www.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Submission: On July 31 via manual (July 31st 2021, 4:32:54 pm UTC) from US

Summary HTTP 136 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 14 domains to perform 136 HTTP transactions. The main IP is 151.101.13.164, located in Frankfurt am Main, Germany and belongs to FASTLY, US. The main domain is www.nytimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	151.101.13.164 151.101.13.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:287::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
28	2a00:1450:400... 2a00:1450:4001:82f::2013	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:219... 2600:9000:2190:e200:a:a8c5:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2013	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2013	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2 6	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:5600:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	52.50.64.214 52.50.64.214	16509 (AMAZON-02) (AMAZON-02)
1	34.206.194.65 34.206.194.65	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3032::ac43:c7c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3037::6815:24db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
136	27

49 151.101.13.164 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:e200:a:a8c5:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c7fb0afd9e56950a7d8a3a068c4c06fc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.166 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:5600:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.64.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-64-214.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.206.194.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-194-65.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:c7c7 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:24db (United States)

ASN13335 (CLOUDFLARENET, US)

iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	nytimes.com www.nytimes.com a.et.nytimes.com samizdat-graphql.nytimes.com myaccount.nytimes.com dd.nytimes.com meter-svc.nytimes.com purr.nytimes.com a.nytimes.com mwcm.nytimes.com	1 MB
27	nyt.com g1.nyt.com static01.nyt.com a1.nyt.com mwcm.nyt.com	648 KB
18	google.com news.google.com adservice.google.com play.google.com www.google.com	69 KB
11	doubleclick.net 2 redirects securepubads.g.doubleclick.net 5290727.fls.doubleclick.net	140 KB
6	googlesyndication.com c7fb0afd9e56950a7d8a3a068c4c06fc.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	37 KB
5	iteratehq.com platform.iteratehq.com iteratehq.com	271 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	130 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	50 KB
1	chartbeat.net pnytimes.chartbeat.net	201 B
1	adsrvr.org insight.adsrvr.org	261 B
1	chartbeat.com static.chartbeat.com	14 KB
1	google.fr adservice.google.fr	853 B
1	googletagmanager.com www.googletagmanager.com	88 KB
136	14

	Domain	Requested by
28	a.et.nytimes.com	www.nytimes.com
17	g1.nyt.com	www.nytimes.com g1.nyt.com mwcm.nyt.com
12	www.nytimes.com	www.nytimes.com
7	play.google.com	www.gstatic.com
7	news.google.com	www.nytimes.com news.google.com www.gstatic.com
6	5290727.fls.doubleclick.net	2 redirects www.googletagmanager.com www.nytimes.com
6	samizdat-graphql.nytimes.com	www.nytimes.com
6	static01.nyt.com	www.nytimes.com
5	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net
4	www.gstatic.com	news.google.com www.gstatic.com
3	mwcm.nyt.com	www.nytimes.com
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
3	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	iteratehq.com	platform.iteratehq.com
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	a.nytimes.com	www.nytimes.com mwcm.nyt.com
2	dd.nytimes.com	www.nytimes.com dd.nytimes.com
1	www.google.com	tpc.googlesyndication.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	fonts.gstatic.com	news.google.com
1	c7fb0afd9e56950a7d8a3a068c4c06fc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.fr	securepubads.g.doubleclick.net
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	www.nytimes.com
1	www.googletagmanager.com	www.nytimes.com
136	34

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.facebook.com
api.whatsapp.com
twitter.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com
nytimes.com

Subject Issuer	Validity	Valid
nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-03` - `2022-04-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
a.et.nytimes.com GTS CA 1D4	`2021-06-03` - `2021-09-01`	3 months	crt.sh
*.news.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-04` - `2022-04-03`	a year	crt.sh
purr.nytimes.com GTS CA 1D4	`2021-07-27` - `2021-10-25`	3 months	crt.sh
a.nytimes.com GTS CA 1D4	`2021-07-18` - `2021-10-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Frame ID: 4439801CB7B8825E56F64DC49FFC7D18
Requests: 105 HTTP requests in this frame

Frame: https://static01.nyt.com/ads/tpc-check.html
Frame ID: 9E0257FDD368E7D4083D0AA00A074C33
Requests: 1 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 1295A37FAC29D06F6AD0704D3AE17518
Requests: 3 HTTP requests in this frame

Frame: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452152
Frame ID: 27D5F2A9C4AE3C4CAC82548160066D5D
Requests: 12 HTTP requests in this frame

Frame: https://c7fb0afd9e56950a7d8a3a068c4c06fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0E3A99B41668984FA8EF4AE02125F898
Requests: 1 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html
Frame ID: 932C36542F3C46E2B360F920F4E96112
Requests: 2 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html
Frame ID: 9BC57A692C335C7F34F7A8F303873943
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B6D3F25D2847FA46C4CA6CF29322BA1C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 78E9B0E16C23D0B088CD03D6464C790C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i

Fastly (CDN) Expand

Overall confidence: 100%
Detected patterns

headers vary /Fastly-SSL/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

136
Requests

100 %
HTTPS

78 %
IPv6

14
Domains

34
Subdomains

27
IPs

3
Countries

2533 kB
Transfer

7631 kB
Size

25
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fmultiproduct%2Flp8KQUS.html%3FcampaignId%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2021%252F05%252F10%252Fus%252Fpolitics%252Fpipeline-hack-darkside.html&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=9869919170&link=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html%3Fsmid%3Dfb-share&name=F.B.I.%20Identifies%20Group%20Behind%20Pipeline%20Hack&redirect_uri=https%3A%2F%2Fwww.facebook.com%2F

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=F.B.I.%20Identifies%20Group%20Behind%20Pipeline%20Hack%20https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html%3Fsmid%3Dwa-share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html%3Fsmid%3Dtw-share&text=F.B.I.%20Identifies%20Group%20Behind%20Pipeline%20Hack

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2021 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: http://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://myaccount.nytimes.com/get-started?o=1281e5fc-d028-11ea-a072-340cee6a52b6&campaignId=9WJRH
Title: SUBSCRIBE NOW

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale#cancel
Title: Cancellation and Refund Policy

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us?redir=myacc
Title: Feedback

Search URL Search Domain Scan URL

URL: https://nytimes.com/cookie-policy
Title: view our Cookie Policy.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html

Request Chain 118

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html

136 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pipeline-hack-darkside.html Show response
www.nytimes.com/2021/05/10/us/politics/ 402 KB
85 KB 277ms
214ms Document
text/html 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ddf51810a00b4c263a381af609a93c115c0169e08819dd88c5f182c717e4531f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.nytimes.com
:scheme: https
:path: /2021/05/10/us/politics/pipeline-hack-darkside.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
content-type: text/html; charset=utf-8
x-nyt-data-last-modified: Sat, 31 Jul 2021 15:33:52 GMT
last-modified: Sat, 31 Jul 2021 15:33:52 GMT
x-scoop-last-modified: 2021-05-14T21:56:49.109Z
x-pagetype: vi-story
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
cache-control: s-maxage=300,no-cache
x-nyt-route: vi-story
x-datadome-timer: S1627745887.535301,VS0,VE175
x-origin-time: 2021-07-31 15:38:06 UTC
fastly-restarts: 1
accept-ranges: bytes
date: Sat, 31 Jul 2021 16:32:34 GMT
age: 3521
x-served-by: cache-lga21950-LGA, cache-fra19134-FRA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1627749155.593380,VS0,VE177
vary: Accept-Encoding, Fastly-SSL
set-cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; Expires=Sun, 31 Jul 2022 16:32:34 GMT; Path=/; Domain=.nytimes.com; SameSite=none; Secure nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:34 GMT; Path=/; Domain=.nytimes.com nyt-purr=cfhspnahhud; Expires=Sun, 31 Jul 2022 16:32:34 GMT; Path=/; Domain=.nytimes.com; SameSite=Lax; Secure nyt-us=0; Expires=Sat, 31 Jul 2021 22:32:34 GMT; Path=/; Domain=.nytimes.com nyt-geo=FR; Expires=Sat, 31 Jul 2021 22:32:34 GMT; Path=/; Domain=.nytimes.com nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079; Path=/; Domain=.nytimes.com; SameSite=none; Secure
x-gdpr: 1
x-frame-options: DENY
onion-location: https://www.nytimes3xbfgragh.onion/2021/05/10/us/politics/pipeline-hack-darkside.html
x-api-version: F-F-VI
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security: max-age=63072000; preload
content-length: 85545

GET
H2 200 web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
g1.nyt.com/fonts/css/ 60 KB
10 KB 36ms
34ms Stylesheet
text/css 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=i0q+3Q==, md5=Gy5SJh6FIQsSa1B2q6k1mw==
date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 4465524
x-guploader-uploadid: ABg5-UyBp8dD7jijPXIyd6RzettY1GKD33NP3qnIdhMXY9G6YI9PPOR6oiFF1Hnu1DuGHNpeSqg44ErSMMjJCZLEBTlHBu3i8Q
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9775
via: 1.1 varnish
x-served-by: cache-fra19134-FRA
accept-ranges: bytes
expires: Fri, 10 Jun 2022 00:07:09 GMT
last-modified: Tue, 06 Apr 2021 21:11:51 GMT
server: UploadServer
x-timer: S1627749155.810008,VS0,VE0
etag: "1b2e52261e85210b126b5076aba9359b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511910294
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9775
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 3015

GET
H2 200 global-69acc7c8fb6a313ed7e8641e4a88bf30.css
www.nytimes.com/vi-assets/static-assets/ 5 KB
3 KB 34ms
34ms Stylesheet
text/css 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=xVtu/Q== md5=8t/i0xcrDEvURwPHlq+SQg==
date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: gzip
x-api-version: F-X
age: 10512508
x-guploader-uploadid: ABg5-UytxFr3P7VcSwK9Sxuk5C3Ai3EIze1BL19ZPQ-ghZiBF7zm0BL8RKq2l1zWQVXfA1nNUyWMO-t2pISoUP7S0mY
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-04-01 00:24:06 UTC
content-length: 1832
x-served-by: cache-fra19134-FRA
last-modified: Wed, 31 Mar 2021 22:46:44 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749155.809006,VS0,VE1
etag: "f2dfe2d3172b0c4bd44703c796af9242"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/global-69acc7c8fb6a313ed7e8641e4a88bf30.css
x-goog-generation: 1617123655801043
expires: Fri, 01 Apr 2022 00:24:06 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 4669
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:34 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-cache-hits: 2622

GET
H2 200 adslot-056295f9b9acc30e6bb8.js Show response
www.nytimes.com/vi-assets/static-assets/ 19 KB
7 KB 29ms
29ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-056295f9b9acc30e6bb8.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d3c96c3a486dc7dbf277a94123ba4572ed04081dfeb6944e3a3a691f40dafa8f

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/adslot-056295f9b9acc30e6bb8.js
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=u9OpmQ== md5=QnYfKzI9prSj4yx0u01adg==
date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: gzip
x-api-version: F-X
age: 1459233
x-guploader-uploadid: ADPycdvzxVe4ka0tyr3gbVWExj53DcOAgw6Hqy0QusBERhaxp4NWVq9bG1m9q7gX7UIb9RPRiDkzkVVh8iYE0IRdewHgUnjDjQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-07-14 19:12:28 UTC
content-length: 6625
x-served-by: cache-fra19134-FRA
last-modified: Wed, 14 Jul 2021 18:50:57 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749155.846565,VS0,VE1
etag: "42761f2b323da6b4a3e32c74bb4d5a76"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/adslot-056295f9b9acc30e6bb8.js
x-goog-generation: 1626288657245840
expires: Thu, 14 Jul 2022 19:12:02 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 19043
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:34 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3026

GET
H2 200 merlin_187565448_aaf65d85-adc5-408a-8bf0-aabef755521b-jumbo.jpg
static01.nyt.com/images/2021/05/10/us/politics/10dc-darkside/ 43 KB
44 KB 125ms
122ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/05/10/us/politics/10dc-darkside/merlin_187565448_aaf65d85-adc5-408a-8bf0-aabef755521b-jumbo.jpg?quality=90&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ca531b0d5c7639183f0847835b179bf988c8f037e5e2d2c937c6775f86b5e567

