505856&fws=4&ohw=1585&btvi=0

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

5a76d6e60140dd84e8b240f210fde6737f5007f58000b50f4c3395424ab22435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020030201.js Show response
securepubads.g.doubleclick.net/gpt/ 69 KB
25 KB 29ms
28ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

cdf4bc477f4aa7b15e1e911bbcb38f48876001a8c70fa5a083d624e24bb6675f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Mar 2020 14:06:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 25775
x-xss-protection: 0
expires: Wed, 04 Mar 2020 07:16:09 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 19ms
7ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 B
391 B 215ms
215ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1631129307532729&correlator=2448530785553124&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065628%2C21062833&vrg=2020030201&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1219&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583305920697%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cmkt_dfp_ods_2_test%26page_view_id%3D4uEB40Wo2Gy878YS6MfnoT3G%26sov%3D2%26aid%3D4cA1kKpTTjkM8QVNw5CbKs&cookie_enabled=1&bc=31&abxe=1&lmt=1583305920&dt=1583306169427&dlt=1583306168212&idt=1170&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2873317091&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxwel.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=151746725.1583306169&ga_sid=1583306169&ga_hid=993505856&fws=132&ohw=1585

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

33770886eae66382614915e7d91a0b39d3f3b7a75f377795397ca2dba6c901e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 213
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 412 B
728 B 126ms
126ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1631129307532729&correlator=2448530785553124&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065628%2C21062833&vrg=2020030201&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dmid1%26pos%3Dmid1%26request_time%3D1225&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583305920697%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cmkt_dfp_ods_2_test%26page_view_id%3D4uEB40Wo2Gy878YS6MfnoT3G%26sov%3D2%26aid%3D4cA1kKpTTjkM8QVNw5CbKs&cookie_enabled=1&bc=31&abxe=1&lmt=1583305920&dt=1583306169434&dlt=1583306168212&idt=1170&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=1125&adks=2341692046&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxwel.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1585x142&msz=1585x0&ga_vid=151746725.1583306169&ga_sid=1583306169&ga_hid=993505856&fws=4&ohw=1585&btvi=0

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

229b7f5425a3ec9e48d27646aec6f562d4cef582762584135440ad874d433656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 218
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 413 B
398 B 122ms
122ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1631129307532729&correlator=2448530785553124&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065628%2C21062833&vrg=2020030201&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%7C640x480&prev_scp=div%3Dinterstitial%26pos%3Dinterstitial%26request_time%3D1232&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583305920697%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cmkt_dfp_ods_2_test%26page_view_id%3D4uEB40Wo2Gy878YS6MfnoT3G%26sov%3D2%26aid%3D4cA1kKpTTjkM8QVNw5CbKs&cookie_enabled=1&bc=31&abxe=1&lmt=1583305920&dt=1583306169440&dlt=1583306168212&idt=1170&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1591558105&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxwel.xyz%2F&dssz=40&icsg=137652841456&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=151746725.1583306169&ga_sid=1583306169&ga_hid=993505856&fws=644&ohw=1585

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

4cd09d60664cdb2c7951f1561cfb8c2b54cacdc4df5a4de320b182dcaf20a5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
721 B 116ms
116ms Script
application/javascript 52.22.52.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fxwel.xyz%2F&clientTimeStamp=1583306169519&totalTime=0&evtUUID=496439a6-9d77-4565-a69c-54815c4faf06&gtm=GTM-P528B3-361-Production&page_view_id=4uEB40Wo2Gy878YS6MfnoT3G&performance=%7B%22first-paint%22%3A434%2C%22first-contentful-paint%22%3A434%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&et2_pageview_id=4uEB40Wo2Gy878YS6MfnoT3G&sourceApp=nyt-vi&assetData=%7B%22url%22%3A%22https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus%22%2C%22wordCount%22%3A0%2C%22id%22%3A100000004047817%2C%22publishedDate%22%3A1449687013000%2C%22publishedTimestamp%22%3A1449687013000%2C%22lastUpdatedTimestamp%22%3A1583286833000%2C%22uri%22%3A%22nyt%3A%2F%2Flegacycollection%2F11f72ab4-7cd0-540a-93cc-f35b32cd013d%22%2C%22section%22%3A%22U.S.%22%2C%22sectionContent%22%3A%22us%22%2C%22contentTone%22%3A%22NEWS%22%2C%22slug%22%3A%22us%22%2C%22source%22%3A%22nyt_cms%22%2C%22derivedDesk%22%3A%22national_desk%22%2C%22type%22%3A%22sectioncollection%22%2C%22languageName%22%3A%22English%22%2C%22languageCode%22%3A%22en%22%2C%22jkiddSrc%22%3A%22fe%22%7D&skipFilter=%5B%22content%22%2C%22jkiddata%22%5D&callback=window.EventTracker.cb0&pageMetaData=%7B%22PT%22%3A%22collection%22%2C%22CG%22%3A%22U.S.%22%2C%22SCG%22%3A%22%22%2C%22byl%22%3A%22%22%2C%22tom%22%3A%22%22%2C%22hdl%22%3A%22%22%2C%22ptime%22%3A%2220151209135013%22%2C%22cre%22%3A%22%22%2C%22articleid%22%3A100000004047817%2C%22channels%22%3A%22%22%2C%22CN%22%3A%22us%22%2C%22CT%22%3A%22sectionfront%22%2C%22backfilled%22%3A%22articleid%2CCG%22%7D&additionalClientData=%7B%22ul%22%3A%22en-US%22%2C%22js%22%3A%22Yes%22%2C%22jv%22%3A%221.5%22%2C%22fi%22%3A%22No%22%2C%22tz%22%3A1%2C%22bh%22%3A8%2C%22cd%22%3A24%2C%22sr%22%3A%221600x1200%22%2C%22bs%22%3A%221600x1200%22%2C%22jo%22%3A%22No%22%2C%22or%22%3A%22land%22%7D
Requested by: Host: xwel.xyz
URL: http://xwel.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.52.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-52-90.compute-1.amazonaws.com
Software: /
Resource Hash: 80d1716eb4c8033ea42556da87690c2903fdf3490cddf15974002b0791fa37c8

