www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Submission: On July 26 via api (July 26th 2022, 6:06:52 pm UTC) from US — Scanned from DE

Summary HTTP 163 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 35 IPs in 3 countries across 20 domains to perform 163 HTTP transactions. The main IP is 151.101.1.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 3295.
TLS certificate: Issued by Thawte RSA CA 2018 on March 14th 2022. Valid for: a year.

This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	151.101.1.164 151.101.1.164	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
17	34.192.116.222 34.192.116.222	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.129.164 151.101.129.164	54113 (FASTLY) (FASTLY)
13	151.101.65.164 151.101.65.164	54113 (FASTLY) (FASTLY)
8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4	52.222.236.105 52.222.236.105	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.35.241 35.241.35.241	15169 (GOOGLE) (GOOGLE)
2	52.207.181.173 52.207.181.173	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400e:80f::2013	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:a800:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:79b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	3.69.41.135 3.69.41.135	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:e04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.30.25.219 52.30.25.219	16509 (AMAZON-02) (AMAZON-02)
1	52.72.129.95 52.72.129.95	14618 (AMAZON-AES) (AMAZON-AES)
24	193.108.153.4 193.108.153.4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:223... 2600:9000:223f:7a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:585::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2600:1f13:800... 2600:1f13:800:7780:f624:f845:e5e1:e65	16509 (AMAZON-02) (AMAZON-02)
2	213.254.244.110 213.254.244.110	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	3.74.200.12 3.74.200.12	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:287::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
163	35

28 151.101.1.164 (United States)

ASN54113 (FASTLY, US)

www.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static01.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myaccount.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwcm.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.192.116.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-116-222.compute-1.amazonaws.com

a.et.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.164 (United States)

ASN54113 (FASTLY, US)

samizdat-graphql.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.65.164 (United States)

ASN54113 (FASTLY, US)

g1.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
typeface.nyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
csp.dev.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.236.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-105.fra56.r.cloudfront.net

dd.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.35.241 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 241.35.241.35.bc.googleusercontent.com

meter-svc.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.181.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-181-173.compute-1.amazonaws.com

a.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80f::2013 (Ireland)

ASN15169 (GOOGLE, US)

purr.nytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

5290727.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:a800:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:79b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.brandmetrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.69.41.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-41-135.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.25.219 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-25-219.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.129.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-129-95.compute-1.amazonaws.com

pnytimes.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 193.108.153.4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-4.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:7a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:585::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f13:800:7780:f624:f845:e5e1:e65 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.254.244.110 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.74.200.12 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-200-12.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:287::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	nytimes.com www.nytimes.com — Cisco Umbrella Rank: 3295 a.et.nytimes.com — Cisco Umbrella Rank: 6711 samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 8757 als-svc.nytimes.com Failed myaccount.nytimes.com — Cisco Umbrella Rank: 12412 dd.nytimes.com — Cisco Umbrella Rank: 11520 meter-svc.nytimes.com — Cisco Umbrella Rank: 11949 a.nytimes.com — Cisco Umbrella Rank: 8213 purr.nytimes.com — Cisco Umbrella Rank: 8584 mwcm.nytimes.com — Cisco Umbrella Rank: 11844 csp.dev.nytimes.com — Cisco Umbrella Rank: 38156	1 MB
30	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1055 secure-ds.serving-sys.com — Cisco Umbrella Rank: 1714 lm.serving-sys.com — Cisco Umbrella Rank: 1728	2 MB
16	nyt.com g1.nyt.com — Cisco Umbrella Rank: 10026 static01.nyt.com — Cisco Umbrella Rank: 6336 a1.nyt.com — Cisco Umbrella Rank: 8629 typeface.nyt.com — Cisco Umbrella Rank: 29556	391 KB
12	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 570 static.adsafeprotected.com — Cisco Umbrella Rank: 559 dt.adsafeprotected.com — Cisco Umbrella Rank: 499	96 KB
11	googlesyndication.com c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159 pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	47 KB
11	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 5290727.fls.doubleclick.net — Cisco Umbrella Rank: 10105 ad.doubleclick.net — Cisco Umbrella Rank: 202	171 KB
4	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 6793 iteratehq.com — Cisco Umbrella Rank: 6249	32 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 461 tps.doubleverify.com — Cisco Umbrella Rank: 464 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 9601	111 KB
4	fonts.net fast.fonts.net — Cisco Umbrella Rank: 3005	29 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1132 c.go-mpulse.net — Cisco Umbrella Rank: 509	51 KB
2	brandmetrics.com cdn.brandmetrics.com — Cisco Umbrella Rank: 3162	16 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
1	chartbeat.net pnytimes.chartbeat.net — Cisco Umbrella Rank: 7753	201 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	43 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 616	261 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1167	15 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8252	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	106 KB
0	akamaihd.net Failed trial-eum-clientnsv4-s.akamaihd.net Failed trial-eum-clienttons-s.akamaihd.net Failed
163	20

	Domain	Requested by
24	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com www.nytimes.com c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
17	a.et.nytimes.com	www.nytimes.com myaccount.nytimes.com
10	www.nytimes.com	www.nytimes.com
9	g1.nyt.com	www.nytimes.com g1.nyt.com
8	samizdat-graphql.nytimes.com	www.nytimes.com
7	dt.adsafeprotected.com	c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
7	myaccount.nytimes.com	www.nytimes.com myaccount.nytimes.com
7	securepubads.g.doubleclick.net	www.nytimes.com securepubads.g.doubleclick.net c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com www.googletagservices.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	fast.fonts.net	c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com fast.fonts.net www.nytimes.com
4	bs.serving-sys.com	c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com secure-ds.serving-sys.com
4	tpc.googlesyndication.com	c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	dd.nytimes.com	www.nytimes.com dd.nytimes.com myaccount.nytimes.com
4	static01.nyt.com	www.nytimes.com
3	csp.dev.nytimes.com	s.go-mpulse.net myaccount.nytimes.com
3	static.adsafeprotected.com	pixel.adsafeprotected.com c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
2	iteratehq.com	platform.iteratehq.com
2	platform.iteratehq.com	www.nytimes.com platform.iteratehq.com
2	typeface.nyt.com	myaccount.nytimes.com
2	lm.serving-sys.com	secure-ds.serving-sys.com
2	cdn.doubleverify.com	c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com www.nytimes.com
2	pixel.adsafeprotected.com	1 redirects c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
2	ad.doubleclick.net	1 redirects c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
2	cdn.brandmetrics.com	www.googletagmanager.com cdn.brandmetrics.com
2	5290727.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com	securepubads.g.doubleclick.net c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
2	a.nytimes.com	www.nytimes.com myaccount.nytimes.com
2	adservice.google.com	securepubads.g.doubleclick.net 5290727.fls.doubleclick.net
1	tpsc-frc.doubleverify.com	cdn.doubleverify.com
1	www.google.com	tpc.googlesyndication.com
1	c.go-mpulse.net	s.go-mpulse.net
1	s.go-mpulse.net	myaccount.nytimes.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	pnytimes.chartbeat.net	www.nytimes.com
1	www.googletagservices.com	c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
1	insight.adsrvr.org	www.nytimes.com
1	a1.nyt.com	www.nytimes.com
1	static.chartbeat.com	www.nytimes.com
1	mwcm.nytimes.com	www.nytimes.com
1	purr.nytimes.com	www.nytimes.com
1	meter-svc.nytimes.com	www.nytimes.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	www.nytimes.com
0	trial-eum-clienttons-s.akamaihd.net Failed	myaccount.nytimes.com
0	trial-eum-clientnsv4-s.akamaihd.net Failed	myaccount.nytimes.com
0	als-svc.nytimes.com Failed	www.nytimes.com
163	47

This site contains links to these domains. Also see Links.

Domain
myaccount.nytimes.com
www.cftc.gov
home.treasury.gov
www.cnbc.com
twitter.com
help.nytimes.com
www.nytco.com
nytmediakit.com
www.tbrandstudio.com

Subject Issuer	Validity	Valid
nytimes.com Thawte RSA CA 2018	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
a.et.nytimes.com R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
dd.nytimes.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-03` - `2023-04-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
a.nytimes.com R3	`2022-06-17` - `2022-09-15`	3 months	crt.sh
purr.nytimes.com GTS CA 1D4	`2022-07-11` - `2022-10-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
lm.serving-sys.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Frame ID: ABF45B11DF09F4FC99D4E64A6E224C09
Requests: 72 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/prefetch-assets
Frame ID: 48674662F00A22EA05CBB77448EB0519
Requests: 3 HTTP requests in this frame

Frame: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E8DB26F9F26CC6781B68D19AACD4C0BF
Requests: 36 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGcss-Sl_kCFQrVGQodJkAH6A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=1960796568.1658858807;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html
Frame ID: CF81A379DD5F38481E526C6B0593F5AD
Requests: 2 HTTP requests in this frame

Frame: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Frame ID: A9067AB3DB5562C98B65B25A5908873A
Requests: 19 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2930.js
Frame ID: 48F20A3B8D3F28D50A1F3D4D54319C2A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 915BE20FBA59FE360F571B61AF9D1857
Requests: 1 HTTP requests in this frame

Frame: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Frame ID: F0857D44116284EE526E3EC8204AC324
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BCF037E809ECCB0F6EA9AB4654CBAD10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDAC47BF7955C8FA6D79D6E37483E77F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kraken, a U.S. Crypto Exchange, Is Suspected of Violating Sanctions - The New York Times

Detected technologies

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

backbone.*\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

163
Requests

96 %
HTTPS

53 %
IPv6

20
Domains

47
Subdomains

35
IPs

3
Countries

4274 kB
Transfer

9862 kB
Size

32
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://myaccount.nytimes.com/auth/login?response_type=cookie&client_id=vi&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignId%3D7JFJX&asset=masthead
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.cftc.gov/PressRoom/PressReleases/8450-21
Title: fined

Search URL Search Domain Scan URL

URL: https://www.cftc.gov/PressRoom/PressReleases/8433-21
Title: a $1.25 million penalty

Search URL Search Domain Scan URL

URL: https://home.treasury.gov/system/files/126/virtual_currency_guidance_brochure.pdf
Title: manual

Search URL Search Domain Scan URL

URL: https://home.treasury.gov/policy-issues/financial-sanctions/recent-actions/20201230_33
Title: BitGo

Search URL Search Domain Scan URL

URL: https://home.treasury.gov/policy-issues/financial-sanctions/recent-actions/20210218
Title: BitPay

Search URL Search Domain Scan URL

URL: https://www.cnbc.com/2018/04/19/kraken-cryptocurrency-exchange-says-it-will-not-comply-with-new-york-inquiry.html
Title: refused

Search URL Search Domain Scan URL

URL: https://twitter.com/jespow/status/986700932778934273
Title: Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/jespow/status/1498112744754606081?lang=en
Title: loudest voices

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014792127-Copyright-notice
Title: © 2022 The New York Times Company

Search URL Search Domain Scan URL

URL: https://www.nytco.com/
Title: NYTCo

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015385887-Contact-Us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115015727108-Accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.nytco.com/careers/
Title: Work with us

Search URL Search Domain Scan URL

URL: https://nytmediakit.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.tbrandstudio.com/
Title: T Brand Studio

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893428-Terms-of-service
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us/articles/115014893968-Terms-of-sale
Title: Terms of Sale

Search URL Search Domain Scan URL

URL: https://help.nytimes.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=1960796568.1658858807;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html HTTP 302
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGcss-Sl_kCFQrVGQodJkAH6A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=1960796568.1658858807;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html

Request Chain 70

https://ad.doubleclick.net/ddm/trackimp/N1045817.2748817THENEWYORKTIMES/B28058327.340711169;dc_trk_aid=533002444;dc_trk_cid=174630147;ord=1252459311;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1045817.2748817THENEWYORKTIMES/B28058327.340711169;dc_pre=CJLusc-Sl_kCFZE64AodnHQJzQ;dc_trk_aid=533002444;dc_trk_cid=174630147;ord=1252459311;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 86

https://pixel.adsafeprotected.com/rfw/st/1095107/64374589/skeleton.js?adsafe_url=https%3A%2F%2Fwww.nytimes.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6c8aaf80-72a3-86ee-c514-268585bf0802,c:juVSgV,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-88cbdf49d-hdg9b,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.1600.0,am:i,cc:NaN.NaN.1600.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,an:n,oam:0,mtim:107,mot:0,app:0,maw:0,fm:tcIyv0Z+11%7C12%7C13*.1095107-64374589%7C131%7C14%7C15%7C16,idMap:13*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:129,oid:b6c36d06-0d0d-11ed-813f-7635d14da0de,v:19.8.333,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

163 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request kraken-crypto-iran.html Show response
www.nytimes.com/2022/07/26/technology/ 222 KB
67 KB 68ms
15ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1c80ac01827e533d07537931c9bb185fbb72e48757d7612206b792d3dde7d5e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 122
cache-control: s-maxage=300,no-cache
content-encoding: gzip
content-length: 66506
content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Tue, 26 Jul 2022 18:06:44 GMT
fastly-restarts: 1
last-modified: Tue, 26 Jul 2022 18:04:42 GMT
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/2022/07/26/technology/kraken-crypto-iran.html
server: nginx
strict-transport-security: max-age=63072000; preload; includeSubdomains
vary: Accept-Encoding, Fastly-SSL
x-api-version: F-F-VI
x-b3-traceid: a017f366ce60443bb99bd5a624cec061
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-cloud-trace-context: bee529d4e93fd9fdecdb9ec02c0e8f98/1776855459751755358
x-content-type-options: nosniff
x-datadome: protected
x-datadome-timer: S1658858692.895543,VS0,VE8
x-frame-options: DENY
x-gdpr: 1
x-nyt-app-webview: 0
x-nyt-data-last-modified: Tue, 26 Jul 2022 18:04:42 GMT
x-nyt-edge-cache: HIT-HIT
x-nyt-route: vi-story
x-origin-time: 2022-07-26 18:04:51 UTC
x-pagetype: vi-story
x-scoop-last-modified: 2022-07-26T18:04:39.377Z
x-served-by: cache-lga13626-LGA, cache-fra19180-FRA
x-timer: S1658858805.808547,VS0,VE7
x-xss-protection: 1; mode=block

GET
H2 200 web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
g1.nyt.com/fonts/css/ 60 KB
11 KB 52ms
7ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=YzYKVQ==, md5=CuW47LYv9kJKcdyJMDIT9Q==
date: Tue, 26 Jul 2022 18:06:44 GMT
content-encoding: gzip
content-type: text/css; charset=utf-8
age: 7250084
x-guploader-uploadid: ADPycdtp3zlyaGMN2P4BAxclCfyXuB6ZGUbngiI4XI-StnQTUKe4_0pdwKBamc4qOAlXujd1lYDKsHNHb1XpELDrqDSz6HS1J58y
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 10629
via: 1.1 varnish
x-served-by: cache-fra19180-FRA
accept-ranges: bytes
expires: Wed, 03 May 2023 20:12:00 GMT
last-modified: Tue, 03 May 2022 17:15:49 GMT
server: UploadServer
x-timer: S1658858805.876485,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1651598149653041
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 9789
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 47414

GET
H2 200 global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/ 6 KB
3 KB 14ms
13ms Stylesheet
text/css 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176

Security Headers

Name

Value

Content-Security-Policy

upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 88606
x-guploader-uploadid: ADPycdu7xSc0SpFTvHyK3sBrfCGJCYxAHjo3Nji7WKwMUODd2Wtelf5IySpXXDgkk_Q_bL1yOkjCTga3Trs4-9c3yNmwGqoQn329
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-25 17:29:58 UTC
x-served-by: cache-fra19180-FRA
x-timer: S1658858805.832614,VS0,VE1
etag: "e74f8b7c668251280cf3e52e20455a1c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
content-type: text/css; charset=utf-8
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 2143
date: Tue, 26 Jul 2022 18:06:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 1968
last-modified: Mon, 25 Jul 2022 17:22:57 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-goog-generation: 1658769777669754
expires: Tue, 25 Jul 2023 17:29:58 GMT
x-gdpr: 1
x-goog-stored-content-length: 5656
accept-ranges: bytes