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 203638
x-guploader-uploadid: ADPycdtXJwb3F24mU6ntCOuJb36_J-Zpi1VraFCLPVuj576tYXPZNowy9sKdKq6wGL8-ns3BIA4dymmrTrfNU5K622Q
x-cache: HIT, MISS
fastly-io-info: ifsz=70212 idim=1024x642 ifmt=jpeg ofsz=44008 odim=1024x642 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 44008
x-served-by: cache-bwi5167-BWI, cache-fra19134-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1627749155.933441,VS0,VE93
etag: "0XvQkOoLCe8VIqkqYrf7AEJX51UpLzbaxwy5iUkWS64"
vary: Accept
x-goog-hash: crc32c=typ9ow==, md5=nsvf8Npk7WeLPIaWlN734g==
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 29 Jul 2021 07:58:37 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 author-david-e-sanger-thumbLarge.png
static01.nyt.com/images/2018/10/03/multimedia/author-david-e-sanger/ 22 KB
22 KB 55ms
52ms Image
image/png 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2018/10/03/multimedia/author-david-e-sanger/author-david-e-sanger-thumbLarge.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fbd00f0cb2bcd19c938952158fec5ee30bc1d1121471c95c12ee0ab3f9293a8c

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:34 GMT
via: 1.1 varnish, 1.1 varnish
age: 458577
x-guploader-uploadid: ADPycdtJ2SkQypuR972keSQWvudAmFuDzJhJZHAzGfaJR_lU9O_1IvSHViVN-s9ZptUICPy9aksCX1RHHXK-EFYeiulkDb1Owg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 22498
x-served-by: cache-bwi5150-BWI, cache-fra19134-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Wed, 03 Oct 2018 14:17:19 GMT
server: UploadServer
x-timer: S1627749155.933436,VS0,VE1
etag: "7cff22ce222a747df1a3ebdc74cd719b"
vary: Origin
x-goog-hash: crc32c=nAb5PQ==, md5=fP8iziIqdH3xo+vcdM1xmw==
content-type: image/png
access-control-allow-origin: *
expires: Mon, 19 Jul 2021 09:08:09 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 author-nicole-perlroth-thumbLarge.jpg
static01.nyt.com/images/2018/02/20/multimedia/author-nicole-perlroth/ 8 KB
8 KB 55ms
52ms Image
image/jpeg 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2018/02/20/multimedia/author-nicole-perlroth/author-nicole-perlroth-thumbLarge.jpg
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a13d866948dfb0530a96b50183e8de5c973a0d870192ac9ab2a90bbb44d6969b

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:34 GMT
via: 1.1 varnish, 1.1 varnish
age: 204800
x-guploader-uploadid: ADPycdt2KunJxqvgSgY6xAAzWBzi97-OgDY25eCk4DC1XxkMT-k4JLZfP0Bmktv2g_hbvJw3Xxu6gzEk0-SlTI_WE7YoWvFgtg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 8178
x-served-by: cache-bwi5150-BWI, cache-fra19134-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
last-modified: Tue, 20 Feb 2018 18:26:15 GMT
server: UploadServer
x-timer: S1627749155.933699,VS0,VE1
etag: "bcf9bbfa89d71e0d52740a25f0a40430"
vary: Origin
x-goog-hash: crc32c=4XqVGw==, md5=vPm7+onXHg1SdAol8KQEMA==
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 29 Jul 2021 07:39:14 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 1

GET
H2 200 build.js Show response
static01.nyt.com/newsgraphics/2020/09/24/styln-elections-signup-module/01d7508fbfd18290970b799b13d1c75fc1f726c7/ 140 KB
44 KB 140ms
139ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/newsgraphics/2020/09/24/styln-elections-signup-module/01d7508fbfd18290970b799b13d1c75fc1f726c7/build.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fbfb65fcdad969b2d3a6c49382d8d381f845a9d9d308ecb78d06b5b69dc86f04

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: gzip
age: 4
x-guploader-uploadid: ADPycdv3R6IKBFVYERSkujYq5VNRucnD4BIwSY0LveUwNhptcfXALVoq_PTUJnG28doSliUgdhh6T-4AepgtSmZaa12njAzRpQ
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 44352
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5157-BWI, cache-fra19134-FRA
x-nyt-gcs-bucket: nytint-prd-newsgraphics
last-modified: Fri, 23 Jul 2021 10:02:34 GMT
server: UploadServer
x-timer: S1627749155.847024,VS0,VE91
etag: "b5bc22a7848c25cb4d058244eef04188"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=i+z5Cg==, md5=tbwip4SMJctNBYJE7vBBiA==
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 23 Jul 2021 10:02:49 GMT
cache-control: max-age=5
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 vendor-4e5f92a69cb7257dff0c.js Show response
www.nytimes.com/vi-assets/static-assets/ 269 KB
82 KB 43ms
41ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-4e5f92a69cb7257dff0c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ba9612d33390d26a1ff5a343298d11a65b81ae884eb4380a034662552de56aa4

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendor-4e5f92a69cb7257dff0c.js
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=NaYW8g== md5=vX2ySPBiL4DMAK5bF4i7kQ==
date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: gzip
x-api-version: F-X
age: 163340
x-guploader-uploadid: ADPycdtYxTXX5Hy48nt3he0e9yqi6AtpPbl6rR_igNaJVws_i3QIQaZvvYJ31PoQE3TFknP-q9v8s4AHWJllo80tymQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-07-29 19:10:14 UTC
content-length: 83861
x-served-by: cache-fra19134-FRA
last-modified: Thu, 29 Jul 2021 19:00:53 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749155.933682,VS0,VE0
etag: "bd7db248f0622f80cc00ae5b1788bb91"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendor-4e5f92a69cb7257dff0c.js
x-goog-generation: 1627585252871782
expires: Fri, 29 Jul 2022 19:10:14 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 275701
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:34 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3092

GET
H2 200 story-32c3806b9cc790e5efc0.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
281 KB 32ms
30ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-32c3806b9cc790e5efc0.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7090ec72d229fdd7558a03e078c0ef6200fdc2feef6431643a27e15ea9aebd6a

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/story-32c3806b9cc790e5efc0.js
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=YRWDVg== md5=hWbfasHbTIKiH1/huUPwIg==
date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: gzip
x-api-version: F-X
age: 87028
x-guploader-uploadid: ADPycdtGf7nD8akB0FVVNPvrMiZnL9PhYDjbBy0OY9H716RNqwTI-f9MyS1KQrkQu-o8ANSHpXoQm-khjonjY7h5LFrXBOMRRg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-07-30 16:22:43 UTC
content-length: 287651
x-served-by: cache-fra19134-FRA
last-modified: Fri, 30 Jul 2021 16:07:47 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749155.933664,VS0,VE1
etag: "8566df6ac1db4c82a21f5fe1b943f022"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/story-32c3806b9cc790e5efc0.js
x-goog-generation: 1627661267181713
expires: Sat, 30 Jul 2022 16:22:07 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1073805
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:34 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3

GET
H2 200 main-e5c45c4f02c48912a54d.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
357 KB 42ms
40ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fc9afe394f66ab7590d2e8b318b3c1cf084e794bee1632afda901fd88c78c8fc

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=Qpgk5g== md5=yzSQN+fv7Fd6cs6WLcD7kQ==
date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: gzip
x-api-version: F-X
age: 176241
x-guploader-uploadid: ADPycdv8U9gk7l69uMHb4LcQZxfSm98wiRV76w1jAPAuFwRq2VpHAAiDxQoZL2Y1CqbIirwj8WIBkTLuHjxpcusb6ik
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-07-29 15:35:13 UTC
content-length: 364412
x-served-by: cache-fra19134-FRA
last-modified: Thu, 29 Jul 2021 15:21:42 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749155.933649,VS0,VE1
etag: "cb349037e7efec577a72ce962dc0fb91"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
x-goog-generation: 1627572102668921
expires: Fri, 29 Jul 2022 15:35:13 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1255542
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:34 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 339 KB
88 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba22e81cc5380a90767ec6dcc9ffb9b34b52d386eafa93411a2479df3a0db16e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89963
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 23ms
7ms Script
application/javascript 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: br
last-modified: Tue, 13 Jul 2021 11:27:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ 0
0 123ms
103ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
732 B 128ms
127ms XHR
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-86ef9ef /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

x-samizdat-query-sup-code
date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 0
x-cache: MISS
samizdat-x-instance: 0ec393f1
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: ec0b9233819a4b82
content-length: 123
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: IDF
server: samizdat-graphql-86ef9ef
x-timer: S1627749155.233431,VS0,VE98
x-nyt-continent: EU
x-served-by: cache-fra19134-FRA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: FR
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 150 KB
45 KB 270ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f4727f91ecc6b3c13c28d39675aaf9b82d846c20d72b8c35209b975d037d52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45575
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 20:26:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Jul 2021 16:51:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 308ms
38ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

5d0e7f6403125d05407581b80cf26d7a3386d3838cfd000307ef6753828f1863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "944 / 425 of 1000 / last-modified: 1627683221"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24678
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:32:35 GMT

GET
H2 200 icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg
www.nytimes.com/vi-assets/static-assets/ 1 KB
2 KB 45ms
44ms Image
image/svg+xml 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nytimes.com/vi-assets/static-assets/icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4d41bce1e64d901b708a2f246cad8321f5a4a1053fb2558d255ee91e7b80ce97

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XAhLHA== md5=Qcod3bJg4I7ENkgcbF3X5w==
date: Sat, 31 Jul 2021 16:32:34 GMT
content-encoding: gzip
x-api-version: F-X
age: 1615841
x-guploader-uploadid: ADPycduVC7nOk49eFZPlEO49QmRyWKEeto-bSG8UTH70MI6mKoiMu5FS0FWdSP5jEcerXjHggNZSoo8R9B1YdFKDzjg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-07-12 23:41:53 UTC
content-length: 624
x-served-by: cache-fra19134-FRA
last-modified: Mon, 12 Jul 2021 21:42:10 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749155.942329,VS0,VE1
etag: "41ca1dddb260e08ec436481c6c5dd7e7"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/icon-whatsapp-17x17-000-b100d38495ee541e2e4f30bcaf9bfe0c.svg
x-goog-generation: 1625612770660410
expires: Tue, 12 Jul 2022 23:41:53 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 1187
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:34 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1801

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 289ms
28ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
content-type: font/woff2
age: 21846031
x-guploader-uploadid: ABg5-Uz9nK6_2w5K-0GerMzlnNTbgOC1LOM1ZTMIt8N3zRK0mAlX9ToqD61L94PzercVqaEUUbUnKL9TZPwavvCOYrA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Sat, 20 Nov 2021 20:12:03 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1627749155.202538,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921495212
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2981

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 306ms
46ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4467083
x-guploader-uploadid: ABg5-Uz1w0HYKtR8mLA5O7hQjvz12IBZm859sKOVfV3WIMC-t6oXkCdugzQ8Vh-S5jn9WNg11uRK103ko9m1gua8wg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Thu, 09 Jun 2022 23:41:11 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1627749155.202599,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513200253
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2964

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 315ms
55ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4550547
x-guploader-uploadid: ABg5-UzcG53XPnLIWEjqD8pMltXGTOHp6zGhDj-er32BqqgFtfQRVL-ogkRXlN7HLCRiqngHCoPFotwKDO3zWL7Wy3gPy-gXXw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Thu, 09 Jun 2022 00:30:06 GMT
last-modified: Tue, 06 Apr 2021 21:11:52 GMT
server: UploadServer
x-timer: S1627749155.202657,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511931481
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2211

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 315ms
55ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4467151
x-guploader-uploadid: ABg5-Uy_fZlZjm6oSIOnQi6n0dFPfImsC2nYBOeGwpNWndM_Geyzd-M8ousOMQ1l3EW1SuO-4pGk_toyghDh9KNebPo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Thu, 09 Jun 2022 23:40:03 GMT
last-modified: Tue, 06 Apr 2021 21:11:52 GMT
server: UploadServer
x-timer: S1627749155.202715,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743512330182
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1699

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 315ms
55ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4464592
x-guploader-uploadid: ABg5-Uzkoe8MeBHd6DwpPeKGvw9FMAr2KfZTs1Z77WsrLuWADt9oF3ENtUxNssZ_leUqyrnp3Kn1ZTVeurNBUzLRFBoRIsV79A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Fri, 10 Jun 2022 00:22:43 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1627749155.202809,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513093190
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2807