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 07:16:09 GMT
Connection: keep-alive
Content-Length: 105
Content-Type: application/javascript

GET
H2

200

activityi;dc_pre=CJKVvY6jgOgCFRHhuwgdnz4Kzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8222761767565;gtm=2wg2q2;auiddc=350670500.1583306170;u4=;u5=undefined;u6=undefined;u7=4cA1kKpTTjkM8QVNw5CbKs...
5290727.fls.doubleclick.net/ Frame D8C5
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8222761767565;gtm=2wg2q2;auiddc=350670500.1583306170;u4=;u5=undefined;u6=undefined;u7=4cA1kKpTTjkM8QVNw5Cb...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJKVvY6jgOgCFRHhuwgdnz4Kzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8222761767565;gtm=2wg2q2;auiddc=350670500.1583306170;u4=;u5=undefined;u6...

0
0

36ms
36ms

Document
text/html

216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CJKVvY6jgOgCFRHhuwgdnz4Kzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8222761767565;gtm=2wg2q2;auiddc=350670500.1583306170;u4=;u5=undefined;u6=undefined;u7=4cA1kKpTTjkM8QVNw5CbKs;u8=;u10=http%3A%2F%2Fxwel.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJKVvY6jgOgCFRHhuwgdnz4Kzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8222761767565;gtm=2wg2q2;auiddc=350670500.1583306170;u4=;u5=undefined;u6=undefined;u7=4cA1kKpTTjkM8QVNw5CbKs;u8=;u10=http%3A%2F%2Fxwel.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 04 Mar 2020 07:16:09 GMT
expires: Wed, 04 Mar 2020 07:16:09 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 437
x-xss-protection: 0
set-cookie: IDE=AHWqTUlrxWuDBl71xsC-Kj4pOv6UR4_qEkahmgYV_RGPekJBw80Is8LnmYsn_OUq; expires=Mon, 29-Mar-2021 07:16:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Wed, 04 Mar 2020 07:16:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJKVvY6jgOgCFRHhuwgdnz4Kzg;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=8222761767565;gtm=2wg2q2;auiddc=350670500.1583306170;u4=;u5=undefined;u6=undefined;u7=4cA1kKpTTjkM8QVNw5CbKs;u8=;u10=http%3A%2F%2Fxwel.xyz%2F;u11=1;u12=100000004047817;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus;~oref=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 04-Mar-2020 07:31:09 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 23ms
7ms Script
application/x-javascript 2600:9000:21f3:7000:18:1fcd:349:ca21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: xwel.xyz
URL: http://xwel.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:7000:18:1fcd:349:ca21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 06:04:20 GMT
content-encoding: gzip
last-modified: Tue, 29 Oct 2019 02:24:02 GMT
server: nginx
age: 4309
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: GQ1g1ylneUQ80hDNtDXmNjqV3i4c72xmsOXO0FUaDtrXfwXc7B4nJg==
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
expires: Wed, 04 Mar 2020 08:04:20 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
515 B 56ms
21ms Script
application/javascript 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: xwel.xyz
URL: http://xwel.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: gzip
x-cache-hits: 797
age: 27634
status: 200
x-guploader-uploadid: AEnB2Uq5n6mfU5l87cpO2hl4nBIaRkwS_xcFi1r9x4Th2c38RigXnoW3CCSzg45I31-kQRCb2e6Plj1eBGHpUJckLHOXePnybw
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
access-control-allow-methods: GET, OPTIONS
content-length: 65
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Thu, 28 Mar 2019 13:58:23 GMT
server: UploadServer
x-timer: S1583306170.582692,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
x-goog-generation: 1553781503379173
via: 1.1 varnish
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 26 Jun 2019 23:27:18 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 119ms
119ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=993505856&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&dr=http%3A%2F%2Fxwel.xyz%2F&ul=en-us&de=UTF-8&dt=U.S.%20News%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAEAB~&jid=&gjid=&cid=151746725.1583306169&tid=UA-58630905-2&_gid=306864738.1583306169&gtm=2wg2q2P528B3&cg1=null&cg2=null&cg3=collection&cg4=null&cd1=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd2=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&cd3=&cd4=U.S.&cd9=9&cd10=xwel.xyz&cd13=xwel.xyz&cd14=national_desk&cd15=earned&cd16=referring_links&cd17=100000004047817&cd21=collection&cd23=U.S.&cd26=2015&cd27=2015-12-09-13&cd28=Wednesday&cd29=13&cd30=1583286833000&cd34=NEWS&cd36=us&cd37=0&cd42=nyt-vi&cd48=December&cd49=blurb_under_100&cd51=nyt-vi&cd52=collection&cd54=national_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=4cA1kKpTTjkM8QVNw5CbKs&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=4cA1kKpTTjkM8QVNw5CbKs&cd172=desktop&cd173=desktop&z=1611888135