GET
H2 200 adslot-395fb592b001dcbf0087.js Show response
www.nytimes.com/vi-assets/static-assets/ 20 KB
8 KB 17ms
16ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/adslot-395fb592b001dcbf0087.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8ab64242d94636e6921ee396ebb6f739425c160c7497ae3851ba03e6f4356ee0

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 513602
x-guploader-uploadid: ADPycdtpDoL8p74jL5VsOrbxlAlgXkCO0DS96q2CHJdumke9S2iR-EYTmjEdAltm0UxtqwhDTcpzxN8KkXlu9gef8Jxktw
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-20 19:26:44 UTC
x-served-by: cache-fra19180-FRA
x-timer: S1658858805.855202,VS0,VE1
etag: "10a55137cb4c819e22adb3439cf11006"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-395fb592b001dcbf0087.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 13737
date: Tue, 26 Jul 2022 18:06:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 7366
last-modified: Wed, 20 Jul 2022 19:01:29 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=3U5MYw==, md5=EKVRN8tMgZ4irbNDnPEQBg==
x-goog-generation: 1658243516563639
expires: Thu, 20 Jul 2023 19:26:43 GMT
x-gdpr: 1
x-goog-stored-content-length: 20914
accept-ranges: bytes

GET
H2 200 00kraken-sanctions-jumbo.jpg
static01.nyt.com/images/2022/07/25/business/00kraken-sanctions/ 33 KB
34 KB 40ms
13ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/07/25/business/00kraken-sanctions/00kraken-sanctions-jumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f85c8246355b43852fb27803325aae402644d8d73e095e4aa49fccc5b272a457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:44 GMT
via: 1.1 varnish, 1.1 varnish
content-type: image/webp
age: 697
x-guploader-uploadid: ADPycduuy0tglAj5_O2S84ukQoOBt3R9Z30YRIrjNCAg2a0k8y2GiKRe5sNGXrkuwG63ss9vhT4LUKnZvgWCGHZKmrdzOg
x-cache: HIT, HIT
fastly-io-info: ifsz=92066 idim=1024x820 ifmt=jpeg ofsz=34250 odim=1024x820 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 34250
x-served-by: cache-iad-kjyo7100079-IAD, cache-fra19180-FRA
server: UploadServer
x-timer: S1658858805.900654,VS0,VE1
etag: "xg96wZC9hUDbD/zEf07OEjP4iQaRVDIAQml09n5hGTc"
vary: Accept
x-goog-hash: crc32c=nz797A==, md5=K7Rqcq6s8VLb1iprpJxYoA==
x-goog-generation: 1658858085122497
access-control-allow-origin: *
expires: Tue, 26 Jul 2022 17:55:07 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 92066
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 author-ryan-mac-thumbLarge.png
static01.nyt.com/images/2021/09/10/reader-center/author-ryan-mac/ 22 KB
23 KB 23ms
8ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2021/09/10/reader-center/author-ryan-mac/author-ryan-mac-thumbLarge.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6f18dd91d5ad66be8c7e11ae391fdb867a9a26578aa6f120e06243a167094941

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:44 GMT
via: 1.1 varnish, 1.1 varnish
content-type: image/png
age: 559745
x-guploader-uploadid: ADPycdvsJkJCxIWUaUC6nluVF94muNxDofzhlyS6RAwtPC_1RqxWJPkfHECiL329L0BfOfdezcoLIt5jpIYR3e4gy4W-AXVVFem7
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 22728
x-served-by: cache-iad-kiad7000141-IAD, cache-fra19180-FRA
last-modified: Fri, 10 Sep 2021 18:17:30 GMT
server: UploadServer
x-timer: S1658858805.900490,VS0,VE0
etag: "be7041671be0676504255213edcf8a35"
vary: Origin
x-goog-hash: crc32c=JT8DkA==, md5=vnBBZxvgZ2UEJVIT7c+KNQ==
x-goog-generation: 1631297850412151
access-control-allow-origin: *
expires: Wed, 29 Jun 2022 06:35:28 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 22728
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 author-david-yaffe-bellany-thumbLarge.png
static01.nyt.com/images/2022/01/25/reader-center/author-david-yaffe-bellany/ 23 KB
23 KB 11ms
7ms Image
image/png 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/01/25/reader-center/author-david-yaffe-bellany/author-david-yaffe-bellany-thumbLarge.png
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2f373524cea87a1603daa05d473a93069066422320438f5842d71af55e3e56e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:44 GMT
via: 1.1 varnish, 1.1 varnish
content-type: image/png
age: 88833
x-guploader-uploadid: ADPycdu8I7DhqQZ0KcIBlEnG7_xkeM0jIeWEZraieeuP-KPvKe8mjeBAwaO8iqOIOsU3-YudUsgU_oD49w1ORZcw7zG3gvLi80hW
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 23437
x-served-by: cache-iad-kjyo7100035-IAD, cache-fra19180-FRA
last-modified: Tue, 25 Jan 2022 18:24:06 GMT
server: UploadServer
x-timer: S1658858805.924784,VS0,VE0
etag: "a7332772ab1da6cb6cc184528c400c4b"
vary: Origin
x-goog-hash: crc32c=NKVkaA==, md5=pzMncqsdpstswYRSjEAMSw==
x-goog-generation: 1643135046882077
access-control-allow-origin: *
expires: Mon, 18 Jul 2022 17:26:01 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 23437
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 2

GET
H2 200 vendor-6590b33d4cb850db967c.js Show response
www.nytimes.com/vi-assets/static-assets/ 214 KB
63 KB 17ms
13ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b8defb7001106e8b95554e18c4bd93b9b054b1a489169d3dfc558ae446048993

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 2928125
x-guploader-uploadid: ADPycdvtOBkH-JjTMFxCAdROUYsBpzEFYF6A6NC6SAeEaNQfWsuE78xhw-e5ulUJ4mmaHbRSGVQKptLdS2nCvi6aOXCmew
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-22 20:44:40 UTC
x-served-by: cache-fra19180-FRA
x-timer: S1658858805.925146,VS0,VE1
etag: "b75822cbef7de86ec44450c02f1a5b75"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-6590b33d4cb850db967c.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 57311
date: Tue, 26 Jul 2022 18:06:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 64035
last-modified: Wed, 22 Jun 2022 20:31:02 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=Z9tGOA==, md5=t1giy+996G7ERFDALxpbdQ==
x-goog-generation: 1655929861916886
expires: Thu, 22 Jun 2023 20:44:40 GMT
x-gdpr: 1
x-goog-stored-content-length: 219560
accept-ranges: bytes

GET
H2 200 story-926069ddefaae49b9b6a.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
350 KB 29ms
25ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/story-926069ddefaae49b9b6a.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eb4665582f23b215d81696e9978946bada1f7fb854a31d65b8070a1386873073

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 12309
x-guploader-uploadid: ADPycdtpOuqCzBB_ABN3P2dCb5meH4dr9adpbssB1wA3H9mSyRuAht-nnB7GSKkrtYiuxsQYZc-k8oPkTqkVN0MtkjCpNQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-26 14:41:35 UTC
x-served-by: cache-fra19180-FRA
x-timer: S1658858805.925733,VS0,VE1
etag: "b60159b8564af4f9d7a32ee841051ce9"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/story-926069ddefaae49b9b6a.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 8
date: Tue, 26 Jul 2022 18:06:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 356649
last-modified: Tue, 26 Jul 2022 14:28:50 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=4JV/Sg==, md5=tgFZuFZK9PnXoy7oQQUc6Q==
x-goog-generation: 1658845730167608
expires: Wed, 26 Jul 2023 14:41:35 GMT
x-gdpr: 1
x-goog-stored-content-length: 1317304
accept-ranges: bytes

GET
H2 200 main-2613cfbe6811f3320a35.js Show response
www.nytimes.com/vi-assets/static-assets/ 1 MB
366 KB 15ms
13ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/main-2613cfbe6811f3320a35.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

7d1bb44f4a9afc5526b5478d0ea17271cdec11651a7b7a6486dbb07965a73c76

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 88605
x-guploader-uploadid: ADPycdvpl_jBE511G9UnCubN4dGHECL239r78VnvXyhsZt5fyOXM3Eu0RH_E5KUL2PyPpiaOQ6vv4sZT-S8eebawWi_ycatO9Umy
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-25 17:29:59 UTC
x-served-by: cache-fra19180-FRA
x-timer: S1658858805.925146,VS0,VE1
etag: "f8f255e6176aa457e4e9e2d0a2f51f0b"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-2613cfbe6811f3320a35.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 9
date: Tue, 26 Jul 2022 18:06:44 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 373855
last-modified: Mon, 25 Jul 2022 17:22:58 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=2uH/kg==, md5=+PJV5hdqpFfk6eLQovUfCw==
x-goog-generation: 1658769778475578
expires: Tue, 25 Jul 2023 17:29:59 GMT
x-gdpr: 1
x-goog-stored-content-length: 1304515
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 393 KB
106 KB 89ms
26ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9794798e80b40e84e88058f9b4d65f6ccfa351207036280384f7a2c36c6edc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:44 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108204
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 368ms
121ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 148 B
884 B 23ms
18ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389

Request headers

Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5
nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
nyt-app-type: project-vi
Content-Type: application/json

Response headers

content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: PM
x-b3-traceid: 39b25720f92b660b-41c6bd2205e9d60e-0
age: 18
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: 1d35dc3080ced626
samizdat-x-canary: false
x-nyt-country: DE
x-timer: S1658858805.014584,VS0,VE1
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
x-nyt-region: BY
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
x-cache-hits: 3
x-samizdat-query-sup-code
date: Tue, 26 Jul 2022 18:06:45 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: HIT
samizdat-x-instance: a52c4aa6
x-envoy-upstream-service-time: 19
content-length: 123
server: envoy
x-served-by: cache-fra19180-FRA
access-control-allow-credentials: true
x-datadog-trace-id: 39b25720f92b660b-41c6bd2205e9d60e-0
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 91ms
12ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 22
cache-control: max-age=30
content-length: 0
date: Tue, 26 Jul 2022 18:06:44 GMT
samizdat-x-canary: false
samizdat-x-instance: 39635475
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 5da266097954520d-67ee5b59828779c3-0
x-cache: HIT
x-cache-hits: 2
x-datadog-trace-id: 5da266097954520d-67ee5b59828779c3-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 15
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: 992a94cc339c02d2
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19161-FRA
x-timer: S1658858805.987669,VS0,VE1

GET als
als-svc.nytimes.com/ 0
0

GET
H2 200 franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/ 19 KB
20 KB 51ms
11ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
date: Tue, 26 Jul 2022 18:06:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8381887
x-guploader-uploadid: ADPycdslCkX-ykRwNlstBtNVl1g0K0zeH9JvGn8pRHuodjoMmHWLEqiWJ9nrgJAOv4ckjYOJX3ojlQO2nEwOvscoon-XEw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 19816
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:37 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1658858805.986196,VS0,VE0
etag: "0f4aea3d462cdb64748629efcbbf36bc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180561781
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 19816
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14465

GET
H2 200 franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 52ms
12ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
date: Tue, 26 Jul 2022 18:06:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8381887
x-guploader-uploadid: ADPycduEtqAI3BIksnb04NCNVhDBaeBU7Z-r9hxl5u1ll7LAAtl2wIBB8vM6JlXaNssSzuyhr1j2gbv_2RZ3LziXjH-6Lb3am3Vo
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20276
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:37 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1658858805.986715,VS0,VE0
etag: "91eaf6b5642463af4091160b4bbfdfcb"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180610251
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20276
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14413

GET
H2 200 cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
29 KB 61ms
22ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-400.a3ed7afe3eaa0a873f3fbd379f8c491b.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=qrdFGQ==, md5=o+16/j6qCoc/P703n4xJGw==
date: Tue, 26 Jul 2022 18:06:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 11381898
x-guploader-uploadid: ADPycdtCqsPnOyDqaY5AVVQFDUtW2hEoiPNf3Sdz27mHUZQ7LcrqJbc2HECo03yFFNZRkcjjM4mGA0B70g9GvXhd2Zk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 29076
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:28:26 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1658858805.986938,VS0,VE0
etag: "a3ed7afe3eaa0a873f3fbd379f8c491b"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982705223
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 29076
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 12221

GET
H2 200 cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
g1.nyt.com/fonts/family/cheltenham-small/ 20 KB
20 KB 61ms
22ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-400.108ce298d451197b23fefceb3e36959f.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=jpfQKQ==, md5=EIzimNRRGXsj/vzrPjaVnw==
date: Tue, 26 Jul 2022 18:06:44 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 21664626
x-guploader-uploadid: ADPycduOrhjba74-CeRc3F9k_9vFN2QMWqkEBhI_NbkUXB0LpkmOIsecIGAI0nwwt8znlr9CmC9Sum3OzIxqJbC3VsM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:09:37 GMT
last-modified: Wed, 15 Sep 2021 19:43:03 GMT
server: UploadServer
x-timer: S1658858805.986983,VS0,VE0
etag: "108ce298d451197b23fefceb3e36959f"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734983132414
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 10346

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 99ms
34ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/adslot-395fb592b001dcbf0087.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

8c8c711ae326e270e5765f36c2400185ac2cb36c150f63dd6aa0a210a6a9bfad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28394
x-xss-protection: 0
server: sffe
etag: "1284 / 48 of 1000 / last-modified: 1658833688"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 26 Jul 2022 18:06:45 GMT

GET
H2 200 imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/ 26 KB
26 KB 24ms
23ms Font
font/woff2 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
date: Tue, 26 Jul 2022 18:06:45 GMT
via: 1.1 varnish
content-type: font/woff2
age: 4036104
x-guploader-uploadid: ABg5-Uz3hE8t7c7KmBAPaa9SFjDOLTRqROzLa__9wr3zN8V5NVQVhY3Y8FLTTFTOPGqoE8SQ-1jh0U4weO-DT15uiEzm9-uuSA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 26504
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Fri, 10 Jun 2022 00:58:17 GMT
last-modified: Tue, 06 Apr 2021 21:11:53 GMT
server: UploadServer
x-timer: S1658858805.038797,VS0,VE0
etag: "6131cd77b6e216c7693ed925f4309ffc"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1617743513818473
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 26504
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 14332

GET
H2 200 cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
g1.nyt.com/fonts/family/cheltenham/ 28 KB
28 KB 26ms
25ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-italic-700.f99a0459024509f157a3352e5de4f873.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=4NwmFQ==, md5=+ZoEWQJFCfFXozUuXeT4cw==
date: Tue, 26 Jul 2022 18:06:45 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 11383229
x-guploader-uploadid: ADPycdtWUA73QKVflqS1lerBMV2SQeHK8ZYw9J-aQW2oYpZ6ZIE6yiUzGL1oJb9mmk7YcAQPLrAkGXbUOfKlVaiK-74
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 28620
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Fri, 17 Mar 2023 00:06:16 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1658858805.038842,VS0,VE0
etag: "f99a0459024509f157a3352e5de4f873"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982696426
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 28620
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 7988

GET
H2 200 cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/ 27 KB
27 KB 25ms
25ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
date: Tue, 26 Jul 2022 18:06:45 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 21667357
x-guploader-uploadid: ADPycdujO_lEKeKnl2kv2kfTdn-yFlbu_HRTBBnw3dPqmkA8asN5-R_Yx_Hnv6mzAXfXWOpkCfRb_9CsWoSF5H_YQH4ZPLv3Sw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 27260
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Thu, 17 Nov 2022 23:24:07 GMT
last-modified: Wed, 15 Sep 2021 19:43:02 GMT
server: UploadServer
x-timer: S1658858805.038878,VS0,VE0
etag: "7ea91ebd036309e1fe756ee3aab272da"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1631734982738365
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 27260
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 11482