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 346ms
86ms Font
application/octet-stream 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 220642
x-guploader-uploadid: ADPycdvnBO-MhQ11arq3bPBybpQK5OymxDr1A6Tow7qR6ghlOo6LigDT-AwC8Z45fHVAEJ4LkUbnz_kId28-IbU00vo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Fri, 29 Jul 2022 03:15:13 GMT
last-modified: Wed, 21 Jul 2021 17:23:53 GMT
server: UploadServer
x-timer: S1627749155.203174,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1626888233270606
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1446

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 346ms
86ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
content-type: font/woff2
age: 1613260
x-guploader-uploadid: ADPycdtY639MY2Qnoe_eSfe_NrVxO5U0RKcQOAo6zJiJVA9MsB2vZNmfHC27jSIFipAJi1vSdx3YOEsZJERT59cT0szNS0Xq1Q
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Wed, 13 Jul 2022 00:24:54 GMT
last-modified: Tue, 06 Apr 2021 21:11:52 GMT
server: UploadServer
x-timer: S1627749155.203141,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511893367
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1796

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 340ms
81ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4462456
x-guploader-uploadid: ABg5-Uz3hE8t7c7KmBAPaa9SFjDOLTRqROzLa__9wr3zN8V5NVQVhY3Y8FLTTFTOPGqoE8SQ-1jh0U4weO-DT15uiEzm9-uuSA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Fri, 10 Jun 2022 00:58:17 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1627749155.203158,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513818473
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2578

GET
H2 200 tpc-check.html Show response
static01.nyt.com/ads/ Frame 9E02 1 KB
942 B 29ms
29ms Document
text/html 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static01.nyt.com/ads/tpc-check.html
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a948a4464f5fd459e65b35799dc65da324e59d9f307e12c51a34471186631d3e

Request headers

:method: GET
:authority: static01.nyt.com
:scheme: https
:path: /ads/tpc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

x-guploader-uploadid: ADPycdtxKLLtOmJjIiy7CLGU3CJRsez7mlKVSJAP8MqyBs7iJaE2LFBq2wzqonAA7KGSQsxmQiYTEY3ctM_u97-aiZuvwOvXjg
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
expires: Thu, 22 Jul 2021 09:05:14 GMT
last-modified: Wed, 03 Apr 2019 14:30:57 GMT
etag: "598d685c63f68aaefa1f7c474e83327c"
content-type: text/html
x-goog-hash: crc32c=4YnpCQ== md5=WY1oXGP2iq76H3xHToMyfA==
x-goog-storage-class: REGIONAL
access-control-allow-origin: *
server: UploadServer
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-nyt-gcs-bucket: nyt-ads-static-assets
accept-ranges: bytes
date: Sat, 31 Jul 2021 16:32:35 GMT
age: 199641
x-served-by: cache-bwi5163-BWI, cache-fra19134-FRA
x-cache: HIT, HIT
x-cache-hits: 2, 1747
x-timer: S1627749155.188440,VS0,VE0
vary: Accept-Encoding
timing-allow-origin: *
content-length: 550

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 1295 393 B
700 B 31ms
29ms Document
text/html 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend / Express

Resource Hash

e8cd71d015bba6cf5c7f2d86dc88125e2a98673722cd26e0bee6386402b07fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: myaccount.nytimes.com
:scheme: https
:path: /auth/prefetch-assets
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
x-powered-by: Express
x-datadog-trace-id: 3810386137583317044
x-datadog-parent-id: 3810386137583317044
x-datadog-sampled: 0
x-datadog-sampling-priority: -1
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=600
x-nyt-backend: lire-ui
etag: W/"189-xBupAVtXSYROURiKO9bk3xu0ByA"
content-encoding: gzip
x-cloud-trace-context: 30673caf565e4bd3762609fddd489abe
server: Google Frontend
x-datadome-timer: (null),VE118
accept-ranges: bytes
date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
age: 197
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
x-api-version: F-X
content-length: 278

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 50 B
322 B 97ms
49ms XHR
application/json 2a02:26f0:6c00:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=www.nytimes.com&t=5425831&v=1.720.0&sl=0&si=acfd3d70-7d8f-4202-a4b2-6a32e36da30d-qx4bab&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: be02a900b9ca948ecd29a75a7f01aff05abbc7d3cfe7b90ee63dcaadb86cf2a7

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 31 Jul 2021 16:32:35 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50
Content-Type: application/json

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 308ms
29ms Preflight 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-86ef9ef /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-86ef9ef
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 31 Jul 2021 16:32:35 GMT
age: 20
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: FR
x-nyt-region: IDF
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: baa3d4ca3ee81943
samizdat-x-instance: b2c7cd26
samizdat-x-canary: false
x-served-by: cache-fra19129-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1627749155.203033,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-e7f60894dcac5b5b6b26.js Show response
www.nytimes.com/vi-assets/static-assets/ 72 KB
14 KB 31ms
30ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-e7f60894dcac5b5b6b26.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

10a49331ae39d37824344d3c4ba6106209852354bfd21006239f7991f154d430

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-e7f60894dcac5b5b6b26.js
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=+T0OFQ== md5=LiODNkfWdLKJcitcN7maqQ==
date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 1910247
x-guploader-uploadid: ADPycduunaBBEiqhhN2jXMyrVNtPKxGWT2-B4DKEoGzTcQiXNR7hYdEjXLWOzu_3a2SBGzfrTO223FWb-w57BfR1A_c
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-07-09 13:55:07 UTC
content-length: 14264
x-served-by: cache-fra19134-FRA
last-modified: Thu, 08 Jul 2021 23:03:30 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749155.301177,VS0,VE1
etag: "2e23833647d674b289722b5c37b99aa9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~slidesho~b1468c2d-e7f60894dcac5b5b6b26.js
x-goog-generation: 1625785410297272
expires: Sat, 09 Jul 2022 13:55:07 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 74005
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:35 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2877

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cc1ad013eea78605c3b2.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
6 KB 31ms
31ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cc1ad013eea78605c3b2.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

72bccc629b7765fde0b892cb0ddf7fe3f90894256ba05297b4227e0af6139dd9

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cc1ad013eea78605c3b2.js
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=BfZyjg== md5=yt6csH9Cb7zyhLn9Q/AiLA==
date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 825873
x-guploader-uploadid: ADPycdu7C4pEqySc_DZCDFwziRo842BfdbREFYAWJLvXhLfNW4V4XZs-q264QjVBvbt6A_DCRrvVszr4FZ8HcmW48dQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-07-22 03:08:01 UTC
content-length: 5010
x-served-by: cache-fra19134-FRA
last-modified: Thu, 22 Jul 2021 01:03:40 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749155.301183,VS0,VE1
etag: "cade9cb07f426fbcf284b9fd43f0222c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~trending~video-cc1ad013eea78605c3b2.js
x-goog-generation: 1626915820116440
expires: Fri, 22 Jul 2022 03:08:01 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 21996
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:35 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2857

GET
H2 200 vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-429ea4066210bacbd384.js Show response
www.nytimes.com/vi-assets/static-assets/ 35 KB
7 KB 30ms
30ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-429ea4066210bacbd384.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6c21f4dce31457221690de305c484ec6ed8d1dff84a8cc2843c610bf0e7cc8e2

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-429ea4066210bacbd384.js
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=6ewfGQ== md5=IBmnPc2HbhhZfcAGtQFw1Q==
date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 5095910
x-guploader-uploadid: ABg5-UzA_3CA7qD5roNg0S-qhbCBCRFpu1SOVgHFFhwj0SL3qekJW6poVB7ntoDsPRluvmlFFpDFXWduukcZMaX15S8
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-06-02 17:00:46 UTC
content-length: 6531
x-served-by: cache-fra19134-FRA
last-modified: Wed, 02 Jun 2021 16:54:00 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749155.301269,VS0,VE1
etag: "2019a73dcd876e18597dc006b50170d5"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/vendors~audio~capsule~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~video-429ea4066210bacbd384.js
x-goog-generation: 1622652840468496
expires: Thu, 02 Jun 2022 17:00:46 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 35391
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:35 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2746

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e4a23aabda94a886477bcb9b8e5bed6038f0104bd3022a18abd100d7d366f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6428
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 18:22:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Jul 2021 17:02:48 GMT

GET
H3-29 200 serviceiframe Show response
news.google.com/swg/_/ui/v1/ Frame 27D5 23 KB
7 KB 73ms
65ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/ui/v1/serviceiframe?_=452152

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9788fd1c9088a019322cfa012287884eb7c2b1c9c3c41165da75887fb85b8014

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-h35QhtuFbR1i6Mbipn5PJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-h35QhtuFbR1i6Mbipn5PJQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: news.google.com
:scheme: https
:path: /swg/_/ui/v1/serviceiframe?_=452152
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 31 Jul 2021 16:32:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-h35QhtuFbR1i6Mbipn5PJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'nonce-h35QhtuFbR1i6Mbipn5PJQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com;report-uri /_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=220=nyVK2rJnn8nJITJ96BvLnZFInNiqdqbGLq7V9TTvbYcBjJo7dfLGxIw5RgUOkoL5IKEBgp4pUrux34Wp0rPqcPOgE69LWVWdF63xcJv8NOg3CAXtwx8VU2K7w5Y1iFOuxzb-cgDX0XV0jInDXCFCQaQvOjICyBKY8HMF4cxTswg; expires=Sun, 30-Jan-2022 16:32:35 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 14ms
7ms Other
image/svg+xml 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1145
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Jul 2021 17:03:30 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 127ms
126ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 tags.js Show response
dd.nytimes.com/ 231 KB
35 KB 66ms
13ms Script
text/javascript 2600:9000:2190:e200:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:e200:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

f6b5ddc10d0f9b4c3f6449b88a5b7601beb45ab5162009e157a7ee5574272f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 15:44:51 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2864
x-cache: Hit from cloudfront
content-length: 35069
access-control-allow-origin: *
last-modified: Fri, 09 Jul 2021 13:43:31 GMT
server: Apache
etag: "39b38-5c6b0f5119638-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-amz-cf-id: 2ut2LDafZnRN8IYQyZkAE2gOS1XyPj_vYO81hi4jliOiW0se0rkkGA==
expires: Sat, 31 Jul 2021 16:44:51 GMT

GET
H3-29 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/nytimes.com/ 2 B
56 B 80ms
80ms Fetch
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/nytimes.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021072801.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
113 KB 75ms
36ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Jul 2021 08:38:40 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115904
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:32:35 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
354 B 74ms
37ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

6bd7d10232af2833a94e7253b24a72c60a81ba1bef4cedb99e97a23059b20fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:32:35 GMT

GET
H2 200 index.js Show response
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 1295 2 KB
2 KB 30ms
29ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6

Request headers

Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 varnish
x-api-version: F-X
age: 481
x-cache: HIT
x-cache-hits: 3
content-length: 2076
x-served-by: cache-fra19134-FRA
server: Google Frontend
etag: "rsy7qQ"
content-type: application/javascript
x-cloud-trace-context: a6fcab2f9c7736b85431a1b58284a7a9
cache-control: public, max-age=600
x-datadome-timer: (null),VE133
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Tue, 27 Jul 2021 16:17:17 GMT

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 1295 393 KB
133 KB 31ms
30ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=7f05129
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f19b9f81b3d1bbe85c88f609e4b5249a28e0318ecb6a2d3f1fb5049ea9fc35a2

Request headers

Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 196
x-cache: HIT
x-cache-hits: 2
content-length: 135929
x-served-by: cache-fra19134-FRA
server: Google Frontend
etag: "rsy7qQ"
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: e8c1fc7b2029f22f87e1ae660c6c56c9;o=1
cache-control: public, max-age=600
x-datadome-timer: (null),VE628
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Tue, 27 Jul 2021 16:15:10 GMT