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Mon, 24 Feb 2020 23:41:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 718486
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 22 KB
4 KB 257ms
255ms XHR
application/json 151.101.113.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=1&ma=1&counted=false&granted=true&us=anon&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 632e001a2bb087b8352cb203c65f1a2b0e1eff4f5902cc50b8ea79fc3c91b10e

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: gzip
age: 0, 0
x-cache: MISS
status: 200
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: https://www.nytimes.com
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_anon_new-journey-rollout","dock":"MAG_web_anon_new-journey-rollout","inlineUnit":"MAG_web_anon_new-journey-rollout","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1583306170.565224,VS0,VE235
vary: x-nyt-cig-edu-b2b, x-nyt-user-status, x-nyt-country, x-nyt-device, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 25cd3403cbb45ec36daa58af11eadef6
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-params
accept-ranges: bytes, bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
103ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 313 B
437 B 134ms
133ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1631129307532729&correlator=2448530785553124&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065628%2C21062833&vrg=2020030201&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&prev_scp=div%3Dmid2%26pos%3Dmid2%26request_time%3D1374&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583305920697%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cmkt_dfp_ods_2_test%26page_view_id%3D4uEB40Wo2Gy878YS6MfnoT3G%26sov%3D2%26aid%3D4cA1kKpTTjkM8QVNw5CbKs&cookie=ID%3D6a5febc47dd999c6%3AT%3D1583306169%3AS%3DALNI_MZcCX_jiurqyxLAHY9AZ1bTd7ZWvQ&cookie_enabled=1&bc=31&abxe=1&lmt=1583305920&dt=1583306169584&dlt=1583306168212&idt=1170&frm=20&biw=1585&bih=1200&oid=3&adxs=1093&adys=1491&adks=4155779674&ucis=5&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxwel.xyz%2F&dssz=54&icsg=2202445451200&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=ABP-KfQ1F_EDpwqiqFh3txAOEJa3&ga_vid=151746725.1583306169&ga_sid=1583306169&ga_hid=993505856&fws=4&ohw=1585&btvi=1

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e7e9b14af4183931168dd45cf04af9411b40f2c9f61a8a6384ba5e3ad0d1a97b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
168 B 335ms
109ms Image
image/gif 3.225.50.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2Fsection%2Fus&u=_dM2zDshvRNBJVOIF&d=nytimes.com&g=16698&g0=us%2Cnational_desk&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3947&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=http%3A%2F%2Fxwel.xyz%2F&b=1664&t=CJCJZICh-S6qL6JuR-43ABVh-Os&V=118&i=U.S.%20News%20-%20The%20New%20York%20Times&tz=-60&_acct=anon&sn=1&sv=DMU0kfCz1n-vFCZEdCNHiAiBjMvmQ&sr=http%3A%2F%2Fxwel.xyz%2F&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.50.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-50-203.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
pragma: no-cache
date: Wed, 04 Mar 2020 07:16:09 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
745 B 114ms
114ms Script
application/javascript 52.22.52.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fxwel.xyz%2F&clientTimeStamp=1583306169519&totalTime=42&evtUUID=496439a6-9d77-4565-a69c-54815c4faf06&gtm=GTM-P528B3-361-Production&incognitoEnabled=false&activeTime=0&page_view_id=4uEB40Wo2Gy878YS6MfnoT3G&performance=%7B%22first-paint%22%3A434%2C%22first-contentful-paint%22%3A434%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22meter%22%2C%22context%22%3A%22dd5d041%22%2C%22label%22%3A%220%22%2C%22region%22%3A%22false%22%7D%2C%22priority%22%3Atrue%7D%5D&et2_pageview_id=4uEB40Wo2Gy878YS6MfnoT3G&sourceApp=nyt-vi&callback=window.EventTracker.cb1&datumId=f4b8d9296d20ce2f
Requested by: Host: xwel.xyz
URL: http://xwel.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.52.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-52-90.compute-1.amazonaws.com
Software: /
Resource Hash: 9570acee8a250de9c31f8f8a1d49cf3da870501cbbb03be10820f61573611ba7