GET
H2 200 franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
g1.nyt.com/fonts/family/franklin/ 20 KB
20 KB 36ms
36ms Font
application/octet-stream 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://g1.nyt.com/fonts/family/franklin/franklin-normal-300.a6479a5200f9a6352bdb71589c27c9c3.woff2
Requested by: Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a

Request headers

Referer: https://g1.nyt.com/fonts/css/web-fonts.d05a02583ca20b8afd5115f3ef8f1b8d134f743d.css
Origin: https://www.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=pRBawg==, md5=pkeaUgD5pjUr23FYnCfJww==
date: Tue, 26 Jul 2022 18:06:45 GMT
via: 1.1 varnish
content-type: application/octet-stream
age: 8381888
x-guploader-uploadid: ADPycdspT8rIN4vkjGzaGOB5bwEqcGSSBW8RL763kc7zsPM6G7kuF77gAwS-3Ov1nE0VpoWcreDk85YgMgBIjnAknK7nkNmJ7HIG
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 20136
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Thu, 20 Apr 2023 17:48:37 GMT
last-modified: Wed, 20 Apr 2022 13:09:40 GMT
server: UploadServer
x-timer: S1658858805.039621,VS0,VE0
etag: "a6479a5200f9a6352bdb71589c27c9c3"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1650460180541296
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20136
x-nyt-pagetype: web-font
timing-allow-origin: *
x-cache-hits: 13248

GET
H2 200 prefetch-assets Show response
myaccount.nytimes.com/auth/ Frame 4867 393 B
1 KB 26ms
7ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/prefetch-assets

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

c9ddd01050c3162ee6185b78d3ee887bba48f34dee1d0107aecc2e9bcb5ac47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 157
cache-control: public, max-age=600
content-encoding: gzip
content-length: 276
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type: text/html; charset=utf-8
date: Tue, 26 Jul 2022 18:06:45 GMT
etag: W/"189-R9SdldbtU+zRNBVgn0TtWfu8TTE"
server: envoy
strict-transport-security: max-age=300; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: HIT
x-cache-hits: 4
x-cloud-trace-context: 1c9e8b35d7036b909ce89d4bb02bc50a
x-content-type-options: nosniff
x-datadog-parent-id: 7218552806899299737
x-datadog-sampled: 1
x-datadog-sampling-priority: 1
x-datadog-trace-id: 7484291488632008688
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 2
x-nyt-backend: lire-ui
x-nyt-edge-cache: HIT
x-powered-by: Express
x-served-by: cache-fra19180-FRA

GET
H2 200 pubads_impl_2022071901.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
129 KB 14ms
13ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 12:31:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131527
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Jul 2023 12:31:27 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
375 B 52ms
22ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

cf29b7b3f4476ffb28d021b43731258a9e0f60c73ad623fe8410ef4a4924274f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Jul 2022 18:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350
x-xss-protection: 0
expires: Tue, 26 Jul 2022 18:06:45 GMT

GET
H2 200 vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-6f9282e1c672768820c0.js Show response
www.nytimes.com/vi-assets/static-assets/ 43 KB
15 KB 12ms
11ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-6f9282e1c672768820c0.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c25d3c57337f7e1201b78630a52f9a8cffb5eb9ebe879beaef7c68f58b9e4e22

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 513600
x-guploader-uploadid: ADPycduRyetKf9Ax7O3DOT2dPykOpPQyu1d4LoTEK8VxcyXlwRfmLeje5kOPs1e3hAbYgXKzGRDXvhIxPJ6MtsYul6_jtYd6c1N7
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-20 19:26:45 UTC
x-served-by: cache-fra19180-FRA
x-timer: S1658858805.332046,VS0,VE2
etag: "a8e1d98c44c3eb1e53e655ee401de9ed"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~answerpage~audio~bestsellers~byline~capsule~collections~explainer~home~hubpage~liveblog~mark~58f33aa8-6f9282e1c672768820c0.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 13605
date: Tue, 26 Jul 2022 18:06:45 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13845
last-modified: Wed, 20 Jul 2022 19:01:30 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=JkrT6A==, md5=qOHZjETD6x5T5lXuQB3p7Q==
x-goog-generation: 1658343690375341
expires: Thu, 20 Jul 2023 19:26:44 GMT
x-gdpr: 1
x-goog-stored-content-length: 44203
accept-ranges: bytes

GET
H2 200 vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js Show response
www.nytimes.com/vi-assets/static-assets/ 67 KB
14 KB 9ms
8ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 4589156
x-guploader-uploadid: ADPycduYP-ZEbnhok842CZobXl2S7g5AvWoPWGOAkwpDTtWykuiYZXz1KgwlLppxirswxLTOGJ5yaxt_yDdBKDq99oRxfvqgCl6c
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-03 15:20:49 UTC
x-served-by: cache-fra19180-FRA
x-timer: S1658858805.332263,VS0,VE1
etag: "31ae068f9753c44599fc91cfeeeead54"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~byline~capsule~clientSideCapsule~collections~explainer~liveblog~paidpost~slideshow~sto~a2187976-3875bb050aa80282125f.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 49162
date: Tue, 26 Jul 2022 18:06:45 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 13353
last-modified: Fri, 03 Jun 2022 15:14:32 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=sxH6MA==, md5=Ma4Gj5dTxEWZ/JHP7u6tVA==
x-goog-generation: 1654269272247723
expires: Sat, 03 Jun 2023 15:20:48 GMT
x-gdpr: 1
x-goog-stored-content-length: 68978
accept-ranges: bytes

GET
H2 200 vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js Show response
www.nytimes.com/vi-assets/static-assets/ 21 KB
5 KB 10ms
10ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

60befd6c654fc23383d84462ddd92471e0ca8a0aaacaf5af2a785c2352e7f5dd

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 3539613
x-guploader-uploadid: ADPycdsxdhqzJpq6_tlpbzhzwcKDOshbx-llb5-w19jt6Xzn2J8ghkG9OIdiH62a0gapGultE4sfoXaaLgFREiG6OL_KsQ
x-goog-stored-content-encoding: identity
x-origin-time: 2022-06-15 18:53:11 UTC
x-served-by: cache-fra19180-FRA
x-timer: S1658858805.332242,VS0,VE1
etag: "e10a051414b80d3f4e5fcadfc8657375"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~capsule~card~clientSideCapsule~collections~explainer~home~liveblog~paidpost~story~tren~0ac42215-0dd61fdcb167951d5099.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 49796
date: Tue, 26 Jul 2022 18:06:45 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 5017
last-modified: Wed, 15 Jun 2022 18:51:16 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=PVfhtw==, md5=4QoFFBS4DT9OX8rfyGVzdQ==
x-goog-generation: 1655319075953589
expires: Thu, 15 Jun 2023 18:53:11 GMT
x-gdpr: 1
x-goog-stored-content-length: 21996
accept-ranges: bytes

POST
H2 200 track
a.et.nytimes.com/ 0
0 135ms
134ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 125ms
124ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 106ms
106ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ 209 KB
43 KB 86ms
9ms Script
text/javascript 52.222.236.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-105.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

be4e7fe530814818817ef4e09f740982d12335e178ae1a60f1ae8699fb89878c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
etag: "34515-5e4b2951e5a21-gzip"
age: 3022
x-cache: Hit from cloudfront
content-length: 43581
access-control-allow-origin: *
last-modified: Tue, 26 Jul 2022 10:15:40 GMT
server: Apache
date: Tue, 26 Jul 2022 17:16:24 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront), 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P2, FRA56-P4
accept-ranges: bytes
x-amz-cf-id: jEhuYhHwKth4MZ0UG6FZcf2bUaaA1iE9sgr0ntUYI4qpKii2gRpozg==
expires: Tue, 26 Jul 2022 18:16:23 GMT

GET
H2 404 index.js
myaccount.nytimes.com/lire_ui/js/common/abra/ Frame 4867 0
0 12ms
9ms Script
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:45 GMT
via: 1.1 varnish
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 2
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 19
content-length: 308
x-served-by: cache-fra19180-FRA
server: envoy
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: text/html; charset=UTF-8
x-cloud-trace-context: 69dad8965a248cc4fbb8f6fbad820301
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame 4867 431 KB
143 KB 11ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=d112e1a

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/prefetch-assets

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5b081ae2dd2a6b8a38cadf8fc949afbd5bd50d20377e935b4a9631f6b9ff0a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/prefetch-assets
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:45 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 154
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 146164
x-served-by: cache-fra19180-FRA
expires: Mon, 25 Jul 2022 17:45:23 GMT
server: envoy
etag: "Op9ysw"
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: a1a41ab77a1caf5e416ffd5ab3fd2ffa
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 1

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 100ms
23ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Jul 2022 18:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 86ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Jul 2022 18:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
11 KB 204ms
204ms Other
application/webbundle 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526686587848474&correlator=745858285516517&wbsu=71aa5e9a-a1fb-4afa-965c-9ad9db879058&callback=googletag.wbn1&eid=31068526%2C31060545%2C31068029%2C31068213&output=wbn&gdfp_req=1&vrg=2022071901&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Ctechnology&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=1108970029&sfv=1-0-38&ecs=20220726&fsapi=false&prev_scp=div%3Dtop%26pos%3Dtop%26request_time%3D677&cust_params=als_test_clientside%3Dempty_empty_empty_20220726180645%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1658858225862%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dpowelljessecryptocurrencyexecu%26org%3Dkrakenpaywardinc%252Ctreasurydepartment%252Cofficeofforeignassetscontrolun%26geo%3Diran%26des%3Dembargoesandsanctions%252Cvirtualcurrency%252Cregulationandderegulationofind%252Ccomputersandtheinternet%26auth%3Ddavidyaffebellany%252Cryanmac%26coll%3Dworldnews%252Ctechnology%252Ceconomy%252Cbusiness%252Cdealbook%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dtechnology%26si_section%3Dtechnology%26id%3D100000008458514%26gscat%3Dneg_citi_aa%252Cneg_ibmtest%252Cneg_mastercard%252Cneg_capitalone%252Cneg_chan2%252Cneg_chanel%252Ccc_business_lead_boards%252Cneg_ibm%252Cneg_debeer%252Cneg_ts%252Cneg_hearts%252Cneg_rolex%252Cneg_bofa%252Cneg_mttl%252Cneg_gg1%252Cneg_google%252Cneg_ms_safe%252Cgs_law%252Cgs_economy_misc%252Cgs_politics%252Cgs_economy%252Cgs_law_misc%252Cgs_politics_misc%252Cgv_safe%252Cgs_t%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_priority_0322_2_sponsorship%252Cdfp_messaging_flexframe_ctr_2_noheadnosummary%252Cdfp_live_0722_1_top%252Cdfp_higher_ads_0622_1_threshold%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D4%26page_view_id%3DdF1w0eAaSQEC1f2fk5wQfvte%26purr%3Dnpa%26uap%3Dbrowser%26aid%3D0trb6V2bYqULFEwQxXqiIe&sc=1&cookie_enabled=1&abxe=1&dt=1658858805530&lmt=1658858682&dlt=1658858804823&idt=640&adxs=0&adys=132&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&frm=20&vis=1&psz=1600x90&msz=1600x0&fws=4&ohw=1600&ga_vid=449409441.1658858806&ga_sid=1658858806&ga_hid=511857289&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11543
x-xss-protection: 0
google-lineitem-id: 6060092332
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138398011904
content-type: application/webbundle
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
UUID-IN-PACKAGE 200
OK 71aa5e9a-a1fb-4afa-965c-9ad9db879058 Show response
/ 29 KB
29 KB 206ms
206ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

uuid-in-package:71aa5e9a-a1fb-4afa-965c-9ad9db879058

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

UUID-IN-PACKAGE

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

66d7342ef06ec98cc99c2577448c414cb4e4d4b9954ac5a696d186253363de77

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 8ms
7ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 23
cache-control: max-age=30
content-length: 0
date: Tue, 26 Jul 2022 18:06:45 GMT
samizdat-x-canary: false
samizdat-x-instance: 39635475
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 5da266097954520d-67ee5b59828779c3-0
x-cache: HIT
x-cache-hits: 3
x-datadog-trace-id: 5da266097954520d-67ee5b59828779c3-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 15
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: b29c7ca76aca3b2a
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19161-FRA
x-timer: S1658858806.816542,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 9ms
8ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 23
cache-control: max-age=30
content-length: 0
date: Tue, 26 Jul 2022 18:06:45 GMT
samizdat-x-canary: false
samizdat-x-instance: 39635475
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 5da266097954520d-67ee5b59828779c3-0
x-cache: HIT
x-cache-hits: 4
x-datadog-trace-id: 5da266097954520d-67ee5b59828779c3-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 15
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: 8e5380bd516747fb
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19161-FRA
x-timer: S1658858806.877620,VS0,VE1

OPTIONS
H2 200 v2
samizdat-graphql.nytimes.com/graphql/ Frame 0
0 9ms
8ms Preflight 151.101.129.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,nyt-app-type,nyt-app-version,nyt-token
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type, nyt-app-type, nyt-app-version, nyt-token
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.nytimes.com
access-control-max-age: 300
age: 23
cache-control: max-age=30
content-length: 0
date: Tue, 26 Jul 2022 18:06:45 GMT
samizdat-x-canary: false
samizdat-x-instance: 39635475
server: envoy
timing-allow-origin: *
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
via: 1.1 google, 1.1 varnish
x-b3-traceid: 5da266097954520d-67ee5b59828779c3-0
x-cache: HIT
x-cache-hits: 5
x-datadog-trace-id: 5da266097954520d-67ee5b59828779c3-0
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 15
x-nyt-audience-target-flat: EU:PM
x-nyt-continent: EU
x-nyt-country: DE
x-nyt-meridiem: PM
x-nyt-region: BY
x-samizdat-query-exe-id: 875a92df31910394
x-samizdat-query-field-errors: 0
x-served-by: cache-fra19161-FRA
x-timer: S1658858806.937388,VS0,VE1

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 104 B
747 B 117ms
116ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-2613cfbe6811f3320a35.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Tue, 26 Jul 2022 18:06:45 GMT
content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: PM
x-b3-traceid: 268fb2c4cddc7ac0-39673c0e687f8013-1
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 9d0f0a1a
x-samizdat-query-field-errors: 0
x-envoy-upstream-service-time: 19
x-cache-hits: 0
x-samizdat-query-exe-id: db354e46c130389e
samizdat-x-canary: false
x-nyt-continent: EU
server: envoy
x-timer: S1658858806.828024,VS0,VE109
x-nyt-region: BY
x-served-by: cache-fra19180-FRA
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 268fb2c4cddc7ac0-39673c0e687f8013-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 meter.js Show response
meter-svc.nytimes.com/ 642 B
1 KB 384ms
256ms XHR
application/json 35.241.35.241
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://meter-svc.nytimes.com/meter.js?sourceApp=vi&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&referer=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&pageviewID=dF1w0eAaSQEC1f2fk5wQfvte
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-2613cfbe6811f3320a35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.35.241 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 241.35.241.35.bc.googleusercontent.com
Software: /
Resource Hash: 047f8320113e7e94f79d166cb814544ffa558608e2b1d706d3bcba0a3034b209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
via: 1.1 google
access-control-allow-headers: DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, *
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.nytimes.com
access-control-expose-headers: Set-Cookie
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 642

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 62 B
329 B 382ms
382ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-2613cfbe6811f3320a35.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: PM
x-b3-traceid: 882ebb4b170a4aa589bbbd289f04fa30-3dce30a4f9be2192-1
age: 0
x-samizdat-query-field-errors: 0
x-samizdat-query-exe-id: a262c9489e9b1a4b
samizdat-x-canary: false
x-nyt-country: DE
x-timer: S1658858806.888634,VS0,VE375
x-nyt-continent: EU
vary: Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
x-nyt-region: BY
x-nyt-audience-target-flat: EU:PM
cache-control: max-age=30
x-cache-hits: 0
x-samizdat-query-sup-code
date: Tue, 26 Jul 2022 18:06:46 GMT
via: 1.1 google, 1.1 varnish
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: e54c942d
x-envoy-upstream-service-time: 18
content-length: 77
server: envoy
x-served-by: cache-fra19180-FRA
access-control-allow-credentials: true
x-datadog-trace-id: 882ebb4b170a4aa589bbbd289f04fa30-3dce30a4f9be2192-1
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