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 30ms
30ms Preflight 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-86ef9ef /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-86ef9ef
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 31 Jul 2021 16:32:35 GMT
age: 20
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: FR
x-nyt-region: IDF
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: baac2f1caa949b16
samizdat-x-instance: b2c7cd26
samizdat-x-canary: false
x-served-by: cache-fra19129-FRA
x-cache: HIT
x-cache-hits: 2
x-timer: S1627749156.848566,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 29ms
28ms Preflight 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-86ef9ef /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: max-age=30
access-control-allow-methods: GET, POST
access-control-max-age: 300
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-origin: https://www.nytimes.com
server: samizdat-graphql-86ef9ef
access-control-allow-credentials: true
via: 1.1 google, 1.1 varnish
accept-ranges: bytes
date: Sat, 31 Jul 2021 16:32:35 GMT
age: 20
x-nyt-meridiem: PM
x-nyt-continent: EU
x-nyt-country: FR
x-nyt-region: IDF
x-nyt-audience-target-flat: EU:PM
x-samizdat-query-exe-id: 958be3348ae3c1f5
samizdat-x-instance: b2c7cd26
samizdat-x-canary: false
x-served-by: cache-fra19129-FRA
x-cache: HIT
x-cache-hits: 3
x-timer: S1627749156.895585,VS0,VE0
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
timing-allow-origin: *
content-length: 0

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 649 B
1 KB 236ms
184ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&pageviewID=dozJvUQO_g4cq-VSR129C6zr
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: b19809e417235390879d70a01816f56bbc21145463e82e2b1370e71a2dedca1a

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:35 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: clear
content-length: 649

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
667 B 139ms
138ms XHR
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-86ef9ef /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type: project-vi
content-type: application/json

Response headers

x-samizdat-query-sup-code
date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-nyt-meridiem: PM
age: 0
x-cache: MISS
samizdat-x-instance: faea1171
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: c151ae3658774af2
content-length: 77
samizdat-x-canary: false
access-control-allow-origin: https://www.nytimes.com
x-nyt-region: IDF
server: samizdat-graphql-86ef9ef
x-timer: S1627749156.885330,VS0,VE104
x-nyt-continent: EU
x-served-by: cache-fra19134-FRA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
access-control-allow-credentials: true
x-nyt-country: FR
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 42 KB
7 KB 1713ms
1712ms XHR
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: samizdat-graphql-86ef9ef /
Resource Hash: 755f8ae0f2201f5d0e63c5d3eef7baa1119089de1f1dec534533f0b3900b1644

Request headers

accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
nyt-app-type: project-vi
content-type: application/json

Response headers

x-samizdat-query-sup-code
date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: gzip
x-nyt-meridiem: PM
x-cache: MISS
samizdat-x-instance: 35a75857
x-samizdat-query-field-errors: 0
x-cache-hits: 0
x-samizdat-query-exe-id: 7cf7356033648cab
via: 1.1 google, 1.1 varnish
samizdat-x-canary: false
x-nyt-region: IDF
last-modified: Sat, 31 Jul 2021 16:32:36 GMT
server: samizdat-graphql-86ef9ef
x-timer: S1627749156.925477,VS0,VE1684
x-nyt-continent: EU
x-served-by: cache-fra19134-FRA
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: FR
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-36c4028f98e9ddabc93d.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
16 KB 30ms
30ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-36c4028f98e9ddabc93d.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

174c4e6968daecb869a33990dd48fca05177fc6198c6579a98aaa3ddaab04502

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /vi-assets/static-assets/comments-36c4028f98e9ddabc93d.js
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079; RT="z=1&dm=nytimes.com&si=acfd3d70-7d8f-4202-a4b2-6a32e36da30d&ss=krrzthw1&sl=0&tt=0"
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UKBjEg== md5=tsTtcx4ddh3RmhwVlXLlMQ==
date: Sat, 31 Jul 2021 16:32:35 GMT
content-encoding: gzip
x-api-version: F-X
age: 2596511
x-guploader-uploadid: ADPycdsYtmKjn0lMcisRgyLQCyNLPh9Dfla2I452Zmj0Gq7h1OKM59me706m9o5YIM29ywfLIzO9GUl82S9v4OnjDD0prPlEbg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=63072000; preload
x-origin-time: 2021-07-01 15:17:24 UTC
content-length: 14990
x-served-by: cache-fra19134-FRA
last-modified: Thu, 01 Jul 2021 15:16:08 GMT
server: UploadServer
cache-control: public,max-age=31536000
x-timer: S1627749156.904161,VS0,VE1
etag: "b6c4ed731e1d761dd19a1c159572e531"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimes3xbfgragh.onion/vi-assets/static-assets/comments-36c4028f98e9ddabc93d.js
x-goog-generation: 1625152568044373
expires: Fri, 01 Jul 2022 15:17:24 GMT
x-gdpr: 1
x-nyt-route: vi-assets
x-goog-stored-content-length: 51092
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:35 GMT; Path=/; Domain=.nytimes.com
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2628

GET
H2 200 requestHandler Show response
www.nytimes.com/svc/community/V3/ 3 KB
3 KB 147ms
147ms Script
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/svc/community/V3/requestHandler?url=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&cmd=GetCommentSummary&method=get&callback=jsonp_1627749155912_33794

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendor-4e5f92a69cb7257dff0c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

19c39570ad958bac600715d59557e100e3e5ffd544066c378d1094bc588db021

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload

Request headers

:path: /svc/community/V3/requestHandler?url=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&cmd=GetCommentSummary&method=get&callback=jsonp_1627749155912_33794
pragma: no-cache
cookie: nyt-a=xNxsYCkb7Rx30FsZQQqPAz; nyt-gdpr=1; nyt-purr=cfhspnahhud; nyt-us=0; nyt-geo=FR; nyt-b3-traceid=ce7a4250db664f84bacf312f584a1079; RT="z=1&dm=nytimes.com&si=acfd3d70-7d8f-4202-a4b2-6a32e36da30d&ss=krrzthw1&sl=0&tt=0"
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.nytimes.com
referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:36 GMT
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-X
age: 0
x-cache: MISS
x-origin-time: 2021-07-31 16:32:36 UTC
x-served-by: cache-fra19134-FRA
server: nginx
x-timer: S1627749156.922639,VS0,VE118
strict-transport-security: max-age=63072000; preload
onion-location: https://www.nytimes3xbfgragh.onion/svc/community/V3/requestHandler?callback=<esi:include%20src="/esi/jsonp-callback"/>&cmd=GetCommentSummary&method=get&url=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html
content-type: application/json
x-gdpr: 1
access-control-allow-credentials: true
x-nyt-route: community-svc-cacheable
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
set-cookie: nyt-gdpr=1; Expires=Sat, 31 Jul 2021 22:32:36 GMT; Path=/; Domain=.nytimes.com
x-cache-hits: 0

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 134ms
112ms Fetch
text/html 2a00:1450:4001:828::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:35 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 835f409f05b5f8db5da52fd114a13962
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Sat, 31 Jul 2021 16:32:35 GMT

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 276ms
250ms XHR
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-vi&referrer=&assetUrl=http%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&jkcb=1627749155914
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 721fcbbfa6c9d9a6df9e326e8daf58547afa5a1b9a63e9e9fcafd1f265b5a407

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: ef2d13d7d2640ca2534a979aa231a3a4
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 1161
expires: Sat, 31 Jul 2021 16:32:36 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
101ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
104ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
102ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
101ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 108ms
108ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
101ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
101ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
101ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-29 200 swg-button.css
news.google.com/swg/js/v1/ Frame 27D5 21 KB
6 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452152

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e4a23aabda94a886477bcb9b8e5bed6038f0104bd3022a18abd100d7d366f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6428
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 18:22:01 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sat, 31 Jul 2021 17:02:48 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5m... Frame 27D5 155 KB
55 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3199ef85204442ae5b8e3c54d29219fbb17ccd70d3e7d94f62a2750c587ab8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 22:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55752
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 01:54:19 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 22:13:53 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
102ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
104ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
853 B 38ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 446 B
270 B 178ms
178ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1449868398587382&correlator=3063496301419598&output=ldjh&impl=fif&eid=31061423%2C31062048%2C31061425%2C44741898%2C20211866&vrg=2021072801&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210731&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D1663&cust_params=cookie%3Dunknown%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1627745632972%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dbidenjosephrjr%26org%3Dcolonialpipelineco%252Cdarksidehackinggroup%252Cenergydepartment%26geo%3Drussia%26des%3Dcyberwarfareanddefense%252Ccyberattacksandhackers%252Cpipelines%252Coilpetroleumandgasoline%252Cunitedstatespoliticsandgovernm%252Cextortionandblackmail%252Cinfrastructurepublicworks%26auth%3Ddavidesanger%252Cnicoleperlroth%26coll%3Dusnews%252Cuspolitics%252Ctechnology%252Cenergyandenvironment%252Cbusiness%26artlen%3Dlong%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000007737300%26pt%3Dnt1%252Cnt10%252Cnt12%252Cnt14%252Cnt15%252Cnt16%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt6%252Cnt8%252Cnt9%252Cpt13%252Cpt19%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_ibm%252Cneg_mtb%252Cneg_ms_safe%252Cneg_chanel%252Cneg_mastercard%252Cneg_bofa%252Cneg_hearts%252Cneg_google%252Cneg_capitalone%252Cneg_bp%252Cneg_debeer%252Cgs_politics%252Cneg_orep%252Cneg_mttl%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cgv_crime%252Centertain_crime%252Cgt_negative%252Cgs_business%252Cgs_business_energy%252Cgs_politics_american%252Cgs_politics_misc%252Cgt_negative_fear%252Cgs_tech_computing%252Cgt_negative_anger%252Cgs_tech%252Cgv_download%252Cgs_t%26tt%3D25%252C47%26mt%3DMT10%26abra_dfp%3Dsa_referral_dfp_april2020_test_1_yellow_evergreen%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cdfp_mwtest_2_vendorb%252Cmkt_dfp_ods_1_test%252Cdfp_1p_ver_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cdfp_mt_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cdfp_1p2_1_bk%26sov%3D4%26page_view_id%3DdozJvUQO_g4cq-VSR129C6zr%26uap%3Dbrowser%26aid%3DxNxsYCkb7Rx30FsZQQqPAz%26purr%3Dnpa&cookie_enabled=1&bc=31&abxe=1&lmt=1627745632&dt=1627749156496&dlt=1627749154794&idt=1647&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=131&adks=1133286891&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=1600x0&ga_vid=1783470369.1627749156&ga_sid=1627749156&ga_hid=600136231&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

c0f95f1061f2ad6453579bcfc7d716149815d515c8ea794a85f510da8a038e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c7fb0afd9e56950a7d8a3a068c4c06fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E3A 6 KB
3 KB 54ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c7fb0afd9e56950a7d8a3a068c4c06fc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c7fb0afd9e56950a7d8a3a068c4c06fc.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 31 Jul 2021 16:32:36 GMT
expires: Sun, 31 Jul 2022 16:32:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 442 B
267 B 178ms
176ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1449868398587382&correlator=3063496301419598&output=ldjh&impl=fif&eid=31061423%2C31062048%2C31061425%2C44741898%2C20211866&vrg=2021072801&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20210731&iu_parts=29390238%2Cnyt%2Cus%2Cpolitics&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=150x50&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1665&cust_params=cookie%3Dunknown%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1627745632972%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dbidenjosephrjr%26org%3Dcolonialpipelineco%252Cdarksidehackinggroup%252Cenergydepartment%26geo%3Drussia%26des%3Dcyberwarfareanddefense%252Ccyberattacksandhackers%252Cpipelines%252Coilpetroleumandgasoline%252Cunitedstatespoliticsandgovernm%252Cextortionandblackmail%252Cinfrastructurepublicworks%26auth%3Ddavidesanger%252Cnicoleperlroth%26coll%3Dusnews%252Cuspolitics%252Ctechnology%252Cenergyandenvironment%252Cbusiness%26artlen%3Dlong%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dus%26si_section%3Dus%26id%3D100000007737300%26pt%3Dnt1%252Cnt10%252Cnt12%252Cnt14%252Cnt15%252Cnt16%252Cnt18%252Cnt2%252Cnt21%252Cnt3%252Cnt6%252Cnt8%252Cnt9%252Cpt13%252Cpt19%252Cpt5%26gscat%3Dneg_ibmtest%252Cneg_citi_aa%252Cneg_ibm%252Cneg_mtb%252Cneg_ms_safe%252Cneg_chanel%252Cneg_mastercard%252Cneg_bofa%252Cneg_hearts%252Cneg_google%252Cneg_capitalone%252Cneg_bp%252Cneg_debeer%252Cgs_politics%252Cneg_orep%252Cneg_mttl%252Cneg_cathay%252Cneg_mktg_safe_q4_2019%252Cgv_crime%252Centertain_crime%252Cgt_negative%252Cgs_business%252Cgs_business_energy%252Cgs_politics_american%252Cgs_politics_misc%252Cgt_negative_fear%252Cgs_tech_computing%252Cgt_negative_anger%252Cgs_tech%252Cgv_download%252Cgs_t%26tt%3D25%252C47%26mt%3DMT10%26abra_dfp%3Dsa_referral_dfp_april2020_test_1_yellow_evergreen%252Cmkt_dfp_intl_pricing_med_conv_0_control%252Cdfp_mwtest_2_vendorb%252Cmkt_dfp_ods_1_test%252Cdfp_1p_ver_0_control%252Cmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_adslot4v2_1_external%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cmc_dfp_topbar_bar_anon_1019_0_control%252Cdfp_mt_0_control%252Cmc_dfp_topbar_bar_regi_1019_0_control%252Cmkt_dfp_intl_pricing_low_conv_2_50cents%252Cdfp_1p2_1_bk%26sov%3D4%26page_view_id%3DdozJvUQO_g4cq-VSR129C6zr%26uap%3Dbrowser%26aid%3DxNxsYCkb7Rx30FsZQQqPAz%26purr%3Dnpa&cookie_enabled=1&bc=31&abxe=1&lmt=1627745632&dt=1627749156501&dlt=1627749154794&idt=1647&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1723209830&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=150x16&msz=0x0&ga_vid=1783470369.1627749156&ga_sid=1627749156&ga_hid=600136231&ga_fc=false&fws=132&ohw=1600&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