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 07:16:19 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 319 B
215 B 133ms
132ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1631129307532729&correlator=2448530785553124&output=ldjh&impl=fif&adsid=NT&eid=21065400%2C21065628%2C21062833&vrg=2020030201&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200304&iu_parts=29390238%2Cnyt%2Cus%2Csectionfront&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=div%3Dmktg%26pos%3Dmktg%26request_time%3D1528&cust_params=edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dsf%26vp%3Dlarge%26als_test%3D1583305920697%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26artlen%3Dshort%26ledemedsz%3Dnone%26template%3Dlegacycollection%26section%3Dus%26si_section%3Dus%26id%3D100000004047817%26pt%3Dnull%26gscat%3Dneg_ibmtest%252Cneg_bofa%252Cgs_health_misc%252Cgs_health%252Cneg_fcli%252Cgs_politics_misc%252Cgs_economy_misc%252Cgs_politics%252Cneg_google%252Cgs_economy%252Cneg_virus%252Cneg_ibm%252Cneg_mastercard%252Cgv_death_injury%252Cgs_t%26abra_dfp%3Ddfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_messaging_flexframe_ctr_0_control%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cmkt_dfp_ods_2_test%26page_view_id%3D4uEB40Wo2Gy878YS6MfnoT3G%26sov%3D2%26aid%3D4cA1kKpTTjkM8QVNw5CbKs&cookie=ID%3D62b3448d975e4381%3AT%3D1583306169%3AS%3DALNI_Ma0qYitQ9iryCcBJb_Iqybybl42-g&cookie_enabled=1&bc=31&abxe=1&lmt=1583305920&dt=1583306169737&dlt=1583306168212&idt=1170&frm=20&biw=1585&bih=1200&oid=3&adxs=1093&adys=1359&adks=195518668&ucis=6&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&ref=http%3A%2F%2Fxwel.xyz%2F&dssz=55&icsg=8809781804800&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x283&msz=300x250&psts=ABP-KfQ1F_EDpwqiqFh3txAOEJa3%2CABP-KfQ1F_EDpwqiqFh3txAOEJa3%2CABP-KfQ1F_EDpwqiqFh3txAOEJa3%2CABP-KfQ1F_EDpwqiqFh3txAOEJa3&ga_vid=151746725.1583306169&ga_sid=1583306169&ga_hid=993505856&fws=4&ohw=1585&btvi=2

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

e5c404cc588c74675aaf3dcbe323860533a986b711147ce51683e2d96f20be5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
745 B 116ms
115ms Script
application/javascript 52.22.52.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fxwel.xyz%2F&clientTimeStamp=1583306169519&totalTime=305&evtUUID=496439a6-9d77-4565-a69c-54815c4faf06&gtm=GTM-P528B3-361-Production&activeTime=0&adBlockEnabled=false&page_view_id=4uEB40Wo2Gy878YS6MfnoT3G&performance=%7B%22first-paint%22%3A434%2C%22first-contentful-paint%22%3A434%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22bar1%22%2C%22context%22%3A%22%22%2C%22label%22%3A%22MAG_web_anon_new-journey-rollout%22%2C%22region%22%3A%220%22%7D%2C%22priority%22%3Atrue%7D%5D&et2_pageview_id=4uEB40Wo2Gy878YS6MfnoT3G&sourceApp=nyt-vi&callback=window.EventTracker.cb2&datumId=f4b8d9296d20ce2f&agentId=4cA1kKpTTjkM8QVNw5CbKs
Requested by: Host: xwel.xyz
URL: http://xwel.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.52.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-52-90.compute-1.amazonaws.com
Software: /
Resource Hash: 02a2d97ea6f05058ccac1f186022fe41cf7d8e3d820883a22c8e55db67baf867

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 07:15:52 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

POST
H2 200 track
a.et.nytimes.com/ 0
0 111ms
110ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H/1.1 200
OK / Show response
et.nytimes.com/ 105 B
745 B 123ms
123ms Script
application/javascript 52.22.52.90
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://et.nytimes.com/?subject=page&url=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&assetUrl=https%3A%2F%2Fwww.nytimes.com%2Fsection%2Fus&referrer=http%3A%2F%2Fxwel.xyz%2F&clientTimeStamp=1583306169519&totalTime=308&evtUUID=496439a6-9d77-4565-a69c-54815c4faf06&gtm=GTM-P528B3-361-Production&activeTime=0&page_view_id=4uEB40Wo2Gy878YS6MfnoT3G&performance=%7B%22first-paint%22%3A434%2C%22first-contentful-paint%22%3A434%7D&presentation=%7B%22pageType%22%3A%22collection%22%2C%22program%22%3A%7B%22breakpoint%22%3A%7B%22initial%22%3A%22desktop%22%7D%7D%7D&impressions=%5B%7B%22event%22%3A%22impression%22%2C%22moduleObj%22%3A%7B%22name%22%3A%22bar1%22%2C%22context%22%3A%22%22%2C%22label%22%3A%22MAG_web_anon_new-journey-rollout%22%2C%22region%22%3A%220%22%7D%2C%22priority%22%3Atrue%7D%5D&et2_pageview_id=4uEB40Wo2Gy878YS6MfnoT3G&sourceApp=nyt-vi&callback=window.EventTracker.cb3&datumId=f4b8d9296d20ce2f&agentId=4cA1kKpTTjkM8QVNw5CbKs
Requested by: Host: xwel.xyz
URL: http://xwel.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.52.90 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-52-90.compute-1.amazonaws.com
Software: /
Resource Hash: ba9ec260fb4b40815b7ad2282d0488622ef62f87777a78d25b0a3b1af7199cb7