POST
H2 200 v2 Show response
samizdat-graphql.nytimes.com/graphql/ 42 KB
8 KB 182ms
182ms XHR
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://samizdat-graphql.nytimes.com/graphql/v2
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-2613cfbe6811f3320a35.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: 1bc1eaee4de33b5ace5db5ba3ed858b4bfe60c37ec0a18ead7cc5388d8e90332

Request headers

nyt-token: MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
nyt-app-type: project-vi
content-type: application/json
accept: */*
Referer: https://www.nytimes.com/
nyt-app-version: 0.0.5

Response headers

x-samizdat-query-sup-code
date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: gzip
x-envoy-decorator-operation: graphql-v1.samizdat.nyti.nyt.net:443/*
x-nyt-meridiem: PM
x-b3-traceid: 270d0b4e95a06ebd-32f9fe3049ec8e13-0
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
samizdat-x-instance: 9a3be6f8
x-samizdat-query-field-errors: 0
x-envoy-upstream-service-time: 78
x-cache-hits: 0
x-samizdat-query-exe-id: a1db0fd4d83c4e48
samizdat-x-canary: false
x-nyt-continent: EU
last-modified: Tue, 26 Jul 2022 18:06:46 GMT
server: envoy
x-timer: S1658858806.953196,VS0,VE168
x-nyt-region: BY
x-served-by: cache-fra19180-FRA
vary: Accept-Encoding, Samizdat-X-Fastly-Unique-Id, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type: application/json
via: 1.1 google, 1.1 varnish
x-nyt-audience-target-flat: EU:PM
cache-control: private, no-store
access-control-allow-credentials: true
x-nyt-country: DE
x-datadog-trace-id: 270d0b4e95a06ebd-32f9fe3049ec8e13-0
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset

GET
H2 200 comments-6fe39e77f181631ae51f.js Show response
www.nytimes.com/vi-assets/static-assets/ 50 KB
16 KB 17ms
14ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nytimes.com/vi-assets/static-assets/comments-6fe39e77f181631ae51f.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f8e22016d60bf24d45f4f58b9d3327152273916690a3232bdec702a06af8aef1

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=63072000; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding: gzip
age: 513600
x-guploader-uploadid: ADPycdv4W9zRpNAJZqxHPcvDDx2f2Gt8DR1CDhaQO_iyxU-B9l4oU-CLxI6uouXcrjURsLgGw97UKsKacLklFxQYGrHBSA
x-goog-stored-content-encoding: identity
x-origin-time: 2022-07-20 19:26:46 UTC
x-served-by: cache-fra19180-FRA
x-timer: S1658858806.945576,VS0,VE1
etag: "42199130b1caf1142cf558fa9ebe7d4c"
vary: Accept-Encoding, Fastly-SSL
onion-location: https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/comments-6fe39e77f181631ae51f.js
content-type: application/javascript
cache-control: public,max-age=31536000
x-nyt-app-webview: 0
x-nyt-route: vi-assets
x-nyt-edge-cache: HIT
x-cache-hits: 12445
date: Tue, 26 Jul 2022 18:06:45 GMT
x-api-version: F-X
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
content-length: 15168
last-modified: Wed, 20 Jul 2022 19:01:29 GMT
server: UploadServer
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-goog-hash: crc32c=P0+pqQ==, md5=QhmRMLHK8RQs9Vj6nr59TA==
x-goog-generation: 1658243516085594
expires: Thu, 20 Jul 2023 19:26:46 GMT
x-gdpr: 1
x-goog-stored-content-length: 51638
accept-ranges: bytes

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ 2 KB
2 KB 354ms
135ms XHR
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&caller_id=nyt-vi&jkcb=1658858805966&referrer=&sourceApp=nyt-vi
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-2613cfbe6811f3320a35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: envoy /
Resource Hash: c485a872c922453a3ce44bbe5f2a09c315f4139daf7ba7329b6f9986d44674af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: gzip
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 5b687a6a65bc6897e53771e4ecbfae5e
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 35
access-control-allow-headers: Content-Type, x-requested-by
expires: Tue, 26 Jul 2022 18:06:46 GMT

GET
H2 200 purr-cache
purr.nytimes.com/v1/ 0
0 188ms
126ms Fetch
text/html 2a00:1450:400e:80f::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://purr.nytimes.com/v1/purr-cache
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-2613cfbe6811f3320a35.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:80f::2013 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.nytimes.com
x-cloud-trace-context: 65e8d4f6fd80d008d6079fc9d17583fc
cache-control: private
access-control-allow-credentials: true
content-length: 0
expires: Tue, 26 Jul 2022 18:06:46 GMT

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
439 B 52ms
52ms Other
application/webbundle 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=526686587848474&correlator=745858285516517&wbsu=16a3957e-4cd2-4cd7-a941-2846b788e902&callback=googletag.wbn2&eid=31068526%2C31060545%2C31068029%2C31068213&output=wbn&gdfp_req=1&vrg=2022071901&ptt=17&impl=fif&npa=1&iu_parts=29390238%2Cnyt%2Ctechnology&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=150x50&ifi=2&adks=1076286299&sfv=1-0-38&ecs=20220726&fsapi=false&prev_scp=div%3Dsponsor%26pos%3Dsponsor%26request_time%3D1140&cust_params=als_test_clientside%3Dempty_empty_empty_20220726180645%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26template%3Darticle%26hasVideo%3Dfalse%26vp%3Dlarge%26als_test%3D1658858225862%26prop%3Dnyt%26plat%3Dweb%26brandsensitive%3Dfalse%26per%3Dpowelljessecryptocurrencyexecu%26org%3Dkrakenpaywardinc%252Ctreasurydepartment%252Cofficeofforeignassetscontrolun%26geo%3Diran%26des%3Dembargoesandsanctions%252Cvirtualcurrency%252Cregulationandderegulationofind%252Ccomputersandtheinternet%26auth%3Ddavidyaffebellany%252Cryanmac%26coll%3Dworldnews%252Ctechnology%252Ceconomy%252Cbusiness%252Cdealbook%26artlen%3Dmedium%26ledemedsz%3Dnone%26typ%3Dart%26section%3Dtechnology%26si_section%3Dtechnology%26id%3D100000008458514%26gscat%3Dneg_citi_aa%252Cneg_ibmtest%252Cneg_mastercard%252Cneg_capitalone%252Cneg_chan2%252Cneg_chanel%252Ccc_business_lead_boards%252Cneg_ibm%252Cneg_debeer%252Cneg_ts%252Cneg_hearts%252Cneg_rolex%252Cneg_bofa%252Cneg_mttl%252Cneg_gg1%252Cneg_google%252Cneg_ms_safe%252Cgs_law%252Cgs_economy_misc%252Cgs_politics%252Cgs_economy%252Cgs_law_misc%252Cgs_politics_misc%252Cgv_safe%252Cgs_t%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_prebid_priority_0322_2_sponsorship%252Cdfp_messaging_flexframe_ctr_2_noheadnosummary%252Cdfp_live_0722_1_top%252Cdfp_higher_ads_0622_1_threshold%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%26sov%3D4%26page_view_id%3DdF1w0eAaSQEC1f2fk5wQfvte%26purr%3Dnpa%26uap%3Dbrowser%26aid%3D0trb6V2bYqULFEwQxXqiIe&sc=1&cookie_enabled=1&abxe=1&dt=1658858806449&lmt=1658858682&dlt=1658858804823&idt=640&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&frm=20&vis=1&psz=150x16&msz=0x0&fws=132&ohw=1600&ga_vid=449409441.1658858806&ga_sid=1658858806&ga_hid=511857289&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 408
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: application/webbundle
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
UUID-IN-PACKAGE 200
OK 16a3957e-4cd2-4cd7-a941-2846b788e902 Show response
/ 456 B
582 B 53ms
53ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

uuid-in-package:16a3957e-4cd2-4cd7-a941-2846b788e902

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

UUID-IN-PACKAGE

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

f86b482c186b583229d8dcf391acf6280df4e45110d042fea6910de597a866ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H2 200 merlin_208354251_82a211c6-a46d-4d42-b8ab-9b21e1aa04cb-superJumbo.jpg
static01.nyt.com/images/2022/07/25/business/00kraken-sanctions2/ 50 KB
51 KB 9ms
8ms Image
image/webp 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01.nyt.com/images/2022/07/25/business/00kraken-sanctions2/merlin_208354251_82a211c6-a46d-4d42-b8ab-9b21e1aa04cb-superJumbo.jpg?quality=75&auto=webp
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2f0a57695ab42ed82e75096d595c41d4db7dc8169e90abfc7827aa3fc75e0948

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
via: 1.1 varnish, 1.1 varnish
content-type: image/webp
age: 684
x-guploader-uploadid: ADPycdtfvR3DMIH5gHs1d-yXP1w7HtDeHzjhX6Y4togDdhbKqSYXaKWOe9P3eWA2DRneQN-GtWkRgVf-JjyjMrjrv1pPmer5LvOY
x-cache: HIT, HIT
fastly-io-info: ifsz=176433 idim=1038x2048 ifmt=jpeg ofsz=51020 odim=1038x2048 ofmt=webp
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
fastly-stats: io=1
content-length: 51020
x-served-by: cache-iad-kjyo7100053-IAD, cache-fra19180-FRA
server: UploadServer
x-timer: S1658858806.469663,VS0,VE1
etag: "rLQqaE/F2mKzPW0U+R5bCyIT/Lbrj07nDxwwMMJNwTY"
vary: Accept
x-goog-hash: crc32c=OpYfbQ==, md5=dHCL6s6FbB42ccj1qJTqYw==
x-goog-generation: 1658858085591120
access-control-allow-origin: *
expires: Tue, 26 Jul 2022 17:55:21 GMT
cache-control: max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length: 176433
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 1

POST
H2 200 track
a.et.nytimes.com/ 0
0 132ms
131ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 container.html Show response
c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8DB 6 KB
4 KB 98ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 18:06:46 GMT
expires: Wed, 26 Jul 2023 18:06:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track
a.et.nytimes.com/ 0
0 141ms
141ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 / Show response
dd.nytimes.com/js/ 231 B
617 B 30ms
14ms XHR
application/json 52.222.236.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-105.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

f2f74788682032760671cef7f3f92ed2efd3fbed651dce475e9a27d2f9ffe8a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:46 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: Ta3LMlACLB4gVvxvurkAClo2cLjiBEU79NiDktIzK1jMfZzxHwjgVA==
expires: 0

GET
H2 200 / Show response
mwcm.nytimes.com/capi/metered_assets/ 58 KB
14 KB 419ms
410ms Fetch
application/json 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&mr=0&ma=0&counted=false&granted=false&gwtype=REGIWALL&us=anon&context-type=&areas=barOne&areas=truncator&areas=gateway
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-2613cfbe6811f3320a35.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: ecd80989b47d0cb123c21cdede0e4c267a8664252adf43ac0fea12571801285a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
x-envoy-decorator-operation: capi-prd.growth-mc.nyti.nyt.net:443/*
access-control-allow-origin: https://www.nytimes.com
x-cache: MISS
x-envoy-upstream-service-time: 310
x-served-by: cache-fra19180-FRA
server: envoy
x-cmots-campaign-names: {"barOne":"MAG_web_nonsub_all_monthly-sale","gateway":"MAG_web_nonsub_all_monthly-sale","truncator":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer: S1658858807.790924,VS0,VE402
vary: x-nyt-user-status, x-nyt-country, x-nyt-continent, x-nyt-device, X-NYT-Currency, x-nyt-ipsegments-edu-b2b, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Accept-Encoding,x-nyt-user-status, Origin
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 43c61c65cc603c3edc8e587b5fbc27c5
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-nyt-route: mwcm-muassets
accept-ranges: bytes
access-control-allow-headers: Content-Type, x-requested-by, *
x-cache-hits: 0

GET
H2 200 standalone-client.bundle.js Show response
myaccount.nytimes.com/unified_lire/js/ 37 KB
15 KB 9ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/story-926069ddefaae49b9b6a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

b90034f10044a3bc0162aafa5ae731d19f4aacbfdd5db5847a9d96bc83c950cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 120
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 6
content-length: 14641
x-served-by: cache-fra19180-FRA
expires: Tue, 26 Jul 2022 04:21:35 GMT
server: envoy
etag: "Op9ysw"
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: dcce53cd78cdba6182a2c95b696a2e49
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3886
date: Tue, 26 Jul 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 26 Jul 2022 19:02:00 GMT

GET
H3

200

activityi;dc_pre=CIGcss-Sl_kCFQrVGQodJkAH6A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=1960796568.1658858807;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Fte... Show response
5290727.fls.doubleclick.net/ Frame CF81
Redirect Chain

https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=1960796568.1658858807;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2F...
https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGcss-Sl_kCFQrVGQodJkAH6A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=1960796568.1658858807;u17=https%3A%2F%2Fw...

552 B
406 B

162ms
134ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGcss-Sl_kCFQrVGQodJkAH6A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=1960796568.1658858807;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

109e731eaa022551feafd54074658e3842801e7396efb9119747edbe4f86fa79

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 383
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 18:06:47 GMT
expires: Tue, 26 Jul 2022 18:06:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 18:06:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGcss-Sl_kCFQrVGQodJkAH6A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=1960796568.1658858807;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 49ms
9ms Script
application/x-javascript 2600:9000:223c:a800:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a800:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 16:52:05 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
age: 4481
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: S8PFzhZCwvLlI-K5Bcex9kJQ1JF_VSBEASf3l5P6SgFeOshKkkGtMQ==
expires: Tue, 26 Jul 2022 18:52:05 GMT

GET
H2 200 show-ads.js Show response
a1.nyt.com/analytics/ 45 B
640 B 15ms
7ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a1.nyt.com/analytics/show-ads.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: gzip
content-type: application/javascript
age: 85337
x-guploader-uploadid: ADPycdsGlzOhH_m2LyphPMn6GJaIpiYRji7U66VvBudBoCNwLMK8o0SJFwvVLj2-r0SepiIrpfCun_snBgs3hdsCppTP5nSClg
x-cache: HIT
x-goog-storage-class: REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 65
via: 1.1 varnish
x-served-by: cache-fra19180-FRA
accept-ranges: bytes
expires: Fri, 01 Oct 2021 00:34:40 GMT
last-modified: Thu, 17 Dec 2020 21:19:35 GMT
server: UploadServer
x-timer: S1658858807.908259,VS0,VE0
etag: "1d291da792456bd015b664ee1119a5e0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1608239975905841
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=86400
x-goog-stored-content-length: 45
x-nyt-pagetype: nyt-dti-analytic
timing-allow-origin: *
x-cache-hits: 2090

POST
H2 200 track
a.et.nytimes.com/ 0
0 125ms
124ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt.js Show response
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/ 5 KB
3 KB 41ms
14ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8f653cafd04ab5db661928b4c87574e6ef6b02dc3d43217532bbd681269076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2022 17:18:39 GMT
server: cloudflare
age: 2887
cf-polished: origSize=4800
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7Oj94fnHJC9h6eLvivqgq5Eiqmu37V2GvBCoMxCLRH69L5oIrKDk4rxLJlnxkwMRYGqJvWft544qXUoe%2BkwMXlO7Bt5xtPrqZv0aS6LK%2FExHomv14ksUs5rLVyg7LdmYnA1DDTuDUGTav5TdmKAP17%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 730f1237493a9223-FRA
cf-bgj: minify