6da391563cef8d05769e8741cdc4c1f441127a49a5e2a48a33be0a033501f6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
564 B 49ms
22ms XHR
application/json 2600:9000:2190:e200:a:a8c5:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dd.nytimes.com/js/
Requested by: Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:e200:a:a8c5:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: DataDome /
Resource Hash: 5ca2814a7ca81e39493fcbd9a65df24fce95826a7705350e25b8268de7a7c6a2

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:32:36 GMT
via: 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: 422f0UGKmILZGe0CvetCzjKWjVwMCGDKhzQhoR54s3WzqogPzp4pWA==
expires: 0

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 27D5 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/_/ui/v1/serviceiframe?_=452152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://news.google.com
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 04:42:04 GMT
x-content-type-options: nosniff
age: 388232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 04:42:04 GMT

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 81 KB
17 KB 610ms
608ms Fetch
application/json 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=PAYWALL&us=anon&context-type=&assettype=timebound&areas=barOne&areas=dock&areas=inlineUnit&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e1c6210b2649e16444a8282fb40ee694c0a8bfc1508c2ebe900432ae17338bc5

Request headers

Referer: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: gzip
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-served-by: cache-fra19134-FRA
expires: Sat, 31 Jul 2021 16:32:37 GMT
server: Google Frontend
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","dock":"MAG_web_regi_us_sale_apple-pay-dock-ecd-test","gateway":"MAG_web_nonsub_all_monthly-sale","inlineUnit":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1627749157.569782,VS0,VE566
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: e2e5e0cbf9207da9ffb3513f57bfa6c8
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 3362
date: Sat, 31 Jul 2021 15:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sat, 31 Jul 2021 17:36:34 GMT

GET
H3-29

200

activityi;dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz... Show response
5290727.fls.doubleclick.net/ Frame 932C
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqP...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6...

703 B
482 B

89ms
52ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

81d7b3b405b8c81d1b233ed75cdde317d6ded07e3004a12343346f0c0d983066

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 31 Jul 2021 16:32:36 GMT
expires: Sat, 31 Jul 2021 16:32:36 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 457
x-xss-protection: 0
set-cookie: IDE=AHWqTUlAVuCZmDXnebVoqGUFdC0v9lwFi6-R_hcs2AaN_H8cS6AtaCxekGkh3TaR6oc; expires=Thu, 25-Aug-2022 16:32:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 31 Jul 2021 16:32:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 42ms
13ms Script
application/x-javascript 2600:9000:2190:5600:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:13:25 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
age: 1151
etag: W/"60e79439-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: qzEP0F-zrvX6NScCLMYY7oeqCOCNeNC5fp86EmBHv1Cp64k54wREeg==
expires: Sun, 01 Aug 2021 16:13:25 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
681 B 31ms
29ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: gzip
content-type: application/javascript
age: 61553
x-guploader-uploadid: ABg5-Uwgf45CIUJuSzefKrpbBr6eFgLPoGO6IZWBLSgRRPlpg-k8o7-Q03oLTdFGfrPhfKxqg12sXMT0148wwmuNc7Dki57aag
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-fra19134-FRA
accept-ranges: bytes
expires: Thu, 01 Jul 2021 23:51:39 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1627749157.631708,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 555

POST
H2 200 track
a.et.nytimes.com/ 0
0 121ms
120ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 activityi;register_conversion=1;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u1...
5290727.fls.doubleclick.net/ 0
0 99ms
37ms Image
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5290727.fls.doubleclick.net/activityi;register_conversion=1;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f166.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 134ms
44ms Image
image/gif 52.50.64.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1973904969
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.64.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-64-214.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:32:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 track
a.et.nytimes.com/ 0
0 103ms
103ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-29 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L... Frame 27D5 36 KB
13 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/am=BQII/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5mUByDVoEAakq-tJBSlqJYoCDaeA/m=_b,_tp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5611e6db97c3e4e3652ec5ca7e4e4bad163d8956ccff61353fd884ee8256935d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 22:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13311
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 05:51:15 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 22:13:53 GMT

GET
H3-29 200 m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L... Frame 27D5 99 KB
34 KB 14ms
9ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L.B1.O/am=BQII/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5xfgG6OneDf3VOLIqC5dYMosE7Vw/m=xUdipf,blwjVc,fKUV3e,aurFic,ws9Tlc,COQbmf,U0aPgd,zG9H6c,NwH0H,OmgaI,gychg,lfpdyf,ZfAoz,PQaYAf,lPKSwe,yDVVkb,KG2eXe,DfBslb

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c06e14fbbce575d2ff577427ee9cfc81e3f3facd531ab0cd51a0c89d0e6eb5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 22:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34391
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 05:51:15 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 22:13:53 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=600136231&t=pageview&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&dr=&ul=en-us&de=UTF-8&dt=FBI%20Confirms%20DarkSide%20as%20Colonial%20Pipeline%20Hacker%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=140357330&gjid=666198646&cid=1783470369.1627749156&tid=UA-58630905-2&_gid=416827044.1627749157&_r=1&gtm=2wg7s0P528B3&cg1=us&cg2=politics&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&cd3=&cd4=U.S.&cd9=9&cd10=null&cd12=Politics&cd13=null&cd14=washington_desk&cd15=earned&cd16=referring_links&cd17=100000007737300&cd18=David%20E.%20Sanger%2CNicole%20Perlroth&cd19=F.B.I.%20Identifies%20Group%20Behind%20Pipeline%20Hack&cd20=&cd21=Article&cd23=U.S.&cd25=Politics&cd26=2021&cd27=2021-05-10-19&cd28=Monday&cd29=19&cd30=1621029409109&cd32=U.S.%20News%2CPolitics%2CTechnology%2CEnergy%20and%20Environment%2CBusiness&cd33=SECTION%2CSECTION%2CSECTION%2CSECTION%2CSECTION&cd34=NEWS&cd36=10dc-darkside&cd37=1674&cd38=Washington&cd42=nyt-vi&cd43=Cyberwarfare%20and%20Defense%2CCyberattacks%20and%20Hackers%2CPipelines%2COil%20(Petroleum)%20and%20Gasoline%2CUnited%20States%20Politics%20and%20Government%2CExtortion%20and%20Blackmail%2CInfrastructure%20(Public%20Works)&cd44=Colonial%20Pipeline%20Co%2CDarkSide%20(Hacking%20Group)%2CEnergy%20Department&cd45=Biden%2C%20Joseph%20R%20Jr&cd46=Russia&cd48=May&cd49=heave_over_1600&cd51=nyt-vi&cd52=&cd53=Washington&cd54=washington_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=xNxsYCkb7Rx30FsZQQqPAz&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=xNxsYCkb7Rx30FsZQQqPAz&z=700142552

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:32:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 307ms
98ms Image
image/gif 34.206.194.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&u=IChWjCOCw7AePdf1&d=nytimes.com&g=16698&g0=us%2CPolitics%2Cwashington_desk&g1=David%20E.%20Sanger%2CNicole%20Perlroth&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2175&t=B5wmydCBa62CwReDAbgi4-ONOFW&V=128&i=F.B.I.%20Identifies%20Group%20Behind%20Pipeline%20Hack&tz=-120&_acct=anon&sn=1&sv=HxWpO_RHvxB7dgI3DUUD8nCvd6WI&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.194.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-194-65.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:32:36 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3-29 200 batchexecute Show response
news.google.com/_/SubscribewithgoogleClientUi/data/ Frame 27D5 264 B
230 B 31ms
30ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&f.sid=-6197850888106251494&bl=boq_subscribewithgoogleclientserver_20210729.06_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=66757&rt=c

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12a8c29009192b45eacf54d78a49fad7b62982df7b4404246381937f5d52c6bb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: require-trusted-types-for 'script';report-uri /_/SubscribewithgoogleClientUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 m=Wt6vjf,_latency,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L... Frame 27D5 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.E7ju_OdRf40.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.XMJ0nedoPI4.L.B1.O/am=BQII/d=1/exm=COQbmf,DfBslb,KG2eXe,LEikZe,NwH0H,OmgaI,PQaYAf,U0aPgd,ZfAoz,_b,_tp,aurFic,blwjVc,byfTOb,fKUV3e,gychg,lPKSwe,lfpdyf,lsjVmc,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI5xfgG6OneDf3VOLIqC5dYMosE7Vw/m=Wt6vjf,_latency,FCpbqb,WhJNk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d72714ff5d9fd247eb1d6ae5aa6bb5d0fdd931225f31b43a7bd0fe08f22ae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 22:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7298
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 05:51:15 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 22:13:53 GMT

POST
H2 200 log Show response
play.google.com/ Frame 27D5 131 B
661 B 63ms
42ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:32:36 GMT

POST
H3-29 200 log Show response
play.google.com/ Frame 27D5 131 B
154 B 55ms
41ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:32:36 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 57ms
38ms Preflight
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 31 Jul 2021 16:32:36 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Jul 2021 16:32:36 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 27D5 131 B
154 B 56ms
55ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:32:36 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 88ms
70ms Preflight
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 31 Jul 2021 16:32:36 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Jul 2021 16:32:36 GMT
cache-control: private

POST
H3-29 200 log Show response
play.google.com/ Frame 27D5 131 B
154 B 73ms
73ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 31 Jul 2021 16:32:36 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:32:36 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 87ms
70ms Preflight
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://news.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 31 Jul 2021 16:32:36 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Jul 2021 16:32:36 GMT
cache-control: private

GET
H3-29 200 dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=*;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007...
adservice.google.com/ddm/fls/z/ Frame 932C 42 B
63 B 65ms
52ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=*;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CMrokpLejfICFcsV0wodOMMFAA;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=9069506196550;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:32:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 2 KB
1 KB 497ms
18ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/loader.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9cfdeba6640fa7082056d4de52f25b679d7177e056ef3f52b4b6762e22f815b

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 594
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 8WG0ZWRGQJ8RWB03
x-amz-id-2: x/LKE5cmPZJVLLHJadT+tfPWbQD8NKLWvEbJNbQsH9qA5MdRyVJRArRc9Wxnp+j4A5EA/mLMPDo=
last-modified: Tue, 13 Jul 2021 16:17:36 GMT
server: cloudflare
etag: W/"f5f66497f6bebbf309a3dd1e857b04fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phFNjgFH3vgo0ZmGh2y7CT%2FllO70vypKwouCTP%2BG1Mn2QxBkffZqro5filg8yeeBCKgBUvWLZcJz0RVDoJUGclofun4DFILnMkf5D6nol0IKcplSTiKHUXXqib5mm0wgncp%2FE8s9A05GSzB21qmQa8j0epwl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6778394a4edf4eaf-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 498ms
21ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b36a482cd0f1faf223eaa41c1ca61103751d83c9401e3059380b02ee0bdc202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8521
x-xss-protection: 0