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 04 Mar 2020 07:16:09 GMT
Connection: keep-alive
transfer-encoding: chunked
Content-Type: application/javascript

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
104ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
667 B 27ms
15ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=1631129307532729&r=300x250&w=300&h=250

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/section/us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 07:16:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
407 B 400ms
99ms XHR
text/plain 34.227.153.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.153.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-153-53.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Referer: https://www.nytimes.com/section/us
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Wed, 04 Mar 2020 07:16:10 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.nytimes.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 39ms
15ms Script
application/javascript 2606:4700:3036::6812:206c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: xwel.xyz
URL: http://xwel.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 745cd78d254d001a46755c9620bcc45783131a4bf0362d44e05078fc3297f082

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2020 20:06:39 GMT
server: cloudflare
age: 189
etag: W/"dfd3824ef58640d4a0c2c803c301ba08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=1800
cf-ray: 56e9cf6a5dfb1f55-FRA
x-amz-request-id: DB18EB0FB37FE6E8
x-amz-id-2: 3/eO8hOFD8zug/mMGF60tJvaP5P9u11o45pjnQFM5vP772aWCZkvyDZRP0DyVOmlawRkjsthFxU=

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 29ms
18ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020030201&st=env

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

168f98a021fd84ea30e8da4401639c34f56af6a14ee93a3f88144525880a90c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5137
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020030201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Wed, 04 Mar 2020 07:16:09 GMT

GET
H2 200 sdk-prod-c0c249c1f855a09dbee9.js Show response
platform.iteratehq.com/ 810 KB
221 KB 16ms
16ms Script
application/javascript 2606:4700:3036::6812:206c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-c0c249c1f855a09dbee9.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92a9cd8f714ce5b96883a3eca69b09325119d23a99c08e81f805aaf3ec624b8

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 04 Mar 2020 07:16:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Feb 2020 20:06:34 GMT
server: cloudflare
age: 990290
etag: W/"1e86462adaefd00f70649e16a72a77b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
cf-ray: 56e9cf6a7e391f55-FRA
x-amz-request-id: F849A6CBF53B15E1
x-amz-id-2: h+acTo3anuEfutK4ejtMzYEGTCSOQCYTB04P30IxydI2NNJS7BjWHP2szlkveZ3xbbkOVULyQQ4=

GET
H2 200 style-678f598e9656ea26a2bab173e40f76a6.css
platform.iteratehq.com/ 135 KB
11 KB 17ms
17ms Stylesheet
text/css 2606:4700:3036::6812:206c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-678f598e9656ea26a2bab173e40f76a6.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:206c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ddf90f1b1347fc3b25ec438499c75811b4992e51e3b9d24a4b2bf725e8af19e

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 07:16:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Feb 2020 22:23:37 GMT
server: cloudflare
age: 1327621
etag: W/"678f598e9656ea26a2bab173e40f76a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
cf-ray: 56e9cf6a7e381f55-FRA
x-amz-request-id: 120B4AC0B93E6DB7
x-amz-id-2: jzgVDokRtUlJwK+ShdiO2OKVzYLEtalbCR/V+mp0NiY04Oos9sXbVQ2YWl9fVydB2V34toZh9OM=

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 47B1 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nytimes.com/section/us
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nytimes.com/section/us

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Wed, 04 Mar 2020 06:02:02 GMT
expires: Thu, 04 Mar 2021 06:02:02 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4448
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 uek0ylt.css
use.typekit.net/ 2 KB
833 B 65ms
21ms Stylesheet
text/css 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/uek0ylt.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-33-211.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cb59ff8622df48faf8b8c06bddee7e40309c16a9c0f5ab19a796505fecf3c263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Wed, 04 Mar 2020 07:16:10 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
status: 200
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 633

OPTIONS
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 0
574 B 188ms
168ms Fetch 2606:4700:3032::6812:216c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-af4ece1529932f717d31.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Referer: https://www.nytimes.com/section/us
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

date: Wed, 04 Mar 2020 07:16:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST
status: 200
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 56e9cf6b6e6464eb-FRA
access-control-allow-headers: Authorization, Content-Type
content-length: 0