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 106ms
31ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=555692710
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 track
a.et.nytimes.com/ 0
0 135ms
135ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E8DB 22 KB
7 KB 73ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 16:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 522595
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 20 Jul 2023 16:56:52 GMT

GET
H3 404 mraid.js
c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8DB 0
0 50ms
22ms Script
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/mraid.js

Requested by

Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1591
x-xss-protection: 0

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame E8DB 17 KB
6 KB 62ms
11ms Script
text/html 3.69.41.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssIkahrhSnbapeEApWESPXPQ5vG5xcQMMviVsgl4gfxiuoQZPjkdH-vi7cWw3Gp-qS2ygXyrCnYP_iltFqcbN0cL07yGxaLzgNfoxxCHHc405ZB24zDG9JDzibPOQWJF8NZotF1Ofcb5X7ZenHBWJlj6rQgg6vyh_OkIkoUG8VON9e-bH-uAIScg1_wxcAKu1pG36dP0BnRPMu1NIopjzZczIfhSxUdkEoEkUW5SM8antlj3nIVwpsu7PWS8Zpe2TTBvwcG8w8NUF6l0d4AdE9EePmkMEzA6YuPnxO2YPApcLksiZcqB0kLxlUBrlwrmccFI2uS&sai=AMfl-YRtqr8CAi5UjoUIdNkO4QjgO-vVnNiZiaC5rmzQfnK-wGF5cMt_gQvLNdXuNRmqONx2RWYgMX1-G0ekrKWh8Fu8bH6tBr0CQKxZPy-qY4_IxbgIqoKCyKGa3LEwuUJg&sig=Cg0ArKJSzJxvLx0dh6GsEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=$$&c=28&cn=display&pli=1078177776&gdpr=&gdpr_consent=&w=1&h=1&ord=1252459311&pcp=$$page_view_id=dF1w0eAaSQEC1f2fk5wQfvte&pos=top$$&z=1
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.41.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-135.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ab0bcd3ff749fcd92bffb06763c1841395e9b4c329b8cbb61f47de69d874e10f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 5761
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 4221a460-4ed2-4039-a07f-d1f4a2739cad.js Show response
fast.fonts.net/jsapi/ Frame E8DB 7 KB
3 KB 44ms
18ms Script
text/plain 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/jsapi/4221a460-4ed2-4039-a07f-d1f4a2739cad.js
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe11a8ed1f92e3f831a60c4b7fdb8aad6cc47417c5537eb55812a5f7f9e2413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3076
x-amz-request-id: GXBKEZJB4NQ68Y1W
x-amz-id-2: G487NHZqI2zpFjvasFqx7Z4nWCtWiRfX5PNmv5qFkntPl0IxRADCYpCUbwmobwnigT4kHP6DuEo=
last-modified: Fri, 01 Jan 2021 18:53:52 GMT
server: cloudflare
etag: W/"b91a2de8fd79a32c591ab907d742773c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
expires: Tue, 26 Jul 2022 18:11:46 GMT
cache-control: public, max-age=300
x-amz-version-id: null
cf-ray: 730f12378dc19b71-FRA
x-amz-meta-mtime: 1488555061

GET
H3

200

B28058327.340711169;dc_pre=CJLusc-Sl_kCFZE64AodnHQJzQ;dc_trk_aid=533002444;dc_trk_cid=174630147;ord=1252459311;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1045817.2748817THENEWYORKTIMES/ Frame E8DB
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1045817.2748817THENEWYORKTIMES/B28058327.340711169;dc_trk_aid=533002444;dc_trk_cid=174630147;ord=1252459311;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
https://ad.doubleclick.net/ddm/trackimp/N1045817.2748817THENEWYORKTIMES/B28058327.340711169;dc_pre=CJLusc-Sl_kCFZE64AodnHQJzQ;dc_trk_aid=533002444;dc_trk_cid=174630147;ord=1252459311;dc_lat=;dc_rdi...

42 B
63 B

66ms
36ms

Image
image/gif

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1045817.2748817THENEWYORKTIMES/B28058327.340711169;dc_pre=CJLusc-Sl_kCFZE64AodnHQJzQ;dc_trk_aid=533002444;dc_trk_cid=174630147;ord=1252459311;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1045817.2748817THENEWYORKTIMES/B28058327.340711169;dc_pre=CJLusc-Sl_kCFZE64AodnHQJzQ;dc_trk_aid=533002444;dc_trk_cid=174630147;ord=1252459311;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1095107/64374589/ Frame E8DB 46 KB
12 KB 116ms
32ms Script
application/javascript 52.30.25.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1095107/64374589/skeleton.js
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.25.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-25-219.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5a80e180023eb02d1fd31a8fa28ed7307eded43c8a2df9f1467ce632418bb11c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8DB 138 KB
43 KB 58ms
42ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43394
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658749242091060"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 18:06:46 GMT

GET
H2 200 enter-email Show response
myaccount.nytimes.com/auth/iframe/ Frame A906 19 KB
9 KB 430ms
430ms Document
text/html 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/unified_lire/js/standalone-client.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy / Express

Resource Hash

b6197e5d5af4aa79f753226af202da774c71ef212fa2c38ada59abf1bd6a964d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src https://www.google.com .captcha-delivery.com; connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: .nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .nytimes.com .nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://.go-mpulse.net; style-src 'unsafe-inline' .nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors .nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
Strict-Transport-Security	max-age=300; preload; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: default-src 'self'; frame-src https://www.google.com *.captcha-delivery.com; connect-src 'self' *.nytimes.com https://sentry.io *.datadome.co https://*.go-mpulse.net; font-src https://typeface.nyt.com; img-src 'self' data: *.nytimes.com https://www.google-analytics.com https://www.google.com https://stats.g.doubleclick.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.nytimes.com *.nyt.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.google-analytics.com https://sc-static.net https://js.datadome.co https://*.go-mpulse.net; style-src 'unsafe-inline' *.nytimes.com https://www.google-analytics.com; object-src 'none'; form-action 'self' https://www.google-analytics.com; frame-ancestors *.nytimes.com https://shared-ui-dot-nyt-wfvi-dev.appspot.com; block-all-mixed-content ; upgrade-insecure-requests ; report-uri https://csp.dev.nytimes.com/report
content-type: text/html; charset=utf-8
date: Tue, 26 Jul 2022 18:06:47 GMT
etag: W/"4d93-eBKjm7clOfU0QfSGVfoFV8MWYfI"
expires: 0
pragma: no-cache
resp-details: [[it:lui]]
server: envoy
strict-transport-security: max-age=300; preload; includeSubdomains
vary: Accept-Encoding
via: 1.1 varnish
x-api-version: F-X
x-cache: MISS
x-cache-hits: 0
x-cloud-trace-context: dac42e22cbc7ba34e3eb9e8113ddefc5
x-content-type-options: nosniff
x-datadog-parent-id: 2446260151364131617
x-datadog-sampled: 1
x-datadog-sampling-priority: 0
x-datadog-trace-id: 7678223126232837788
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-envoy-upstream-service-time: 29
x-nyt-backend: lire-ui
x-nyt-edge-cache: MISS
x-powered-by: Express
x-served-by: cache-fra19180-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 54ms
22ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=511857289&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&dr=&ul=en-us&de=UTF-8&dt=Kraken%2C%20a%20U.S.%20Crypto%20Exchange%2C%20Is%20Suspected%20of%20Violating%20Sanctions%20-%20The%20New%20York%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=400656943&gjid=410565470&cid=449409441.1658858806&tid=UA-58630905-2&_gid=747675271.1658858807&_r=1&gtm=2wg7p0P528B3&cg1=technology&cg2=null&cg3=article&cg4=news&cd1=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&cd2=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&cd3=&cd4=Technology&cd9=9&cd10=null&cd13=null&cd14=business_desk&cd15=earned&cd16=referring_links&cd17=100000008458514&cd18=Ryan%20Mac%2CDavid%20Yaffe-Bellany&cd19=Kraken%2C%20a%20U.S.%20Crypto%20Exchange%2C%20Is%20Suspected%20of%20Violating%20Sanctions&cd20=&cd21=Article&cd23=Technology&cd26=2022&cd27=2022-07-26-13&cd28=Tuesday&cd29=13&cd30=1658858087353&cd32=World%20News%2CTechnology%2CEconomy%2CBusiness%2CDealBook&cd33=SECTION%2CSECTION%2CSECTION%2CSECTION%2CSECTION&cd34=NEWS&cd36=26kraken-sanctions&cd37=1001&cd38=Business&cd42=nyt-vi&cd43=Embargoes%20and%20Sanctions%2CVirtual%20Currency%2CRegulation%20and%20Deregulation%20of%20Industry%2CComputers%20and%20the%20Internet&cd44=Kraken%20(Payward%20Inc)%2CTreasury%20Department%2COffice%20of%20Foreign%20Assets%20Control%20(United%20States%20Treasury)&cd45=Powell%2C%20Jesse%20(Cryptocurrency%20Executive)&cd46=Iran&cd48=July&cd49=medium_800_1199&cd51=nyt-vi&cd52=&cd53=Business&cd54=business_desk&cd55=0&cd56=anon&cd57=0&cd58=0&cd59=&cd60=&cd61=0&cd63=0trb6V2bYqULFEwQxXqiIe&cd65=anon&cd67=0&cd95=&cd122=&cd123=&cd124=&cd125=&cd126=&cd127=&cd129=NaN&cd135=&cd139=&cd141=&cd142=&cd162=&cd163=&cd164=0trb6V2bYqULFEwQxXqiIe&z=1448492813

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 65568.js Show response
cdn.brandmetrics.com/scripts/bundle/ 46 KB
14 KB 14ms
14ms Script
text/javascript 2606:4700:20::681a:79b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by: Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:79b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96b2fe169da01c822cb71dc7e5171b8b837e9601219777dd71716ecf5208466d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2022 17:18:41 GMT
server: cloudflare
age: 2885
cf-polished: origSize=47244
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6y%2B%2FcRYF%2BFv1zDYepMfdLWmKb%2BkwCbpT3ueZsBm7tQJLE8P4B0orqEU1niXahYdqw1Y%2FjtJZ86U8V9HX%2FYFpQEGtgCAXka7RK4RC9R8KaPTXJvV0uFCk8ISEkZ9%2FEXgrhOBBb9eEKUpIZVRmOLeX%2FLk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 730f123799ae9223-FRA
cf-bgj: minify

GET
H2 200 ping
pnytimes.chartbeat.net/ 43 B
201 B 322ms
108ms Image
image/gif 52.72.129.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&u=DQwc10C8Fq8PDyXsi7&d=nytimes.com&g=16698&g0=technology%2Cbusiness_desk&g1=Ryan%20Mac%2CDavid%20Yaffe-Bellany&n=1&f=00001&c=0&x=0&m=0&y=1735&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2242&t=BKaNBvBQws714tpjvCgmVQCC8ohbD&V=136&i=Kraken%2C%20a%20U.S.%20Crypto%20Exchange%2C%20Is%20Suspected%20of%20Violating%20Sanctions&tz=0&_acct=anon&sn=1&sv=D2KFb5Dy3cVFuuIaQBYtg10CQujp9&sd=1&im=06679ff3&_
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.129.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-129-95.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8DB 0
0 52ms
51ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlkZ2k_EhMlowCRfOeHUBkC2R84g9lF6O1ltsjjNLA5i48GfBxM9Pg3acUicF2QjVKhjbc9JJ4FHBJ-SYrQWpCipvULUDldNyLZO7WH53cEX0KXEDhcASYXkG1HHUHlydIGAaSpJ2XovUCigRnB9YBQq3bamHGF16Te7W5AXTP_xuH5lCxlyKbQI1jv9tVha4S07zdZdwwUToojgbPsetJpbbp-v8tPdMu4Gcn2DGBTwTSaz2EAa6xwoXa0NbA4BMCuVwbq6qYdSvri71lSIEzW7J-tk0DpFtaI4uAjlCDybA81EzZT-e33N8YyW5WVYZAJPIbvECv9SLr&sai=AMfl-YQQYV8GdaloWyKVSsbutnaDKvSwt3lBx4a96vhALsS4ta9lrBog96tahZjwi_xIUdxG1qgFJRGXLzUbKLjaOa5-C3LT3yV8gg9kBQM0o5domOcmwvDOwQFM_MxoUYg1&sig=Cg0ArKJSzMKrgTBo8TyYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 PL_DeluxeBanner.js Show response
secure-ds.serving-sys.com/resources//CustomScripts/ Frame E8DB 67 KB
17 KB 164ms
109ms Script
application/octet-stream 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources//CustomScripts/PL_DeluxeBanner.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssIkahrhSnbapeEApWESPXPQ5vG5xcQMMviVsgl4gfxiuoQZPjkdH-vi7cWw3Gp-qS2ygXyrCnYP_iltFqcbN0cL07yGxaLzgNfoxxCHHc405ZB24zDG9JDzibPOQWJF8NZotF1Ofcb5X7ZenHBWJlj6rQgg6vyh_OkIkoUG8VON9e-bH-uAIScg1_wxcAKu1pG36dP0BnRPMu1NIopjzZczIfhSxUdkEoEkUW5SM8antlj3nIVwpsu7PWS8Zpe2TTBvwcG8w8NUF6l0d4AdE9EePmkMEzA6YuPnxO2YPApcLksiZcqB0kLxlUBrlwrmccFI2uS&sai=AMfl-YRtqr8CAi5UjoUIdNkO4QjgO-vVnNiZiaC5rmzQfnK-wGF5cMt_gQvLNdXuNRmqONx2RWYgMX1-G0ekrKWh8Fu8bH6tBr0CQKxZPy-qY4_IxbgIqoKCyKGa3LEwuUJg&sig=Cg0ArKJSzJxvLx0dh6GsEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=$$&c=28&cn=display&pli=1078177776&gdpr=&gdpr_consent=&w=1&h=1&ord=1252459311&pcp=$$page_view_id=dF1w0eAaSQEC1f2fk5wQfvte&pos=top$$&z=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 3b35c001f2045923f7d33ac096c17e56194cd6f2208d1b5a2cfebe4486f5f805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: XiycmiC.6mT2InCRD3nZ2bu_sDXPIdIu
content-encoding: gzip
last-modified: Mon, 16 May 2022 14:58:32 GMT
server: ATS/7.1.0
x-amz-request-id: 1APN7HNHQAJ21ZWC
etag: "c092b8849ec15ef3f0e0f5359caf3926"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
accept-ranges: bytes
content-length: 16527
x-amz-id-2: RNDefGz25xU8MMvkKM/mych1xj5OqjRRSl+NxTcrLWNDKpe/4nYQZ60sSxQLSQQmLPbEmGi8P7A=
expires: Tue, 26 Jul 2022 18:06:47 GMT