GET
H2 200 merlin_187565448_aaf65d85-adc5-408a-8bf0-aabef755521b-jumbo.jpg
static01.nyt.com/images/2021/05/10/us/politics/10dc-darkside/ 43 KB
44 KB 31ms
30ms Image
image/webp 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/05/10/us/politics/10dc-darkside/merlin_187565448_aaf65d85-adc5-408a-8bf0-aabef755521b-jumbo.jpg?quality=90&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ca531b0d5c7639183f0847835b179bf988c8f037e5e2d2c937c6775f86b5e567

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
via: 1.1 varnish, 1.1 varnish
age: 203640
x-guploader-uploadid: ADPycdtXJwb3F24mU6ntCOuJb36_J-Zpi1VraFCLPVuj576tYXPZNowy9sKdKq6wGL8-ns3BIA4dymmrTrfNU5K622Q
x-cache: HIT, HIT
fastly-io-info: ifsz=70212 idim=1024x642 ifmt=jpeg ofsz=44008 odim=1024x642 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
fastly-stats: io=1
content-length: 44008
x-served-by: cache-bwi5167-BWI, cache-fra19134-FRA
x-nyt-gcs-bucket: cms-gke-prd-publish-images-storage
server: UploadServer
x-timer: S1627749157.195990,VS0,VE0
etag: "0XvQkOoLCe8VIqkqYrf7AEJX51UpLzbaxwy5iUkWS64"
vary: Accept
x-goog-hash: crc32c=typ9ow==, md5=nsvf8Npk7WeLPIaWlN734g==
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 29 Jul 2021 07:58:37 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 main.css
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/ 103 KB
15 KB 32ms
30ms Stylesheet
text/css 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c0ec4afe344c086bc95ae4593c092460b527a5a5c0704e1c05cef34b2b648000

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: gzip
age: 275034
x-cache: HIT
content-length: 14690
x-served-by: cache-fra19134-FRA
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 18:59:50 GMT
server: nginx
x-timer: S1627749157.197082,VS0,VE0
x-origin-server: mwcm-pub-est09.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 324

GET
H2 200 common.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/ 220 KB
69 KB 30ms
29ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 77a92318443d095c0a856fe9db90ed1541b8a7c398767288526f36cf209c2dd4

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: gzip
age: 275036
x-cache: HIT
content-length: 70290
x-served-by: cache-fra19134-FRA
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 18:59:50 GMT
server: nginx
x-timer: S1627749157.220049,VS0,VE0
x-origin-server: mwcm-pub-est02.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 375

GET
H2 200 main.js Show response
mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/ 23 KB
6 KB 31ms
29ms Script
application/javascript 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/js/src/main.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f0a5739dddb4cafc90316e8df5a4ce084f0fe7f3e9657922a6a9d0024b6ba0dc

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: gzip
age: 275034
x-cache: HIT
content-length: 6101
x-served-by: cache-fra19134-FRA
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 18:59:50 GMT
server: nginx
x-timer: S1627749157.222285,VS0,VE0
x-origin-server: mwcm-pub-est05.prd.iad1.nyt.net
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
via: 1.1 varnish
cache-control: no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 316

POST
H2 200 track
a.et.nytimes.com/ 0
0 109ms
109ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 101ms
101ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
101ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H2 200 franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 31ms
31ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.bc7be4c5d8cacb780f896c5cbe0c0d7f.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XjpPGQ==, md5=vHvkxdjKy3gPiWxcvgwNfw==
date: Sat, 31 Jul 2021 16:32:37 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4464594
x-guploader-uploadid: ABg5-Uzkoe8MeBHd6DwpPeKGvw9FMAr2KfZTs1Z77WsrLuWADt9oF3ENtUxNssZ_leUqyrnp3Kn1ZTVeurNBUzLRFBoRIsV79A
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20172
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Fri, 10 Jun 2022 00:22:43 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1627749157.258502,VS0,VE0
etag: "bc7be4c5d8cacb780f896c5cbe0c0d7f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513093190
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20172
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2808

GET
H2 200 franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 31ms
31ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.b44c88f09ca7ce914b836d4ae72891b8.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=PQVxAw==, md5=tEyI8JynzpFLg21K5yiRuA==
date: Sat, 31 Jul 2021 16:32:37 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4467085
x-guploader-uploadid: ABg5-Uz1w0HYKtR8mLA5O7hQjvz12IBZm859sKOVfV3WIMC-t6oXkCdugzQ8Vh-S5jn9WNg11uRK103ko9m1gua8wg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20312
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Thu, 09 Jun 2022 23:41:11 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1627749157.258580,VS0,VE0
etag: "b44c88f09ca7ce914b836d4ae72891b8"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513200253
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20312
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2965

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 30ms
30ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Sat, 31 Jul 2021 16:32:37 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4550549
x-guploader-uploadid: ABg5-UzcG53XPnLIWEjqD8pMltXGTOHp6zGhDj-er32BqqgFtfQRVL-ogkRXlN7HLCRiqngHCoPFotwKDO3zWL7Wy3gPy-gXXw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Thu, 09 Jun 2022 00:30:06 GMT
last-modified: Tue, 06 Apr 2021 21:11:52 GMT
server: UploadServer
x-timer: S1627749157.261061,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511931481
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2212

GET
H2 200 franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 34ms
34ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.d6c06a3d84a57100edad5bf9b84ff739.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=ImeYUg==, md5=1sBqPYSlcQDtrVv5uE/3OQ==
date: Sat, 31 Jul 2021 16:32:37 GMT
via: 1.1 varnish
content-type: font/woff2
age: 21846033
x-guploader-uploadid: ABg5-Uz9nK6_2w5K-0GerMzlnNTbgOC1LOM1ZTMIt8N3zRK0mAlX9ToqD61L94PzercVqaEUUbUnKL9TZPwavvCOYrA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 19836
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Sat, 20 Nov 2021 20:12:03 GMT
last-modified: Mon, 16 Nov 2020 16:08:41 GMT
server: UploadServer
x-timer: S1627749157.261195,VS0,VE0
etag: "d6c06a3d84a57100edad5bf9b84ff739"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605542921495212
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19836
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 2982

GET
H2 200 franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
g1.nyt.com/fonts/family/franklin/ 24 KB
24 KB 33ms
33ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-800.fdc7cad17deeec2db1fe2f9f8c0520ed.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7

Request headers

Origin: https://www.nytimes.com
Referer: https://g1.nyt.com/fonts/css/web-fonts.b1c035e4560e0216caf8f03326e0430712b61041.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=b25SxA==, md5=/cfK0X3u7C2x/i+fjAUg7Q==
date: Sat, 31 Jul 2021 16:32:37 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4550328
x-guploader-uploadid: ABg5-UzSj9zY1_i0qizn1nyMmKibp6ojzT9vGZSmDKyAWduC-0i6OdcxQTfPYuupfnjo0h7pmWvXKVtfaYW2rrCmVtc
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 24184
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Thu, 09 Jun 2022 00:33:48 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1627749157.261173,VS0,VE0
etag: "fdc7cad17deeec2db1fe2f9f8c0520ed"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513196485
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 24184
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1615

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 30ms
30ms Font
application/octet-stream 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Sat, 31 Jul 2021 16:32:37 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 220644
x-guploader-uploadid: ADPycdvnBO-MhQ11arq3bPBybpQK5OymxDr1A6Tow7qR6ghlOo6LigDT-AwC8Z45fHVAEJ4LkUbnz_kId28-IbU00vo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Fri, 29 Jul 2022 03:15:13 GMT
last-modified: Wed, 21 Jul 2021 17:23:53 GMT
server: UploadServer
x-timer: S1627749157.267779,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1626888233270606
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1447

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 31ms
31ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Sat, 31 Jul 2021 16:32:37 GMT
via: 1.1 varnish
content-type: font/woff2
age: 1613262
x-guploader-uploadid: ADPycdtY639MY2Qnoe_eSfe_NrVxO5U0RKcQOAo6zJiJVA9MsB2vZNmfHC27jSIFipAJi1vSdx3YOEsZJERT59cT0szNS0Xq1Q
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Wed, 13 Jul 2022 00:24:54 GMT
last-modified: Tue, 06 Apr 2021 21:11:52 GMT
server: UploadServer
x-timer: S1627749157.267865,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743511893367
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1797

GET
H2 200 cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/ 26 KB
26 KB 31ms
30ms Font
font/woff2 151.101.13.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/templates/pages/lp/gbb3/css/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.164 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3

Request headers

Origin: https://www.nytimes.com
Referer: https://mwcm.nyt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
date: Sat, 31 Jul 2021 16:32:37 GMT
via: 1.1 varnish
content-type: font/woff2
age: 1442546
x-guploader-uploadid: ADPycdvjfQ8xtuy9cUm4AyyrnPfSYDhtTJa7DYLaMFIraqtkUY66SVn_bo0wB3okYD8p95j7ODwJJMio_IHnCVxMre4
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26448
x-served-by: cache-fra19182-FRA
accept-ranges: bytes
expires: Thu, 14 Jul 2022 23:50:11 GMT
last-modified: Tue, 06 Apr 2021 21:11:52 GMT
server: UploadServer
x-timer: S1627749157.371836,VS0,VE0
etag: "40ccfe2cc61a71e6617e56162d49b896"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743512046782
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26448
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 1636

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 950 B
955 B 236ms
236ms XHR
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer
Requested by: Host: mwcm.nyt.com
URL: https://mwcm.nyt.com/.resources/mkt-wcm/dist/common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 41c541bea80652de33834db1c88231c7a166335b967e6b7cf96a3fd9d3eb16ac

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: gzip
x-appengine-log-flush-count: 1
server: Google Frontend
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: d4783849c26d23b6da5bd4148470aa5b
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
content-length: 487
expires: Sat, 31 Jul 2021 16:32:37 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 31 Jul 2021 16:32:37 GMT

GET
H3-29

200

activityi;dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz... Show response
5290727.fls.doubleclick.net/ Frame 9BC5
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqP...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6...

703 B
481 B

51ms
50ms

Document
text/html

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

9200670b263ef60196b4bd2237317ba919080e4b23552352427c634f090c1a02

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5290727.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlAVuCZmDXnebVoqGUFdC0v9lwFi6-R_hcs2AaN_H8cS6AtaCxekGkh3TaR6oc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 31 Jul 2021 16:32:37 GMT
expires: Sat, 31 Jul 2021 16:32:37 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 31 Jul 2021 16:32:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track
a.et.nytimes.com/ 0
0 112ms
111ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

GET
H3-29 200 activityi;register_conversion=1;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u1...
5290727.fls.doubleclick.net/ 0
0 37ms
37ms Image
text/html 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5290727.fls.doubleclick.net/activityi;register_conversion=1;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f166.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=600136231&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&dr=&ul=en-us&de=UTF-8&dt=FBI%20Confirms%20DarkSide%20as%20Colonial%20Pipeline%20Hacker%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=gateway&ea=impression&el=MAG_web_nonsub_all_monthly-sale&ev=0&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1783470369.1627749156&tid=UA-58630905-2&_gid=416827044.1627749157&gtm=2wg7s0P528B3&cg1=us&cg2=politics&cg3=article&cg4=news&cd1=http%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html&cd3=&cd4=U.S.&cd9=9&cd10=null&cd12=Politics&cd13=null&cd14=washington_desk&cd15=earned&cd16=referring_links&cd17=100000007737300&cd18=David%20E.%20Sanger%2CNicole%20Perlroth&cd19=F.B.I.%20Identifies%20Group%20Behind%20Pipeline%20Hack&cd20=&cd21=Article&cd23=U.S.&cd25=Politics&cd26=2021&cd27=2021-05-10-19&cd28=Monday&cd29=19&cd30=2021-05-14T21%3A56%3A49.109Z&cd32=U.S.%20News%2CU.S.%20Politics%2CTechnology%2CEnergy%20and%20Environment%2CBusiness&cd33=SECTION%2CSECTION%2CSECTION%2CSECTION%2CSECTION&cd34=NEWS&cd36=10dc-darkside&cd37=1674&cd38=Washington&cd42=nyt-vi&cd43=Cyberwarfare%20and%20Defense%2CCyberattacks%20and%20Hackers%2CPipelines%2COil%20(Petroleum)%20and%20Gasoline%2CUnited%20States%20Politics%20and%20Government%2CExtortion%20and%20Blackmail%2CInfrastructure%20(Public%20Works)&cd44=Colonial%20Pipeline%20Co%2CDarkSide%20(Hacking%20Group)%2CEnergy%20Department&cd45=Biden%2C%20Joseph%20R%20Jr&cd46=Russia&cd48=May&cd49=heave_over_1600&cd51=nyt-vi&cd52=&cd53=Washington&cd54=washington_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=xNxsYCkb7Rx30FsZQQqPAz&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=xNxsYCkb7Rx30FsZQQqPAz&z=1481515265