GET
H2 200 p.css
p.typekit.net/ 5 B
168 B 50ms
20ms Stylesheet
text/css 23.37.33.211
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=uek0ylt&ht=tk&f=26969.26972&a=37539318&app=typekit&e=css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.33.211 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-33-211.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 04 Mar 2020 07:16:10 GMT
last-modified: Thu, 24 Oct 2019 12:28:12 GMT
server: nginx
access-control-allow-origin: *
etag: "5db198dc-5"
content-type: text/css
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5
expires: Wed, 12 Feb 2020 04:31:43 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 15ms
14ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020030201&jk=1631129307532729&bg=!BAelBx9Yau4Jm3in_pgCAAAAP1IAAAAJmQFbpkP6JlnwZHr9ZRYX9AGU35FC9BSTAiTNo69BVK3Sqv6-3_9CNyS9w8L4ywD4oi_sOnyqtJVNPtSTXYbrNVjM8XU0BVc2HmYuEzENeD4RCDRz5EpSt3qT_1EYAOtjJaLj_C8ljEp_dMh3J0Rf0MMDvRwdxnGbjPpPtedSP0oRgSqrwrns41ZDauxs2jlgF5wpaJ8u5bu0I0In5Vp9rJY4vNq9iny0xfMCt1ysgYcbffrVDggHh03VeDfmxKW2jYGJgg4SpAT2kB1Ap_nocF3urRlySeGVkjg27Coedl3-BrufWtxF8p2co0yJWoYsk5o_h-e5fs-u3b-g6LDcATWGqw9txc5bcs3lolMgsXHWZ1_ypMPpAUTowOXS_1HfX2Ps4UqS1RF1elpnIATQ9VL88eG2bD_OFkXTo4f7z_nhLuG8znPM0P0LRXpQQ9PVWwlm6DhKnUZv0RX2ESU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/section/us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 04 Mar 2020 07:16:10 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 259 B
422 B 168ms
167ms Fetch
application/json 2606:4700:3032::6812:216c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6812:216c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e8a101ba679dcfb1c9a4958fa167a37ec119071fcbc8d7b2e8245e51a3302b4

Request headers

Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 Mar 2020 07:16:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 56e9cf6c7f4364eb-FRA

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
241 B 100ms
100ms XHR
text/plain 34.227.153.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.227.153.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-153-53.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.nytimes.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Wed, 04 Mar 2020 07:16:10 GMT
Content-Type: text/plain

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
106ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Other
application/json 2a00:1450:4001:814::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/section/us
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/section/us
Origin: https://www.nytimes.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:10:02	Name: IDE Value: AHWqTUkho6SCj_mlwLzw2gJ8hh7qeWrbmta6wk7CNeFa1qBcCnb45cLvTa1np_v6
news.google.com/	1970-01-19 08:31:38	Name: OTZ Value: 5350036_52_52_123900_48_436380
.nytimes.com/	1970-01-19 16:34:02	Name: nyt-a Value: 4cA1kKpTTjkM8QVNw5CbKs
.nytimes.com/	1970-01-19 07:49:26	Name: edu_cig_opt Value: %7B%22isEduUser%22:false%7D
.google.com/	1969-12-31 23:59:59	Name: S Value: billing-ui-v3=pj9MkIa-D5hYlBWtdhcb1DxLs24kHCID:billing-ui-v3-efe=pj9MkIa-D5hYlBWtdhcb1DxLs24kHCID
.pay.google.com/	1970-01-19 07:49:52	Name: _gid Value: GA1.3.1912833356.1583306169
.nytimes.com/	1970-01-19 07:49:26	Name: b2b_cig_opt Value: %7B%22isCorpUser%22:false%7D
.pay.google.com/	1970-01-19 07:48:26	Name: _gat_UA1168580691 Value: 1
www.nytimes.com/	1970-01-19 17:17:14	Name: _cb Value: _dM2zDshvRNBJVOIF
.nytimes.com/	1970-01-19 07:48:26	Name: _gat_UA-58630905-2 Value: 1
www.nytimes.com/	1970-01-19 17:17:14	Name: _chartbeat2 Value: .1583306169598.1583306169598.1.DMU0kfCz1n-vFCZEdCNHiAiBjMvmQ.1
www.nytimes.com/	1970-01-19 17:17:14	Name: _cb_ls Value: 1
.pay.google.com/	1970-01-20 01:19:38	Name: _ga Value: GA1.3.401923439.1583306169
.nytimes.com/	1970-01-19 09:58:02	Name: _gcl_au Value: 1.1.350670500.1583306170
.nytimes.com/	1970-01-21 03:37:52	Name: nyt-m Value: E11D2D0ADA834877522D78D6D63A364D&uuid=s.a927ddbf-e178-4fbe-a89d-92e218f3518f&n=i.2&er=i.1583306169&fv=i.0&v=i.0&igu=i.1&igd=i.0&ird=i.0&g=i.0&vr=l.4.0.0.0.0&iga=i.0&iir=i.0&iub=i.0&imv=i.0&s=s.core&igf=i.0&rc=i.0&imu=i.1&prt=i.0&ica=i.0&ifv=i.0&e=i.1585699200&pr=l.4.0.0.0.0&vp=i.0&cav=i.0&iue=i.0&t=i.1&ira=i.0&ft=i.0&ier=i.0&iru=i.0
.nytimes.com/	1970-01-19 16:34:02	Name: nyt-jkidd Value: uid=0&lastRequest=1583306169244&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-19 07:49:52	Name: walley_gid Value: GA1.2.306864738.1583306169
.nytimes.com/	1970-01-20 01:19:38	Name: walley Value: GA1.2.151746725.1583306169
.nytimes.com/	1970-01-20 01:19:38	Name: __gads Value: ID=62b3448d975e4381:T=1583306169:S=ALNI_Ma0qYitQ9iryCcBJb_Iqybybl42-g
.nytimes.com/	1970-01-19 16:34:02	Name: nyt-purr Value: cfhhpnh
www.nytimes.com/	1970-01-19 07:48:27	Name: _cb_svref Value: http%3A%2F%2Fxwel.xyz%2F
.nytimes.com/	1970-01-19 07:48:47	Name: nyt-gdpr Value: 1
pay.google.com/	1970-01-19 08:31:38	Name: OTZ Value: 5350036_52_52_123900_48_436380
.nytimes.com/	1970-01-19 17:17:56	Name: purr-cache Value: <K0<r<C_<G_
.google.com/	1970-01-19 12:11:57	Name: NID Value: 199=Qc6BIO99Ktj5B-rY0PTpJq0kTytK2BChDKAK_Z0dJw8GtX3bRnNPlTv1FhdI63DMot-NwNPEKneeHfdNZrEWQV1SYRc9lawwexZZHlL1--eWiCbNRDAFNWhbGyUzwUxeDVGxy2_G_BIZeyebVrITIbl43Fq7CEQeSp-ZKlgMcBU