GET
H2 200 PL_DeluxeBanner_Plugin_NYT.js Show response
secure-ds.serving-sys.com/resources//CustomScripts/ Frame E8DB 23 KB
24 KB 165ms
109ms Script
application/octet-stream 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources//CustomScripts/PL_DeluxeBanner_Plugin_NYT.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssIkahrhSnbapeEApWESPXPQ5vG5xcQMMviVsgl4gfxiuoQZPjkdH-vi7cWw3Gp-qS2ygXyrCnYP_iltFqcbN0cL07yGxaLzgNfoxxCHHc405ZB24zDG9JDzibPOQWJF8NZotF1Ofcb5X7ZenHBWJlj6rQgg6vyh_OkIkoUG8VON9e-bH-uAIScg1_wxcAKu1pG36dP0BnRPMu1NIopjzZczIfhSxUdkEoEkUW5SM8antlj3nIVwpsu7PWS8Zpe2TTBvwcG8w8NUF6l0d4AdE9EePmkMEzA6YuPnxO2YPApcLksiZcqB0kLxlUBrlwrmccFI2uS&sai=AMfl-YRtqr8CAi5UjoUIdNkO4QjgO-vVnNiZiaC5rmzQfnK-wGF5cMt_gQvLNdXuNRmqONx2RWYgMX1-G0ekrKWh8Fu8bH6tBr0CQKxZPy-qY4_IxbgIqoKCyKGa3LEwuUJg&sig=Cg0ArKJSzJxvLx0dh6GsEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=$$&c=28&cn=display&pli=1078177776&gdpr=&gdpr_consent=&w=1&h=1&ord=1252459311&pcp=$$page_view_id=dF1w0eAaSQEC1f2fk5wQfvte&pos=top$$&z=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: ad7ebe100ce16fcc68440bf92704987a53eb5debbf980629f4593a88cfe0cc29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: uoouHLrG07CjUJtLToMsOYUmMwVcMNbm
last-modified: Fri, 01 Mar 2019 00:57:14 GMT
server: ATS/7.1.0
x-amz-request-id: Z9FPRC0B4CF2ZWME
etag: "c27d66397f79e53a019db0516aa9205a"
content-type: application/octet-stream
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 23717
x-amz-id-2: KHQY/TJtSyRq+wc3ajGiRM4yGDtnkKiK1rH4oX8lHoB/iVN7HFO7CSRc60FcWMHCniIB+iNPSHI=
expires: Tue, 26 Jul 2022 18:06:47 GMT

GET
H2 200 mt.js Show response
fast.fonts.net/jsapi/core/ Frame E8DB 25 KB
9 KB 18ms
17ms Script
text/plain 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/jsapi/core/mt.js
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/jsapi/4221a460-4ed2-4039-a07f-d1f4a2739cad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f7bff0ccdd80dc36d123955c81195ea7173af8eb7c5be8a863e8e0ecfd5954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4606
x-amz-request-id: XTBZ5Y2W1XNWPF66
x-amz-id-2: qCJ5aXl7RD3g2R5eIEAAUgNC6Nkmv2tOzyFB28KE01gUIKOWQr4HdAeBjpeZ9/i/u8loiCEEmaM=
last-modified: Sat, 02 Jan 2021 08:52:38 GMT
server: cloudflare
etag: W/"d22b9d8d3cfe3e19b65a2e09ca164ce7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
expires: Tue, 26 Jul 2022 18:11:47 GMT
cache-control: public, max-age=300
x-amz-version-id: null
cf-ray: 730f1237ee539b71-FRA
x-amz-meta-mtime: 1556088859

GET
H2 200 1.css
fast.fonts.net/t/ Frame E8DB 0
237 B 17ms
17ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=js&projectid=4221a460-4ed2-4039-a07f-d1f4a2739cad
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
cf-cache-status: HIT
age: 302064
cf-ray: 730f12381e899b71-FRA
content-length: 0
x-amz-id-2: PAcSNPOFBquv4s5gTFBFmECKpFevRlgoryfCafInP2PUAotV2eZwR9I6awbMKyKodXg3qo0Osmo=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: AJMT0Z3PR7M1ADXA
cache-control: public, max-age=0, s-maxage=604800
x-amz-version-id: null
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1519217722

GET
H2 200 main.19.8.333.js Show response
static.adsafeprotected.com/ Frame E8DB 186 KB
60 KB 49ms
8ms Script
application/javascript 2600:9000:223f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.333.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1095107/64374589/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4da88d903e8ed2209a1d052c424216dc4940e6834327662028acc4fbe634510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 16:16:29 GMT
content-encoding: gzip
age: 93019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 25 Jul 2022 14:27:08 GMT
server: AmazonS3
etag: W/"8131eccf23d75965c16879165e580ecc"
vary: Accept-Encoding
x-amz-version-id: P3WABRGheJ_dqUd7tL4TISRbbPJKtI65
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: 3IdJ-0QNRjxMs_BZgr68lcZ5jYibMtpG9rl0lnJYLtY2v8g1s-utGA==

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame E8DB 8 KB
4 KB 49ms
9ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 082086fa8aadd53998ab416fdf7cfcd6ab7d2a29ade47b19135addb8b5aa9d10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 18:06:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jul 2022 08:51:39 GMT
Server: Microsoft-IIS/10.0
ETag: "80df5debcca0d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3301

GET
DATA 200
OK truncated
/ Frame E8DB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49a31d33e77c3cb1fe7a7af1d493a5220269a1ecb838b1f0eff7a1b3b1f93665

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements2930.js Show response
cdn.doubleverify.com/ Frame 48F2 558 KB
107 KB 15ms
8ms Script
application/javascript 2a02:26f0:3500:585::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2930.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:585::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 805798cbaec33aa9b7c7428cf373d2e8d1649be6d30f5215d7595d62ccb33240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 18:06:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jul 2022 07:23:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80b3ef91c0a0d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109180

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame E8DB
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1095107/64374589/skeleton.js?adsafe_url=https%3A%2F%2Fwww.nytimes.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc7513343d179af5f63db8167f02a2076.safeframe.g...
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

17ms
16ms

Script
application/javascript

2600:9000:223f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:223f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
age: 13925324
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 8JNVIuT6R52eidw6HH-Idrif-dCfORJbQAcwdu4aLoOlEXd2cr6lYQ==

Redirect headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 915B 80 KB
21 KB 12ms
11ms Script
application/javascript 2600:9000:223f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 6168734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: O6Mdfq0AqJ25VobjKLwkWW6JSOXDm3SjeyBXuDgFFKkqrhU-tTm_Ew==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8DB 43 B
215 B 529ms
166ms Image
image/gif 2600:1f13:800:7780:f624:f845:e5e1:e65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095107&asId=6c8aaf80-72a3-86ee-c514-268585bf0802&tv=%7Bc:juVShy,pingTime:-3,time:167,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:1600,h:0,t:128%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:167,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.1600.0,am:i,cc:NaN.NaN.1600.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B55~0%5D,as:%5B55~1600.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tcIyv0Z+11%7C12%7C13*.1095107-64374589%7C131%7C14%7C15%7C16,idMap:13*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f624:f845:e5e1:e65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8DB 43 B
216 B 528ms
166ms Image
image/gif 2600:1f13:800:7780:f624:f845:e5e1:e65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095107&asId=6c8aaf80-72a3-86ee-c514-268585bf0802&tv=%7Bc:juVShA,pingTime:-6,time:169,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:169,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.1600.0,am:i,cc:NaN.NaN.1600.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~1600.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tcIyv0Z+11%7C12%7C13*.1095107-64374589%7C131%7C14%7C15%7C16,idMap:13*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.nytimes.com*&br=c
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f624:f845:e5e1:e65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 dc_pre=CIGcss-Sl_kCFQrVGQodJkAH6A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran....
adservice.google.com/ddm/fls/z/ Frame CF81 42 B
63 B 98ms
51ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIGcss-Sl_kCFQrVGQodJkAH6A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html

Requested by

Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CIGcss-Sl_kCFQrVGQodJkAH6A;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=636639833881;gtm=2wg7p0;auiddc=1960796568.1658858807;u17=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html;u5=;u18=anon;~oref=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5290727.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ebHtml5PoliteBanner_api.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ Frame E8DB 333 KB
88 KB 12ms
11ms Script
application/javascript 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssIkahrhSnbapeEApWESPXPQ5vG5xcQMMviVsgl4gfxiuoQZPjkdH-vi7cWw3Gp-qS2ygXyrCnYP_iltFqcbN0cL07yGxaLzgNfoxxCHHc405ZB24zDG9JDzibPOQWJF8NZotF1Ofcb5X7ZenHBWJlj6rQgg6vyh_OkIkoUG8VON9e-bH-uAIScg1_wxcAKu1pG36dP0BnRPMu1NIopjzZczIfhSxUdkEoEkUW5SM8antlj3nIVwpsu7PWS8Zpe2TTBvwcG8w8NUF6l0d4AdE9EePmkMEzA6YuPnxO2YPApcLksiZcqB0kLxlUBrlwrmccFI2uS&sai=AMfl-YRtqr8CAi5UjoUIdNkO4QjgO-vVnNiZiaC5rmzQfnK-wGF5cMt_gQvLNdXuNRmqONx2RWYgMX1-G0ekrKWh8Fu8bH6tBr0CQKxZPy-qY4_IxbgIqoKCyKGa3LEwuUJg&sig=Cg0ArKJSzJxvLx0dh6GsEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=$$&c=28&cn=display&pli=1078177776&gdpr=&gdpr_consent=&w=1&h=1&ord=1252459311&pcp=$$page_view_id=dF1w0eAaSQEC1f2fk5wQfvte&pos=top$$&z=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b1e34afea99e52435f13a17e9b0f0b5b55202ffe0b9de971f56e0f62a4c3fbaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 13:00:33 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"6b05d372a67463c71af2eda763c42643"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=734706
accept-ranges: bytes
content-length: 90004
x-amz-cf-id: XNTjzfVXZeIWNc7OfYTHsgy0H2CLqeRH9mA2txm8xyL4p7FEofpezQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8DB 43 B
215 B 516ms
167ms Image
image/gif 2600:1f13:800:7780:f624:f845:e5e1:e65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095107&asId=6c8aaf80-72a3-86ee-c514-268585bf0802&tv=%7Bc:juVShS,pingTime:-2,time:187,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:347,bdZ:493,beA:495,beZ:497,mfA:603,cmA:605,inA:605,inZ:610,prA:610,prZ:617,si:624,poA:625,poZ:645,cmZ:645,mfZ:645,loA:664,loZ:667,ltA:682,ltZ:682,mdA:497,mdZ:554%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1600,h:0,t:128%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:187,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.1600.0,am:i,cc:NaN.NaN.1600.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~1600.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tcIyv0Z+11%7C12%7C13*.1095107-64374589%7C131%7C14%7C15%7C16,idMap:13*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:57,readyFired:true%7D&br=c
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f624:f845:e5e1:e65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
x-server-name: dt20.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 48F2 694 B
686 B 155ms
13ms Script
text/javascript 213.254.244.110
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=109&ttfrms=47&brid=3&brver=103.0.5060.134&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3FJE%3A%3E6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3FJE%3A%3E6D%5D4%40%3ETar9EEADTbpTauTau4fd%60bbcb5%60fh27d7eb53g%60ef7_a2a_fe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D%3FJE%3A%3E6D%5D4%40%3ETaua_aaTau_fTauaeTauE649%3F%40%3D%408JTau%3CC2%3C6%3F%5C4CJAE%40%5C%3AC2%3F%5D9E%3E%3D&srcurlD=0&aUrlD=-1&ssl=https:&uid=1658858807317507&jsCallback=dvCallback_1658858807317242&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.134%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2930&tgjsver=2930&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fc7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&sfe=1&fcifrms=6&brh=2&sdf=2&dvp_epl=368&noc=4&nav_pltfrm=Win32&ctx=20447730&cmp=DV432810&btreg=6060092332138398011904&btadsrv=6060092332138398011904&adsrv=104&unit=0x0&turl=https%3A%2F%2Fwww.nytimes.com%2F2022%2F07%2F26%2Ftechnology%2Fkraken-crypto-iran.html&seltag=1&sadv=4776427392&ord=3048955354&litm=6060092332&scrt=138398011904&splc=/29390238/nyt/technology&adu=28671398&spos=top&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&cb=1411539578&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=68495899548.46307&dvp_tukv=151920157072.6937&dvp_uuid=159833994202.02377&dvp_strhd=0.6000003814697266&dvpx_strhd=0.6000003814697266&dvp_tuid=43139408898
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2930.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 7a1a85b6439254f36f7a99b7cdc9096c26df6f85f379c264fbdd1396d293ac54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Jul 2022 18:06:46 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 07/25/2022 18:06:47

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_88_0_0/ Frame E8DB 7 KB
2 KB 9ms
9ms Script
application/javascript 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_88_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 13:00:33 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
etag: W/"5ac70b83663a79f3a383c3a53f62eafd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=723091
accept-ranges: bytes
content-length: 1947
x-amz-cf-id: aKwgjxtteGTxc1Zgz0crzdNb9lLTTsiFyihM7ycvqoC6ODI0NKHOvg==

POST
H2 200 track
a.et.nytimes.com/ 0
0 122ms
122ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 track
a.et.nytimes.com/ 0
0 136ms
135ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame E8DB 0
230 B 142ms
9ms XHR
text/plain 3.74.200.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.200.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-200-12.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame E8DB 24 B
629 B 9ms
8ms XHR
text/html 3.69.41.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=7555075622616748199&ai=1087696227&usercookie=u2=cab354a8-4641-481a-9c38-c67ffb02ea0c&oo=0&clsrc=2&clbv=_2_221_3_0&gdprpurposes=1023&dg=1077172577&sdg=1078063598&ctick=54&ord=0.5926912195776823
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.41.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-135.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
cache-control: private
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 64017d81-9430-4cba-8219-8f5cc28b923e.woff2
fast.fonts.net/dv2/14/ Frame E8DB 15 KB
16 KB 561ms
536ms Font
application/octet-stream 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/64017d81-9430-4cba-8219-8f5cc28b923e.woff2?d44f19a684109620e484147faf90e818e91fbfe6a113aa2749f26bfa29c567201013b729c4701c6018a692b15a42ad2f5ccab08c40c012f3f760269f734724b070bc4b6d&projectId=4221a460-4ed2-4039-a07f-d1f4a2739cad
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c7b29bc0449c071fe96d182426d66bb03c2b200493b2c6f21cfd5d55960323

Request headers

Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
Origin: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:48 GMT
cf-cache-status: MISS
x-amz-request-id: EM5EG2BYFMJ76BQA
cf-ray: 730f123add59bbb6-FRA
content-length: 15372
x-amz-id-2: fDxv+95HcmJXcdY15iOVAXdAb5QcNDpaVG1UqnuksAkdTFqipr1jl4rY40K2WhAjIR6b1lctac0=
expires: Tue, 26 Jul 2022 18:11:47 GMT
last-modified: Fri, 13 Nov 2020 20:25:05 GMT
server: cloudflare
etag: "b56d3a40e32e14460827bd42309a2fed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
x-amz-version-id: null
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/octet-stream
x-amz-meta-mtime: 1480755818

GET
H2 200 SafeFrameVisibilityProvider.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_88_0_0/ Frame E8DB 5 KB
2 KB 9ms
8ms Script
application/javascript 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_88_0_0/SafeFrameVisibilityProvider.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cd2a92268240bf123a90f34d5d040c32d3b292a8ebf29186c8839449a45e8652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 13:00:33 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
etag: W/"7f2e6729e191e88ee3bd1585f8269f6f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1885615
accept-ranges: bytes
content-length: 1667
x-amz-cf-id: qEICoV4HQN2RPKZk-lU79_KUBeqlRmDDQFj0_hxiSuUeTsV2RPOX3w==

GET
H2 200 unified-lire.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame A906 431 KB
143 KB 12ms
9ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=d112e1a

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

5b081ae2dd2a6b8a38cadf8fc949afbd5bd50d20377e935b4a9631f6b9ff0a8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 156
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 3
content-length: 146164
x-served-by: cache-fra19180-FRA
expires: Mon, 25 Jul 2022 17:45:23 GMT
server: envoy
etag: "Op9ysw"
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: a1a41ab77a1caf5e416ffd5ab3fd2ffa
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
x-cache-hits: 2

GET
H2 200 sentry.bundle.js Show response
myaccount.nytimes.com/lire_ui/js/ Frame A906 108 KB
108 KB 387ms
385ms Script
application/javascript 151.101.1.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

ec8aac1a1f74bea844cfa644ebdd236941d9b98e831ddf0b5cd831a7b91fc737

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; preload; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
x-envoy-decorator-operation: lire-ui.auth.nyti.nyt.net:443/*
x-api-version: F-X
age: 52
content-security-policy-report-only: upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-cache: HIT
x-envoy-upstream-service-time: 88
x-cache-hits: 1
content-length: 110120
x-served-by: cache-fra19180-FRA
server: envoy
etag: "Op9ysw"
strict-transport-security: max-age=300; preload; includeSubdomains
content-type: application/javascript
via: 1.1 varnish
x-cloud-trace-context: 7c989c9d1e981fa43341dc59a2f9b9f0
cache-control: public, max-age=600
x-nyt-edge-cache: HIT
accept-ranges: bytes
x-nyt-backend: lire-ui
expires: Fri, 22 Jul 2022 03:06:54 GMT