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 04:02:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45027
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sdk-prod-f50cec7948c7de92c82e.js Show response
platform.iteratehq.com/ 883 KB
255 KB 37ms
24ms Script
application/javascript 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/sdk-prod-f50cec7948c7de92c82e.js
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ae0717284fedcd288672678d007cac275075fe55ae894a442d90137def2429d

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 728456
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: V38G406FJY113YDM
x-amz-id-2: cd2BlR1DdphyaKNMq3lUR5H63/XkRJq16bCSqPHTJ1KGOIcoE5fkfAby1gYIurnYOPS0PQiMXAU=
last-modified: Tue, 13 Jul 2021 16:17:31 GMT
server: cloudflare
etag: W/"b07914cdb008fdfdbfd7a36084aba077"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTEld1c2SfzsEs0AShzNEaspPW5Zy0E1wypsj9xLB6CJoJYanNNNgAzIPpvHwuPoyvBbm%2BBSVCKabTbL6W1vVxdbeydh2fZR98VCvLcEbwANaDfk55bYD5rRlyMzvi3SwER7FfbXMJMnGIos7U7tfxhFxgVJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6778394b19484e74-FRA

GET
H3-29 200 style-40116a7f908a8fa5184e.css
platform.iteratehq.com/ 149 KB
14 KB 27ms
15ms Stylesheet
text/css 2606:4700:3032::ac43:c7c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.iteratehq.com/style-40116a7f908a8fa5184e.css
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c7c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 696bded8115ff4b143716f1beddb44fbc8ba1e0ffd56481cb4572abf1e37e208

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1555936
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: J97Q6WEPMEB3S945
x-amz-id-2: RDn/3jSDz8fC7HBHCzeMm7o21XbJMSXs2eSRLEt14iYzqf9GQQM6a/dV701ffrnVARn4i3Y7ryk=
last-modified: Tue, 13 Jul 2021 16:17:31 GMT
server: cloudflare
etag: W/"bb68b6f34c729419e23e00ef01d8fc73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SMfwBfg5D4eMB5cMUyyARAgl15qKIb2o%2Ft%2BQFNjCGXifDcBsmrCCw5opYu9N0eSfMINDH5ua0R4YjwSm3%2B4uEf270kTcUM0zpUZY%2BrHAB0L6Yklee7H6ziKirlYt7twGzazo5b8mIRxlA0Jsymuu65LhG%2Bc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 6778394b19464e74-FRA

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B6D3 12 KB
5 KB 22ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 31 Jul 2021 10:36:35 GMT
expires: Sun, 31 Jul 2022 10:36:35 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 21362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 78E9 783 B
813 B 18ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

561afb3d7752be571757cd8077c9d8c0725ed876487cd499e68faa219e733754

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fJfoXhhUCSYN/xo48ZJQdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nytimes.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=220=nyVK2rJnn8nJITJ96BvLnZFInNiqdqbGLq7V9TTvbYcBjJo7dfLGxIw5RgUOkoL5IKEBgp4pUrux34Wp0rPqcPOgE69LWVWdF63xcJv8NOg3CAXtwx8VU2K7w5Y1iFOuxzb-cgDX0XV0jInDXCFCQaQvOjICyBKY8HMF4cxTswg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/

Response headers

expires: Sat, 31 Jul 2021 16:32:37 GMT
date: Sat, 31 Jul 2021 16:32:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-fJfoXhhUCSYN/xo48ZJQdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
945 B 132ms
116ms Fetch
application/json 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Requested by: Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/sdk-prod-f50cec7948c7de92c82e.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 590bf642b0b026c63e98a9330f03b2c57727e33a6db9b3ba76f79c26c1cc2d15

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nytimes.com/
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Sat, 31 Jul 2021 16:32:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSY%2BHkYA325pr4Te5TEItEVb%2FLCEVULXlhyX8TarVpj8fGPA7slldD9tM3Jgdzdj5JrpTerSTLRSHtkiJ9HNVDThmhqCMRR6IWwWiM6m39VEj65bR31SCwM3Gm5tWjwCTRCWuys2mdPZ44Jp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
access-control-allow-credentials: true
cf-ray: 6778394d292e42c9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js Show response
pagead2.googlesyndication.com/bg/ Frame B6D3 35 KB
13 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:50:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13434
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Jul 2022 13:50:58 GMT

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 147ms
107ms Preflight 2606:4700:3037::6815:24db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iteratehq.com/api/v1/surveys/embed
Protocol: H2
Server: 2606:4700:3037::6815:24db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.nytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 31 Jul 2021 16:32:37 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
cache-control: no-cache="set-cookie"
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahmrtzbh77yC4s2j99iqFPUcLIT51pxDjCGzNQpl8XnXk7NkJ7WUP08XKLnqw7gvKTxBw9OjICIFd03imf6zeejuuFIbNKDcHx%2BvQ2Dw6GABJUmM%2FZkBTBZsxH2zcP1SaMFvN1sywMCdaf%2Fh"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6778394c6cf64ec8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=*;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007...
adservice.google.com/ddm/fls/z/ Frame 9BC5 42 B
63 B 49ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=*;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CJyMypLejfICFdHS3godOcMMMw;src=5290727;type=remar0;cat=gatew0;ord=1;num=4721641702191;gtm=2wg7s0;auiddc=581874378.1627749157;u4=;u5=undefined;u6=undefined;u7=xNxsYCkb7Rx30FsZQQqPAz;u8=;u10=;u11=1;u12=100000007737300;u13=undefined;u14=undefined;u15=undefined;u16=nyt-vi;u17=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html;ps=1;~oref=https%3A%2F%2Fwww.nytimes.com%2F2021%2F05%2F10%2Fus%2Fpolitics%2Fpipeline-hack-darkside.html?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:32:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072801&jk=1449868398587382&bg=!QEOlQwfNAAals0SOpbM7ACkAdvg8WsGrf6aEPMyWTaS-AIgvXcHU055QXUn_Qg_rs74zVw12I0FdWQIAAABrUgAAAAloAQcKARiC0nsro2nEaQkIa3-iZxCStRekJnFBkGMn8-g1wg8Ff4qTx-tuOAMTSQxVcKzZ-1ZHPUYbgbQG_v2qcxW0bFsavPueRfC3B7PpytIYU2w3xRt7Q_34nR8GbLIWF0mETDj8ESGV_Y9vgTbkna-IMduK8vHNhF0OBTul1heHe5mQTAbqqQwFfpecojQ1JoDclRMwWUjv93BNoYfx1tis4F-q6mfFlLWubLoO2smupq23cgXICs9ojGODgu5aQfgl1ghEgIhQcBNURxgOxIaawyjkxDHJTJPG3QW2nhBTlx9PEfyqBaOEXEqorTgDZRAyM4AdeudoQ7OxHp7rMrEa4TelGGkneJGsXASo1Ln0adl9HzXncWCfDc6TmQJ4sy7VPWvqzLbt2SEEAu6uJ1poaG7Duog0W6sHiA7BwCiAISIqxfGOuj9lGdJh1dkka4VOdhiSsIqh_zRNbm-XJ5Mi7dj5ogANNd82Hn2k6ItSmklmiVwNy1HKm9Tt9yF1ij4eCVM6mIGxH2R64zWRvNf91X2MQr97MU0_97F-JBeIEldXKzrU1zYL-bOvoHSBVMcE8Soy0M7tqJxwusFxxPiTHSfgdOKRwuODZhiIJ38I3qcjta1mvG47DV2XzEldMovCJeH4Mrp5Fsr6-Un_WPF6jgRhJ5IRx8HQ5WVwjmVHF-WtSBQvzATV-dvDNdvFfvm8ky0XZkrsreADiSAA4WbDn55xscW3VLRxZ7OQNEUeV_zh-uLIyuGtXn_lp53au2ybLhEyW9ppdw6TNXdsc9jFr2PBMUC0dQd_cI2w9-6CFjFIIGJXBNXbvild9reD_QgSGlN_Q2o2em40dtooIiV0NP6AlQHnjuMxjC78UZi3JOFKzu8nio8jl7s5AJBkZqyUkdgi0R9kpUMpfekW-bk5Tg2EAQTiEyisk4G7CD8fybBG8L15i7mWwzkfFyUsZLfBlNpZIuIYyB0Ovd_f2XCkPJpS6wtqBHGs7MdYyjs4cJ4J8bQY5TKEMB2H51lK_5ZqTvNoIIIKQxxdr55jq0I33nRyho4UqIJnGb5n5Ue8Bpd2-r77YK6dHWo2YX-C_Nx9AwRDs9GkSpCzeXWVMpwN0rciJ27qRZ_jtcSGz5_a-tClrlktYejWmmaI8SxaRamnKiaLfeer9RVvh3uuQnTBEfaeSFHjKLBl6mJvMft4v7cAMBFnxRZtjKW5t7UvvFDf6b65bbo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 16:32:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 102ms
102ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 105ms
105ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 527ms
527ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

POST
H2 200 track
a.et.nytimes.com/ 0
0 104ms
104ms Ping
application/json 2a00:1450:4001:82f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.nytimes.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, x-requested-by, *
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:30:45	Name: IDE Value: AHWqTUlAVuCZmDXnebVoqGUFdC0v9lwFi6-R_hcs2AaN_H8cS6AtaCxekGkh3TaR6oc
.google.com/	1970-01-20 00:32:40	Name: NID Value: 220=nyVK2rJnn8nJITJ96BvLnZFInNiqdqbGLq7V9TTvbYcBjJo7dfLGxIw5RgUOkoL5IKEBgp4pUrux34Wp0rPqcPOgE69LWVWdF63xcJv8NOg3CAXtwx8VU2K7w5Y1iFOuxzb-cgDX0XV0jInDXCFCQaQvOjICyBKY8HMF4cxTswg
.nytimes.com/	1970-01-19 20:18:12	Name: nyt-cmots Value: eyJmcmVxdWVuY3kiOnsiMjg2NTI1OTkzIjp7ImlubGluZVVuaXQiOnsiZiI6MSwicyI6MSwiZmMiOjE2Mjc3NDkxNTcsInNjIjoxNjI3NzQ5MTU3LCJjYSI6MTYyNzc0OTE1N319fX0=
www.nytimes.com/	1970-01-20 05:37:57	Name: _cb Value: IChWjCOCw7AePdf1
.nytimes.com/	1970-01-19 20:19:13	Name: RT Value: "z=1&dm=nytimes.com&si=acfd3d70-7d8f-4202-a4b2-6a32e36da30d&ss=krrzthw1&sl=1&tt=1x6&rl=1&ld=1x8"
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: ce7a4250db664f84bacf312f584a1079
www.nytimes.com/	1970-01-20 05:37:57	Name: _chartbeat2 Value: .1627749156679.1627749156679.1.HxWpO_RHvxB7dgI3DUUD8nCvd6WI.1
www.nytimes.com/	1970-01-20 05:37:57	Name: _cb_ls Value: 1
.nytimes.com/	1970-01-19 20:09:09	Name: _gat_UA-58630905-2 Value: 1
.nytimes.com/	1970-01-20 04:54:45	Name: nyt-jkidd Value: uid=0&lastRequest=1627749155998&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.nytimes.com/	1970-01-19 20:10:35	Name: walley_gid Value: GA1.2.416827044.1627749157
.nytimes.com/	1970-01-21 15:58:35	Name: nyt-m Value: D831F5014864BE685699A0B7D02F646E&v=i.0&ifv=i.0&iga=i.0&igf=i.0&iru=i.1&g=i.1&ft=i.0&cav=i.1&igd=i.1&iir=i.0&er=i.1627749155&iub=i.0&ira=i.0&s=s.core&n=i.2&pr=l.4.0.0.0.0&vp=i.0&igu=i.1&e=i.1627804800&imu=i.1&prt=i.0&ier=i.0&t=i.0&rc=i.0&vr=l.4.0.0.0.0&fv=i.0&ica=i.0&iue=i.0&imv=i.0&uuid=s.a21b5cce-986b-4456-bfa7-bd895e1ad52a&ird=i.0
.nytimes.com/	1970-01-19 22:18:45	Name: _gcl_au Value: 1.1.581874378.1627749157
.nytimes.com/	1970-01-19 20:09:35	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
www.nytimes.com/	1970-01-19 20:09:10	Name: _cb_svref Value: null
.nytimes.com/	1970-01-19 20:09:35	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 05:30:45	Name: __gads Value: ID=d115b42ad4084f40-2294c0ab91c8008f:T=1627749156:S=ALNI_MbtpI1Z310DJfIifUKnweMeMuko-A
.nytimes.com/	1970-01-20 04:54:45	Name: datadome Value: 3IvK3ZuM~9R_3yRpfTU.0N5jOxvIgWPzUU-56IQo~x1ATheeRgCCFFNW9KHOWcu6mlDHz5t035.Wq7dqhBAnvT-Gq5mKuAqQGfje0DUAyfT5y-~2X7KBB76mw-nJaQJ
.nytimes.com/	1970-01-19 20:09:30	Name: nyt-geo Value: FR
.nytimes.com/	1970-01-20 04:54:45	Name: nyt-a Value: xNxsYCkb7Rx30FsZQQqPAz
.nytimes.com/	1970-01-19 20:09:30	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 04:54:45	Name: nyt-purr Value: cfhspnahhud
.nytimes.com/	1970-01-19 20:09:30	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 13:40:21	Name: walley Value: GA1.2.1783470369.1627749156
.nytimes.com/	1970-01-20 05:38:39	Name: purr-cache Value: <K0<r<C_<G_<S0