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 29) Message: Subscriptions Runtime: 0.1.22.95
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js(Line 1) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js(Line 6) Message: Invalid GPT size specification: []
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'defineSizeMapping' of null
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js(Line 6) Message: Invalid GPT size specification: []
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020030201.js(Line 6) Message: Invalid GPT size specification: []
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-d9338936524886deb17e.js(Line 1) Message: Service Worker: content is cached

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.nl
api-js.datadome.co
cdn.optimizely.com
cigsvc.nytimes.com
clients2.google.com
errors.client.optimizely.com
et.nytimes.com
g1.nyt.com
iteratehq.com
js.datadome.co
meter-svc.nytimes.com
mwcm.nytimes.com
news.google.com
nytimes.com
p.typekit.net
pagead2.googlesyndication.com
pay.google.com
payments.google.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
xwel.xyz
143.204.101.22
151.101.1.164
151.101.113.164
167.99.26.105
172.217.23.130
216.58.208.38
23.37.33.211
2600:9000:21f3:7000:18:1fcd:349:ca21
2606:4700:3032::6812:216c
2606:4700:3036::6812:206c
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2001
2a00:1450:4001:814::2013
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9b
2a00:1450:400c:c0a::5c
2a02:26f0:f1:191::13b8
3.225.50.203
34.227.153.53
35.241.35.241
52.22.52.90
52.59.16.172
02a2d97ea6f05058ccac1f186022fe41cf7d8e3d820883a22c8e55db67baf867
0476b9f4e1652de48e298e06f2c4d65ce15650b96798811e4d5fd3699334d35f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04d393f6c6313d588dbd262c8dffbb6c8e2ac1a91eb4ce9b96a595823ae1b46a
0e7538a51c25c7b83a187a12ae055d941a81a12fc70dd1edeb411f275693f59d
10ad3c36159d7efaa645110f07dba1553f7ce03452fb02ba1545fa6b5bd9b5d6
1274c34812544f3af0548092081681d85d38c164c6df3d489a66494bb38ad8aa
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
168f98a021fd84ea30e8da4401639c34f56af6a14ee93a3f88144525880a90c6
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
227bdf139a3bf9f7c2945b1015c9e25b43e5af3dfd77d9dca46ae79e01ea6e9b
229b7f5425a3ec9e48d27646aec6f562d4cef582762584135440ad874d433656
244d6f7fb2c90144ed282f16dc6fa7a47ea302bb415a05ff2e9a973b4da68903
27938a5a1f1f9b1907a512892cf969d7dad000fd7032e8bbe3baa3ed5b4265bd
2c4cecad1c8c0ff250579439976e672cc55a64923acfbbae77bca772f6955230
2f1854fe522e040274f3f7ff6099b5ad70baf11f08aa79e9481eaa4818a9d2f9
2f724783deda4d87d843c9c2768097ab367c5b87774ab3b8aee077dcd88a08f8
33770886eae66382614915e7d91a0b39d3f3b7a75f377795397ca2dba6c901e2
34cc802f53fe2668b8b1b9409514018262e45d868782036343c2f0e83a5fec93
366e4c8ace6dc121105fc314b7f16460c4b4104d9332df35dada900f13b73d94
3b7df8039da00c48c5cf0ca207eb9a4a03d362e17176171c9c2ba75fcfbd6ca2
3ddf90f1b1347fc3b25ec438499c75811b4992e51e3b9d24a4b2bf725e8af19e
3f28e673cbfe89a3a13563877fcf1b238b3fd6e446eac55c5dc260ae0b7393db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
485472da610eb5563536090f56a4d9ddd3431db0abc9029aebc277d2694b66d3
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4cd09d60664cdb2c7951f1561cfb8c2b54cacdc4df5a4de320b182dcaf20a5ba
4e0f32d4e30e0a6e969beef61ec0faff6051e64ddf950c08fb85b495811da9c2
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
5a76d6e60140dd84e8b240f210fde6737f5007f58000b50f4c3395424ab22435