GET
H2 200 index.html Show response
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/ Frame E8DB 34 KB
9 KB 40ms
7ms XHR
text/html 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/index.html?v=_2_150_1_0&n=1&sHost=secure-ds.serving-sys.com
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 006d33a3bbcf5f5751367d4a5b0820f8ac3523e50dfbb35beca1b92f208f6aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: 76bpa29X0jBi.t_Bf3lOlVGUQ98o6PJ8
content-encoding: gzip
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: 4QZ7G0DWAVDYZ4QZ
etag: "fcdbc1f574fa85f421934f1f3f6262e7-df"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 8428
x-amz-id-2: ibBE0pOwSKk3hZEAlO53y3nDmxrtivl7R3MfvIxZNH3W39Hd3QTKVSr2CHDAy8wH0WoJIWFPStQ=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 ATH8A-MAMN8-XPXCH-N5KAX-8D239 Show response
s.go-mpulse.net/boomerang/ Frame A906 205 KB
49 KB 43ms
9ms Script
application/javascript 2a02:26f0:6c00:287::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:287::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: br
last-modified: Mon, 04 Jul 2022 03:50:48 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 200 track
a.et.nytimes.com/ Frame A906 0
0 108ms
107ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tags.js Show response
dd.nytimes.com/ Frame A906 209 KB
43 KB 17ms
15ms Script
text/javascript 52.222.236.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/tags.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-105.fra56.r.cloudfront.net

Software

Apache /

Resource Hash

be4e7fe530814818817ef4e09f740982d12335e178ae1a60f1ae8699fb89878c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
etag: "34515-5e4b2951e5a21-gzip"
age: 3024
x-cache: Hit from cloudfront
content-length: 43581
access-control-allow-origin: *
last-modified: Tue, 26 Jul 2022 10:15:40 GMT
server: Apache
date: Tue, 26 Jul 2022 17:16:24 GMT
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront), 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: FRA60-P2, FRA56-P4
accept-ranges: bytes
x-amz-cf-id: vllJpzKBkJ92vBLTs0OFNrbmM9XfIsxgQL6QjtusF982N45yBkTfBQ==
expires: Tue, 26 Jul 2022 18:16:23 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame A906 0
0 111ms
110ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 data-layer Show response
a.nytimes.com/svc/nyt/ Frame A906 990 B
1 KB 344ms
141ms Fetch
application/json 52.207.181.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.nytimes.com/svc/nyt/data-layer?sourceApp=nyt-lire&referrer=https%3A%2F%2Fwww.nytimes.com%2F&assetUrl=https%3A%2F%2Fmyaccount.nytimes.com%2Fauth%2Fiframe%2Fenter-email%3Fresponse_type%3Dcookie%26client_id%3Dfreex%26redirect_uri%3Dhttps%253A%252F%252Fwww.nytimes.com%252Fsubscription%252Fonboarding-offer%253FcampaignID%253D7JFJX%2526EXIT_URI%253Dhttps%25253A%25252F%25252Fwww.nytimes.com%25252F2022%25252F07%25252F26%25252Ftechnology%25252Fkraken-crypto-iran.html%26display%3Dregiwall_lire%26asset%3DRegiWall%26application%3DFree_Experience%26preloaded%3Dtrue%23lire-ui-669820
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/unified-lire.bundle.js?v=d112e1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.207.181.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-181-173.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 392303be6fa4410a6aafdbba0a6924c956e474c446c5c178ea97ffca7a69a8fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
x-envoy-decorator-operation: a.nytimes.com:443/*
server: envoy
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://myaccount.nytimes.com
x-cloud-trace-context: d41cebab89e0b813229df91d4f25cb65
cache-control: private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 41
access-control-allow-headers: Content-Type, x-requested-by
expires: Tue, 26 Jul 2022 18:06:47 GMT

GET
H2 200 adkit.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/ Frame F085 71 KB
23 KB 12ms
9ms Script
application/javascript 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 22:46:45 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
etag: W/"257b68f9ecc3e5a28f10fd241e580d02"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 22930
x-amz-cf-id: abRW7AnhZGw_ehd_48v862Bz8uqtvNcVjdkEOlX4KdGnHCXZf-FcKQ==

GET
H2 200 TweenMax.min.js Show response
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/scripts/ Frame F085 113 KB
38 KB 13ms
10ms Script
application/x-javascript 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/scripts/TweenMax.min.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: l.XVCJX729B7ZTjAbhbuJkFiAnrvBaU3
content-encoding: gzip
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: 4QZE1J146W3GCZSX
etag: "3dc5474a75410cb768741e402b80d908"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 38521
x-amz-id-2: g5W21aA4oXsuhNltrNoWyV80TEZN+yybkhPnrjd+WDv9/RU76C0jiE6BQHyTofMryXuXs8BGBNI=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 logo_background_gradient.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 9 KB
9 KB 14ms
11ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/logo_background_gradient.png
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: ea063b0b796cbd28e5ad23a08937d29b2f5792ab4c5bcc9c02717ce7bc1b1390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: mcvBFqNCzYhd50NJFlLHJ8WGB7n177M7
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: 4QZE83DRHTTE1BSY
etag: "a6759b2afbf59e85dc78faa5f614f7b3"
content-type: image/png
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 9341
x-amz-id-2: wYtw0pkwWt1MF4o8qvX1hAmYOV+UwRH2fA+ewGMNlOF3csZmLuMMRupZ2NkQpMdzlMMCTGQuKic=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 300x250_flowlines.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 6 KB
6 KB 14ms
12ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/300x250_flowlines.png
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 64b43768cc86f7a303643accfa9366ad7f3cca886a6e95add3f0f207f6b22e48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: XxKgas9PILr1uchVdkG63MYyG8x0H5qx
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: CXZ9SFDATY1THW0T
etag: "d1c5a54a1c9595310507b6bcc8ee2b3d"
content-type: image/png
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 6183
x-amz-id-2: 1vvrznShLIkSGfGYFN0Uh507d+Et1yBLKcvaPBUwUvfWcU8YeuWYX2VS7HHYX5ZDle/xtXEDifE=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 strapline.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 3 KB
4 KB 15ms
13ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/strapline.png
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 654dfd63e3c77ac4fdbd91be58b268505025c6de339419bd3fff995ef670bb77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: TTjCs47_QWo7m_yUNNenYgcJNTGKf9ZX
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: CXZE10112Z525X9W
etag: "b6d0b4d1f6efe2086b9c59bfb1af5e75"
content-type: image/png
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 3260
x-amz-id-2: r6rcrxzQ8lo0vJRwYHpmanB5gxa0wKimDAH2pUvbaiS65wPcFFQ3bRe56u8R5trH99i2xN/JuM8=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 Farmer_AF1_v2.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 72 KB
73 KB 19ms
17ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/Farmer_AF1_v2.png
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 112e0add5c7b4150fdcc345ed2aedacee08d70c0247a8e8f89e92631f5a6a08c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: teNasayFwyVDa4b7oudXnz694jf4pCIg
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: CXZ7QVR0MWH8D9CE
etag: "c82f5d4eaf887878ca2bb52b5702518d"
content-type: image/png
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 73969
x-amz-id-2: Cd52zeqzUApJa/Ye4bLztWEVMGTAWfl/n9czVp1m/1ZGUJqMx5VKUx09XUN9wBUsEmNCS1SYMUo=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 Farmer_AF1.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 76 KB
76 KB 20ms
18ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/Farmer_AF1.png
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 20d1866774c1ffec0093fe5ff1c7b34bdab94d629ef5f75ff0f3633a2453b560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: ZeCfFsVX2ao1YhXjGw81XiJkVLAHyTDN
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: CXZATR8SPTMR9JQN
etag: "3dc912389681521d870e1d5225c74bc6"
content-type: image/png
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 77811
x-amz-id-2: ZVFaH70Y/a7iITYG2NIGGXq0fya6RY31JEyASOkZa+ptQ8IUfVM8cKkw+AbcnfUMDNu4rlekBMk=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 topRightCorner.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 6 KB
6 KB 21ms
19ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/topRightCorner.png
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 774a9fb7754dc80bba84333f1e05902c3c37e8c5a888896c2b3c37cbf59ff069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: owaKoayiLGW1o6uIqte3FjEXdorGU6nA
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: CXZF0XTAQTT74S6S
etag: "4ab498ee3a8b2601667edd6f23940e0e"
content-type: image/png
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 6071
x-amz-id-2: fVbnRGVGnkAwrQyY/tkkQ8uLUIaUe0rysoywqjJPpcQNfn5w9Rhiy/MOofT8Aa3an4IuoXQ8EcE=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 970x250_flowlines.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 3 KB
3 KB 21ms
20ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/970x250_flowlines.png
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: e04b094ea2e398503d7148fd6beff0305bf352c5db9e396b0f40a3c5040f8914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: DfGJwA2lMHKe.XMH.Ft9UgDF_ViGfEAy
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: CXZ67ZVZPFF73F37
etag: "ba9300ed172eb358ec79d875e9dab1f6"
content-type: image/png
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2873
x-amz-id-2: uJk/QjY9NitafUMRSizGwmnETl3P0aRWadg4MrLtcMVQB40pElRf23gFDmljodqoxFUDCrf19lM=
expires: Mon, 31 Dec 2035 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ 0
0 121ms
120ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 nyt-franklin-500-normal.woff
typeface.nyt.com/fonts/ Frame A906 29 KB
29 KB 42ms
31ms Font
font/woff 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-500-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=GFrw3g==, md5=co6VJ/73OQR4PdJWECnQkQ==
date: Tue, 26 Jul 2022 18:06:47 GMT
via: 1.1 varnish
content-type: font/woff
age: 21662806
x-guploader-uploadid: ADPycduWUdohWbmdL1rivuan-1YImz8GYvSRVPDxOHSgYXs214GqfAuNl2tIbRMrC2ba_l-XZwV8YR-jMXdE-vciAe-3DYVesA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29324
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Fri, 18 Nov 2022 00:40:01 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1658858808.634637,VS0,VE0
etag: "728e9527fef73904783dd2561029d091"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717313763
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29324
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 2799

GET
H2 200 nyt-franklin-700-normal.woff
typeface.nyt.com/fonts/ Frame A906 29 KB
29 KB 50ms
41ms Font
font/woff 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://typeface.nyt.com/fonts/nyt-franklin-700-normal.woff
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa

Request headers

Referer: https://myaccount.nytimes.com/
Origin: https://myaccount.nytimes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-goog-hash: crc32c=0c1ISA==, md5=LJhJE6LL9Pt8L1yzy3aOxw==
date: Tue, 26 Jul 2022 18:06:47 GMT
via: 1.1 varnish
content-type: font/woff
age: 28920097
x-guploader-uploadid: ADPycdvyamaSrCltvbUkFBlVtHRDwqP5ujuGIPqcVx4oT2rM_OCN95_RWXSlJp4clxTjbv_tAvPteXgIt54Y_5ex1Cs
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 29504
x-served-by: cache-fra19138-FRA
accept-ranges: bytes
expires: Fri, 26 Aug 2022 00:45:11 GMT
last-modified: Mon, 16 Nov 2020 14:58:37 GMT
server: UploadServer
x-timer: S1658858808.634673,VS0,VE0
etag: "2c984913a2cbf4fb7c2f5cb3cb768ec7"
access-control-allow-methods: GET, OPTIONS
x-goog-generation: 1605538717322939
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 29504
x-nyt-pagetype: nyt-fonts-legacy-asset
timing-allow-origin: *
x-cache-hits: 24

POST
H2 200 track
a.et.nytimes.com/ Frame A906 0
0 107ms
107ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8DB 43 B
215 B 174ms
173ms Image
image/gif 2600:1f13:800:7780:f624:f845:e5e1:e65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095107&asId=6c8aaf80-72a3-86ee-c514-268585bf0802&tv=%7Bc:juVSoE,pingTime:-10,time:607,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuMTM0IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1658858807688%7C%7C948c7b4f42cca2c35aaa1b973ad22e24%7C%7Cdf92c9cff360bda3eafa3e94d6152ec7%7C%7C62428f578143b753f089536a0aa48081%7C%7C9f2b3a591d6dc618d57076cdd2ca228d%7C%7C77f85509b32a6971c7dfb3697f84ddcf%7C%7C38f1bf13f13d63c957f8fd6d59aee892%7C%7C15279a2d2c99315366a72819cf3ecc08%7C%7C1629390669,im:%7Bimprf:%7Bttecl:493,ecd:74,tsecr:141%7D%7D%7D
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f624:f845:e5e1:e65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 / Show response
dd.nytimes.com/js/ Frame A906 231 B
616 B 22ms
21ms XHR
application/json 52.222.236.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dd.nytimes.com/js/

Requested by

Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-105.fra56.r.cloudfront.net

Software

DataDome /

Resource Hash

8bb32da179ed58195d80738e4efb132b8a7337db0b88539b059fc5f0808a074a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
server: DataDome
x-amz-cf-pop: FRA56-P4
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: Miss from cloudfront
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 231
x-amz-cf-id: 3VqHANSm9P1W91JbThibVyESGL1Z7szo0Ie-SdDoLuVfwLKLHEvORQ==
expires: 0

GET
H2 200 mobileWhileGradient.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 182 KB
183 KB 9ms
9ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/mobileWhileGradient.png
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: c6d1c483f8ffbbafdd878c79bf86907b408e3ae7e95b41af6ee57c51d8f82581

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: aoDTcM_7mMrMsKVwV0aRN9w5P0IkHPFW
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: 8YSF053DB0C616MV
etag: "84233da3cb4daac23c963e6e35e85506"
content-type: image/png
x-amz-storage-class: STANDARD_IA
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
access-control-allow-origin: *
content-length: 186464
x-amz-id-2: WBoNS8aX+zDcmSt3Zvn9+vxEuOkZLNFYy+A/qZAd2d2Yxn0eHrAo5C7+nfsjyJ115jJCBtPczbQ=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 chevron.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 4 KB
4 KB 8ms
8ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/chevron.png
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 3afd3efe52eab74116e3c046b9e45ca75db634b92061c0807d6d0eb1dba1cc7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: jWiHYx8A0XJVuToSstTOsncDwbK22psU
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: 8YS3VHZ4SKVBCSFX
etag: "f99206620386833648bbf9f6d5b49d23"
content-type: image/png
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 3878
x-amz-id-2: dOLtD+nlAtHgKnTZquAtTqL2NwmcxBp5SSNSRTZdJigATOt5/l24mvqaZIInmhq0n2gIpb6HQmc=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 SABICTypefaceHeadline-Regular.woff2
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/fonts/ Frame F085 68 KB
69 KB 9ms
9ms Font
application/font-woff2 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/fonts/SABICTypefaceHeadline-Regular.woff2
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: c8bb45401e2ea6746919e3f7c8246d9ecfd13fc417d0198b717eca794ad67f82

Request headers

Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
Origin: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: LJnoSXAutGKWlFlyopnsSWstuCnFwo0P
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: 8YS1W51W54CQM6C4
etag: "f6c2f15eec9770d1f904fe2805a7cfcd"
content-type: application/font-woff2
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 69972
x-amz-id-2: dhuhAYyI4II4Uh0S/fBr4YeXQ32oPi8MU0RWEiloZSxH3r/fVbNEJpC2YhruzPsrM3Tc9krlB4Y=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 config.js Show response
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/ Frame F085 120 B
490 B 10ms
9ms Script
application/x-javascript 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/config.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 092d28c633f21d01e59a047232ee30944fda555284d4b8b3f194baa321fa8514