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://www.nytimes.com/2021/05/10/us/politics/pipeline-hack-darkside.html(Line 394) Message: userinfo data unavailable
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js(Line 33) Message: <!-- 0000000 000 0000000 111111111 11111111100 000 111111111 00000 111111111111111111 00000 000000 000 1111111111111111111111111100000 000 000 1111 1111111111111111100 000 000 11 0 1111111100 000 000 1 00 1 000 000 00 00 1 000 000 000 00000 1 000 00000 0000 00000000 1 00000 11111 000 00 000000 000 11111 00000 0000 000000 00000 00000 000 10000 000000 000 0000 000 00000 000000 1 000 000 000000 10000 1 0 000 000 1000000 00 1 00 000 000 1111111 1 0000 000 000 1111111100 000000 000 0000 111111111111111110000000 0000 111111111 111111111111100000 111111111 0000000 00000000 0000000 NYTimes.com: All the code that's fit to printf() We're hiring: https://nytimes.wd5.myworkdayjobs.com/Tech -->
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 10) Message: Subscriptions Runtime: 0.1.22.177
console-api	warning	(Line 2) Message: et2 snippet should only load once per page
console-api	error	URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js(Line 33) Message: Unhandled Promise Rejection (unhandledrejection): TypeError: Cannot read property 'default-county' of null
console-api	error	URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js(Line 33) Message: Unhandled Promise Rejection (unhandledrejection): TypeError: Cannot read property 'default-county' of null
console-api	error	URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js(Line 33) Message: Unhandled Promise Rejection (unhandledrejection): TypeError: Cannot read property 'default-county' of null
console-api	error	URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js(Line 33) Message: Unhandled Promise Rejection (unhandledrejection): TypeError: Cannot read property 'default-county' of null
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 10) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	warning	URL: https://news.google.com/swg/js/v1/swg.js(Line 10) Message: SwG needs this article to define a product ID (e.g. example.com:premium). Articles can define a product ID using JSON+LD. SwG can check entitlements after this article defines a product ID.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072801.js?31062048(Line 6) Message: [GPT] To reserve space and reduce layout shifts, consider setting min-width=150px, min-height=50px styles on the div element with id=sponsor. Learn more: https://developers.google.com/publisher-tag/guides/minimize-layout-shift
console-api	log	URL: https://www.nytimes.com/vi-assets/static-assets/main-e5c45c4f02c48912a54d.js(Line 51) Message: Service Worker: content is cached

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
adservice.google.com
adservice.google.fr
c.go-mpulse.net
c7fb0afd9e56950a7d8a3a068c4c06fc.safeframe.googlesyndication.com
dd.nytimes.com
fonts.gstatic.com
g1.nyt.com
insight.adsrvr.org
iteratehq.com
meter-svc.nytimes.com
mwcm.nyt.com
mwcm.nytimes.com
myaccount.nytimes.com
news.google.com
pagead2.googlesyndication.com
platform.iteratehq.com
play.google.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
securepubads.g.doubleclick.net
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.nytimes.com
142.250.74.194
151.101.13.164
216.58.212.166
2600:9000:2190:5600:18:1fcd:34f:cdc1
2600:9000:2190:e200:a:a8c5:a040:93a1
2606:4700:3032::ac43:c7c7
2606:4700:3037::6815:24db
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:80e::2013
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2013
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2013
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a02:26f0:6c00:1b8::11a6
2a02:26f0:6c00:287::11a6
34.206.194.65
35.241.35.241
52.50.64.214
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
10a49331ae39d37824344d3c4ba6106209852354bfd21006239f7991f154d430
12a8c29009192b45eacf54d78a49fad7b62982df7b4404246381937f5d52c6bb
156f9b4a184dd0f31c929ce45c89e94a07148f97fc371cc7fde39ff04b706b57
174c4e6968daecb869a33990dd48fca05177fc6198c6579a98aaa3ddaab04502
182331bf2d6618498776e7ea1d47fea5bc968c4ebcc0de38e1b2129f610b28e6
19c39570ad958bac600715d59557e100e3e5ffd544066c378d1094bc588db021
1a48c22120ff01abb38156633970addec986b69af1e59bfaf9b8abb6673f78c7
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1c7536005d0e28de66f559cbd59e83e9c5c4301553668cbbb8cb0dfa753e33c6
254043432874ecaf0cf3d6d69907109b373057290d615453060544935d1cb8b9
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2f4727f91ecc6b3c13c28d39675aaf9b82d846c20d72b8c35209b975d037d52f
3199ef85204442ae5b8e3c54d29219fbb17ccd70d3e7d94f62a2750c587ab8d2
3d72714ff5d9fd247eb1d6ae5aa6bb5d0fdd931225f31b43a7bd0fe08f22ae9c
41c541bea80652de33834db1c88231c7a166335b967e6b7cf96a3fd9d3eb16ac
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e4a23aabda94a886477bcb9b8e5bed6038f0104bd3022a18abd100d7d366f5
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
4d41bce1e64d901b708a2f246cad8321f5a4a1053fb2558d255ee91e7b80ce97
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5611e6db97c3e4e3652ec5ca7e4e4bad163d8956ccff61353fd884ee8256935d
561afb3d7752be571757cd8077c9d8c0725ed876487cd499e68faa219e733754
590bf642b0b026c63e98a9330f03b2c57727e33a6db9b3ba76f79c26c1cc2d15
5b36a482cd0f1faf223eaa41c1ca61103751d83c9401e3059380b02ee0bdc202
5ca2814a7ca81e39493fcbd9a65df24fce95826a7705350e25b8268de7a7c6a2
5d0e7f6403125d05407581b80cf26d7a3386d3838cfd000307ef6753828f1863
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
696bded8115ff4b143716f1beddb44fbc8ba1e0ffd56481cb4572abf1e37e208
6ae0717284fedcd288672678d007cac275075fe55ae894a442d90137def2429d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bd7d10232af2833a94e7253b24a72c60a81ba1bef4cedb99e97a23059b20fbd
6c21f4dce31457221690de305c484ec6ed8d1dff84a8cc2843c610bf0e7cc8e2
6da391563cef8d05769e8741cdc4c1f441127a49a5e2a48a33be0a033501f6a8
6de706923eaa7411b5bc9dfcc2de58c8950a85454fc1aa386f3537b19f861d5a
7090ec72d229fdd7558a03e078c0ef6200fdc2feef6431643a27e15ea9aebd6a
721fcbbfa6c9d9a6df9e326e8daf58547afa5a1b9a63e9e9fcafd1f265b5a407
72bccc629b7765fde0b892cb0ddf7fe3f90894256ba05297b4227e0af6139dd9
755f8ae0f2201f5d0e63c5d3eef7baa1119089de1f1dec534533f0b3900b1644
77a92318443d095c0a856fe9db90ed1541b8a7c398767288526f36cf209c2dd4
7a55fbb0fb94ea6ed9f0c1dcbca21e2b25263e908910b76723004db784786ed8
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
81d7b3b405b8c81d1b233ed75cdde317d6ded07e3004a12343346f0c0d983066
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8d1d38bd5538c7e5b92abc533695f23ebd13f8e13879d457e1a391a506afcb2f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9200670b263ef60196b4bd2237317ba919080e4b23552352427c634f090c1a02
9788fd1c9088a019322cfa012287884eb7c2b1c9c3c41165da75887fb85b8014
a13d866948dfb0530a96b50183e8de5c973a0d870192ac9ab2a90bbb44d6969b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a948a4464f5fd459e65b35799dc65da324e59d9f307e12c51a34471186631d3e
b19809e417235390879d70a01816f56bbc21145463e82e2b1370e71a2dedca1a
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
ba22e81cc5380a90767ec6dcc9ffb9b34b52d386eafa93411a2479df3a0db16e
ba9612d33390d26a1ff5a343298d11a65b81ae884eb4380a034662552de56aa4
be02a900b9ca948ecd29a75a7f01aff05abbc7d3cfe7b90ee63dcaadb86cf2a7
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c06e14fbbce575d2ff577427ee9cfc81e3f3facd531ab0cd51a0c89d0e6eb5b1
c0ec4afe344c086bc95ae4593c092460b527a5a5c0704e1c05cef34b2b648000
c0f95f1061f2ad6453579bcfc7d716149815d515c8ea794a85f510da8a038e00
c9cfdeba6640fa7082056d4de52f25b679d7177e056ef3f52b4b6762e22f815b
ca531b0d5c7639183f0847835b179bf988c8f037e5e2d2c937c6775f86b5e567
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3c96c3a486dc7dbf277a94123ba4572ed04081dfeb6944e3a3a691f40dafa8f
ddf51810a00b4c263a381af609a93c115c0169e08819dd88c5f182c717e4531f
e1c6210b2649e16444a8282fb40ee694c0a8bfc1508c2ebe900432ae17338bc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8cd71d015bba6cf5c7f2d86dc88125e2a98673722cd26e0bee6386402b07fb4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a5739dddb4cafc90316e8df5a4ce084f0fe7f3e9657922a6a9d0024b6ba0dc
f19b9f81b3d1bbe85c88f609e4b5249a28e0318ecb6a2d3f1fb5049ea9fc35a2
f6b5ddc10d0f9b4c3f6449b88a5b7601beb45ab5162009e157a7ee5574272f61
fbd00f0cb2bcd19c938952158fec5ee30bc1d1121471c95c12ee0ab3f9293a8c
fbfb65fcdad969b2d3a6c49382d8d381f845a9d9d308ecb78d06b5b69dc86f04
fc9afe394f66ab7590d2e8b318b3c1cf084e794bee1632afda901fd88c78c8fc

www.nytimes.com Open in urlscan Pro 151.101.13.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

136 Requests

100 %HTTPS

78 %IPv6

14 Domains

34 Subdomains

27 IPs

3 Countries

2533 kBTransfer

7631 kBSize

25 Cookies

19 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nytimes.com Open in urlscan Pro
151.101.13.164 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

100 %
HTTPS

78 %
IPv6

14
Domains

34
Subdomains

27
IPs

3
Countries

2533 kB
Transfer

7631 kB
Size

25
Cookies

136 HTTP transactions
0 data transactions