5d0ce7898798bdf967a601cf37fb443c3b7f47c8f4e6be18e00f6a6888510aab
5fd0d7eeaa3e0910d9c2f341dc08041ca07118ff200078104700c06892c52647
632e001a2bb087b8352cb203c65f1a2b0e1eff4f5902cc50b8ea79fc3c91b10e
643a5f374bfa5f0c8d5184f7f43b07893bfdf419dec0e0c688a97ce9774404d5
66722bbae6b00aba39daf09445f9d984141b9a980c0a4d4c85e3ed32774fad36
6a26d2cec4c729e6f9a7608393eb6e1831b545cd1ad5d36e7123d88b3712e795
6e8a101ba679dcfb1c9a4958fa167a37ec119071fcbc8d7b2e8245e51a3302b4
7183c7c50e8cff0e4cb7344483d5f69ec786ef306383c7a3a2d2b1ced6a54b7f
725787c589300a6312f087835c7f93db2f0b36906cada7a6dc0bcefff3b46457
745cd78d254d001a46755c9620bcc45783131a4bf0362d44e05078fc3297f082
746d0e28e8c2d90701e3449f9d382be10b7c7916151c4c3cb5495d7b497c4122
80d1716eb4c8033ea42556da87690c2903fdf3490cddf15974002b0791fa37c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858292766479bd2d103d91a37dc1b75630c1a71752bd906734030b90dafe5fa5
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
91db50aacff019605bd6632a2e1a844cc662a3373af33a8fb4aff84eeb5abfc9
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
945014dcd60469e50bf03305fe4c18e28ef319f6b750b9be7d5894d7f54823fd
9570acee8a250de9c31f8f8a1d49cf3da870501cbbb03be10820f61573611ba7
a0b165f1c573dbbe6726db97a5d4a9c3d74a3d8e71c528c1cd057b92314a86be
a43bedf6f55ec114cc6274c90f19feecd05d875404b168167b1c62c8dcd41505
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
ad6f7c6a3d605237858956cd5788c2219ab9734132118de62197a3c68dd3a29c
ad8b645d5613015f69f9b913ac953103c9a37cce96f024e5634a3f11ebabe38a
b046910dcd0b84ccfbe9bfc84456758b27fdd632643ea2a7baa53409c09797dd
b92a9cd8f714ce5b96883a3eca69b09325119d23a99c08e81f805aaf3ec624b8
ba9ec260fb4b40815b7ad2282d0488622ef62f87777a78d25b0a3b1af7199cb7
c9b6109ebb33e991f5b3c7ce32ca1706e18741d0ddebfdef3f279b93617b26d8
cb59ff8622df48faf8b8c06bddee7e40309c16a9c0f5ab19a796505fecf3c263
cdf4bc477f4aa7b15e1e911bbcb38f48876001a8c70fa5a083d624e24bb6675f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d247b1d1593bd99f20a224e2dfeb16c6838906bd292589770ced6b4c6713d137
d279442edb49313137892ffd946d31db08b8980f8927e0802799da28d3290a69
d42e60fd52c55ff118b8bdedb7a2b6f842af7fdcfae8e1d586b5cd2ebda54720
d533a6958f89c2a9142bff2b06bc23a888ccea9165dbf7edb5cff9606f54fae1
d8e209582ff2bc0fc5e8de0f468859654f609cc88ce782f23e0d5c66190ec687
dbd88786bc26d8f74ca90d0fb57d7f6875eeaae3d4c3fae88a4424bfe725fa24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c404cc588c74675aaf3dcbe323860533a986b711147ce51683e2d96f20be5e
e7e9b14af4183931168dd45cf04af9411b40f2c9f61a8a6384ba5e3ad0d1a97b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ed8ab4b5ad016ad6b66cd70b80eebb79b8da7c98ad5e385a1ff45b8a9f70a141
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f734e3f571c4d8d7abedddf036063124002749f532a51e9d618f0facf952a247
fb71626a34be4f2c6159597e984a506ad6eeb622e927efc06629be1a0deaf944
fd5d68c2ad95c95fb7d7fec7b83cb486f928d224383d04e2c9940df5e5e368f4
fe500e6388080919e60c5dee6de8a63a263e4797ecfe5566c1288d9e22aad388
ffe2ef5ce19169f51b69f0dfdac122f402043b13afd7c65b2dab551ebf3b7629

www.nytimes.com Open in urlscan Pro 151.101.113.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

97 %HTTPS

60 %IPv6

17 Domains

40 Subdomains

27 IPs

5 Countries

4095 kBTransfer

7382 kBSize

25 Cookies

21 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.113.164 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

97 %
HTTPS

60 %
IPv6

17
Domains

40
Subdomains

27
IPs

5
Countries

4095 kB
Transfer

7382 kB
Size

25
Cookies

110 HTTP transactions
0 data transactions