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: WH.giseCe7eR8UXscRnOkljEuWZXD6Le
content-encoding: gzip
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: CXZ5KRG1WZN7WBAR
etag: "a0eeecab28224fad660449b070a34bcd"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 121
x-amz-id-2: qtnfrkPbnUhFibuG7f/bnOIdndtpMSiPwJ2D2kAV0APatYG8i+nlB0lseBqwMLzlzdV3BBP7vao=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame A906 6 KB
2 KB 51ms
26ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=ATH8A-MAMN8-XPXCH-N5KAX-8D239&d=myaccount.nytimes.com&t=5529529&v=1.720.0&sl=0&si=7833c396-e599-417f-ae3d-7aeaf5dd561c-rfn3nb&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b3ebd1d6dc1f1434fbe035c716b737d23b1942b6c81c2cced468f698992b08b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myaccount.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 26 Jul 2022 18:06:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1568

GET
H2 200 EBLoader.js Show response
secure-ds.serving-sys.com/BurstingScript/ Frame F085 13 KB
4 KB 7ms
7ms Script
application/javascript 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/adkit/1_0_41_5/adkit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7a09493f02c721c7da3e052ef25b795e29c2de806cfc9135e0bc7a6710134c41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 16:24:29 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
etag: W/"9f451f9e840353f1c737dad023522454"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 3713
x-amz-cf-id: XJjwnnFUBgiCc23YifEQji_Hhup6Ovpx7K7v8LcvFSsOXyGpLeeK2g==
expires: Tue, 26 Jul 2022 18:06:47 GMT

GET
H2 200 EBCMD.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_150_1_0/ Frame F085 81 KB
28 KB 7ms
7ms XHR
application/javascript 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/HTML5Res_2_150_1_0/EBCMD.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingScript/EBLoader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6ef254cf106054d987fdf95daa728de7c9f99cd2c6a2b41ea5d45e2ca071a5e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
content-encoding: gzip
last-modified: Tue, 21 Jun 2022 13:00:33 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
etag: "7c116e1d1d6f7cdb78b4dd436cdf6f64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1885575
accept-ranges: bytes
content-length: 28585
x-amz-cf-id: bzgJA_R8b3dG6EZhqsHP6xsaRVjPNExVPmesHFJkYES6FouDRVpPbg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8DB 43 B
215 B 166ms
166ms Image
image/gif 2600:1f13:800:7780:f624:f845:e5e1:e65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095107&asId=6c8aaf80-72a3-86ee-c514-268585bf0802&tv=%7Bc:juVSqp,time:716,type:e,im:%7Bpci:%7Btdr:545%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:716,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.1600.0,am:i,cc:NaN.NaN.1600.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B605~0%5D,as:%5B605~1600.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:519,fm:tcIyv0Z+11%7C12%7C13*.1095107-64374589%7C131%7C14%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f624:f845:e5e1:e65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:47 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 bg_mobile.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 989 KB
991 KB 9ms
9ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/bg_mobile.png
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 5a30797bca0c52bae45a819a099cabf0f29aef7a49b84e6be1303c680b538a61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: AEipopH0t03HYWJYyLghl_5DbrBoF3L.
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: HFYYXZ038XMTPDVM
etag: "5a5967af5a03396279a2bdc8640dd4c4"
content-type: image/png
x-amz-storage-class: STANDARD_IA
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1012539
x-amz-id-2: tf8AJuWcQs8rXBuEliKXCYH598mwmysT556QgcULbwvb60fligCSKqzdB5ROQYre6zjWvqEBrX0=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 403 /
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/ Frame F085 0
0 114ms
113ms Image
application/xml 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 logo.png
secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/ Frame F085 4 KB
4 KB 15ms
15ms Image
image/png 193.108.153.4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/images/logo.png
Requested by: Host: c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-4.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 5221f1f39bc13b88d679f40f32058b9ebcf8fb3b8b7d034fd9b415a998656872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: Sd2Hc1SonKsAw1vWpB4GzCafGwn9Az32
last-modified: Fri, 21 May 2021 09:23:29 GMT
server: ATS/7.1.0
x-amz-request-id: CXZ0HBBZW0R9N64G
etag: "fedc0b73dc4dca8745aa9eba4966ecbe"
content-type: image/png
access-control-allow-origin: *
date: Tue, 26 Jul 2022 18:06:47 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 3711
x-amz-id-2: jPY9cvU1gZqsUVXxZU1y5rZlIM6aTWGcVfcg/Aa6T1mAiKJS+Qj9voPXrtEr61KieQFhYVqeN98=
expires: Mon, 31 Dec 2035 00:00:00 GMT

POST
H2 200 track
a.et.nytimes.com/ Frame A906 0
0 128ms
127ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/auth/iframe/enter-email?response_type=cookie&client_id=freex&redirect_uri=https%3A%2F%2Fwww.nytimes.com%2Fsubscription%2Fonboarding-offer%3FcampaignID%3D7JFJX%26EXIT_URI%3Dhttps%253A%252F%252Fwww.nytimes.com%252F2022%252F07%252F26%252Ftechnology%252Fkraken-crypto-iran.html&display=regiwall_lire&asset=RegiWall&application=Free_Experience&preloaded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 403 report
csp.dev.nytimes.com/ Frame A906 418 B
526 B 35ms
27ms Other
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.dev.nytimes.com/report

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

4db7cc0f624e7da8059124eb4a91d02e09c7add55d76696762c0b67116ed5572

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 26 Jul 2022 18:06:47 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19138-FRA
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-length: 418
retry-after: 0
x-cache-hits: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E8DB 0
0 50ms
49ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvulrOFgR9PidARnwjNo3KHQvf5CZf0vaCW-DHJuRJs3WanV-JYIoQIAZENsrKznjcuNxLUtzV1W-OHPH40lDiEKruamATFznJUcuu7IdYkf8pAEzC-S621EQP9hfk_k_EX1cVCoWogyaDydjg8sPxqutVLKP1lfsuh5cMDLJ-QbLMp388KrvPdjRrPg9Q617ydyneg4yKqi4Wby23XPErQ1H6_LOSZboFF2ju2s130K3MWB0ja7pGo6ufd2UZWfEJKbMk7qU2z4pqVHiIX3wTCc9uZ6r9Y0K0dtLQ8F-dPAce1N7-QJI7ZlJJu_HdGLaM4JCzVilaI0q3s8Jg&sai=AMfl-YSSH_VLtlrMztoq6xbyo8W5k_ejyL7ojXeXjEqXngQSbp6kHEbTF6qSY5icEgHIWq5NX4Z8LMqvaT6ZwnW5tu-9wxSTpjBH312nGeNvpRGZhy_-1442B92HxoZhOvWb&sig=Cg0ArKJSzOUeclHpVBv2EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Jul 2022 18:06:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 26 Jul 2022 18:06:48 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame E8DB 0
499 B 10ms
9ms XHR
text/html 3.69.41.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1087696227~~0~~1077172577~~7555075622616748199%5EActualSize~1600x0x0x1x1000x0x0x1600x270~0~01020~630$$&usercookie=u2=cab354a8-4641-481a-9c38-c67ffb02ea0c&rnd=0.3781711108288124&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.41.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-135.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 .status
a.et.nytimes.com// 0
0 138ms
138ms Fetch
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com//.status
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept: */*
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 81ms
29ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89ae707a435fa393e20af4ad56debd63e44dae84202658eeed4780423bdee996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Jul 2022 18:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10713
x-xss-protection: 0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 1 KB
1 KB 73ms
38ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbfddf2f5777f8a67f9ebc450ae4b1d2313c77719a994f10a9a734bdbdb98c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 95KDW3DM40TVD7HJ
x-amz-id-2: b54ZpHQDAi7tvS+nLweMnJeKyxDObjxIGxQ57ccTna+nBkT6TmdWiyi9e47J5rD89TUY8QPvTZ4=
last-modified: Thu, 21 Jul 2022 21:11:22 GMT
server: cloudflare
etag: W/"45c8ef91adb34b1c7f053b59225a0e9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aq5kMzdV2wR9zb%2FAvUZ8SsoMKwCQhtVBObi%2BI5ocPwVGcKEUTrTnAYphwY3LyMLXN3NZ7a%2Bk9J9nQIZE2gUYhaGvd6ekCY23ea7tl9avTZKS8WvJNzCGRCCdUvOCKwv%2B4BK4yX5G9PJ%2Buz6z8ZLmki9Sf1M%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 730f123eca18bbdf-FRA

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame E8DB 0
406 B 13ms
12ms XHR
text/html 3.69.41.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1087696227~~0~~1077172577~~7555075622616748199%5EActualSize~1600x270x0x2x1000x1x0x1600x270~0~00020~679$$&usercookie=u2=cab354a8-4641-481a-9c38-c67ffb02ea0c&rnd=0.34315817649850966&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.41.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-135.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:48 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H2 403 report
csp.dev.nytimes.com/ Frame A906 418 B
457 B 17ms
16ms Other
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.dev.nytimes.com/report

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

027507fe405df2ac9c2d6963bf1ae713bc53c217c3f5815f79ebd249363554d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 26 Jul 2022 18:06:48 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19138-FRA
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-length: 418
retry-after: 0
x-cache-hits: 0

GET getdns.txt
trial-eum-clientnsv4-s.akamaihd.net/eum/ Frame A906 0
0

POST
H2 403 report
csp.dev.nytimes.com/ Frame A906 418 B
480 B 9ms
8ms Other
text/html 151.101.65.164
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://csp.dev.nytimes.com/report

Requested by

Host: myaccount.nytimes.com
URL: https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.164 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

c9adbe3472630741bf462a68dff0558820c4ad77d4b4d098191563496330e31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains

Request headers

Referer: https://myaccount.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 26 Jul 2022 18:06:48 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19138-FRA
strict-transport-security: max-age=63072000; preload; includeSubdomains
x-cache: MISS
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-length: 418
retry-after: 0
x-cache-hits: 0

GET getdns.txt
trial-eum-clienttons-s.akamaihd.net/eum/ Frame A906 0
0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 95ms
43ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Jul 2022 18:06:48 GMT

GET
H3 200 match-prod-9a861d498447127e8ba6.js Show response
platform.iteratehq.com/ 83 KB
29 KB 31ms
18ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-9a861d498447127e8ba6.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

709767002328b15009dc50ec0a405e385afeeb9bb3c8515f3cf6ecc350246733

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420916
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: F11VPQANY9GCTE9W
x-amz-id-2: Kfeh7JqH/lA2kUnrxY7kynsqPM0qSbvZuYyq4IFZIjR7O22Ttld8+p1P+VhyD6/0HHiWYtmsVmU=
last-modified: Thu, 21 Jul 2022 21:11:18 GMT
server: cloudflare
etag: W/"0592ee1ab675cbdd495c218ebedde626"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5suok1%2BuibfIRsUg8VwjBhqqRXKB4h6bOIgVQ%2Bc%2BCzQMSiLNEbrydMQi1MuNZnPWJIjTiZpSGFY6qrDZRJIbUVjG%2BH9LYF3%2BX%2BMNHT%2F9N%2F8kqr0wfY3yObXYmsSCwK844W%2BnAfun4BaHs2A%2BnUX98U7YeuQv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 730f123f2a67902a-FRA

POST
H3 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
1 KB 144ms
133ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-9a861d498447127e8ba6.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19a2950e84fe8dd03147256fe069fe44be7ac77a762bbedbd0814785826e0313

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
Content-Type: application/json

Response headers

date: Tue, 26 Jul 2022 18:06:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjxNCq4%2FtegYqDwso3LiyDFr%2ByJQ449WCA95BPj8hfcHlGl8vnPonMhVXbjLDcQpcI88YEDP1GSrgg3ZFpPCE2Os78a0rhMIvs1Ea3Y%2Fmj5Vu6kl3U7%2FWni%2FTeERgVXH129E5hIJqOk9Oy9J"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 730f124078d4bb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 159ms
124ms Preflight 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.nytimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 730f123f9e6b9006-FRA
content-length: 0
date: Tue, 26 Jul 2022 18:06:48 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TemJPZgoBpRefKnnigewSKj3yeQpVSl2dl%2FYWFWUbcOkCv%2FOhhVYf3pDTyTRTLxmOk5RNj%2BuFYPtPTag1w17w9%2FKoHXm4lIuUNQWv4x9usLCWtvaDebLBjquDZXPxx%2FpJj%2BtFcbMfKe53qqP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BCF0 13 KB
5 KB 25ms
25ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4302
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 16:55:06 GMT
expires: Wed, 26 Jul 2023 16:55:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FDAC 783 B
1 KB 90ms
23ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6d4c27b78a239b40f959630181c2ea11409491f75ae83ab7e8e253a674abeb7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S48VuEt-t0QBDRAtwvU09w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nytimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-S48VuEt-t0QBDRAtwvU09w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 18:06:48 GMT
expires: Tue, 26 Jul 2022 18:06:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Show response
pagead2.googlesyndication.com/bg/ Frame BCF0 36 KB
14 KB 66ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 11:42:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 195840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 11:42:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FDAC 0
0 79ms
78ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071901&jk=526686587848474&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BCF0 0
9 B 24ms
24ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pFtPOg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 26 Jul 2022 18:06:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
81ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071901&jk=526686587848474&bg=!dnWldTHNAAacadVKvGk7ACkAdvg8WrdeQ21Rf8xaMw0pP7kh7OLgaTBcXBniKT-mOu4E3cPmfOaeQAIAAABsUgAAAANoAQcKAMMiQaxEBtrFSxLOxQEqSgJoWLtrIJ1_nrCVKjdIlLVn1UFPFAtIXqn3ddpQz8BY04dXhS0Undc3LEf0c_n3sgNFwCmPR4wwAF_iM3gp6f5iAVAoDrUTTOo3J4oKzs2Vx9_OpVetK9wafa2uXxcdsfuMCmLlFTKwgATEfaKiferAm2KgD9hzQEVvEpt1npzac4Tgl1vztYLwUjf5tbvdHDvgTP6GebRsbZ2X7CM6EOkw5AasXfWA4REy85NQiG-HbfzF0AeZAqi1m6e7NJTeq7JDcaUv-TGGFXtOE6ctPs9YHdAjd5xVD6F0zaolh016Lck64MFVNGWQi6ynPZFSAh74E2WV_OBNOiKxUWXy9Ucv7tSm35m6zBkLVC47GFpcZDiV0f3R3j65wXWzh3GrNz15Q1IEQGQDn859t266i8JpryOwzmbG4hom6plze1g2JsMhOafXXhz8hOjHc6EbaZk4iPTMCPVQozvHAzRREByBQC-lUF7zQQz4o3QrXFFrw_JAAbJL4D6rLnJTrCXN0eFIxmmFDqKOE6o0fIoa5Ou2GRroh6-USenl4xZcsQDAH5WocW5eGsTg58Z1Akz0PXrspLn2j01i8THI--a1mRYUVjV35X-jzs2GH6MVbGbkMmrT9cEsi2DB8_nsQz0g9g5tBw0mX1bhJrZg4K1n6cr9cmcJ_Tcacq7Wu2SWVsQ2GT8a3USa-1TCMzZlorAt563LjrHB51T03rHDY85Veqju9QCrmeY9diuXqiuWPKt6JJYd6kTPSgKX4opg8UkQSXcrLDp9YsqM6BKFJkocYdbKqKFCCac2kGJ8KSBaewsrALTEIzdC3mfH1FqARhFmHbzOx2RBtITuooJ1PYrE0KW5z247efu8j6o1twynhhlaaDuVT3ab6ULq217CCnFxTi8Alx633wYWTJKeOR7SN9DGgaulQcuMfx_r0F04uKtkUILRkqa7pVYiMp3EkpTNV_zE2v9VXYOkXIQMCmtqRGvWCbgE6tmWQQQH1ymmyvSntF0jg-D0w0U4nzx8H-VcGwSEvjgOcdMG8Ei4nGvVl1-1JpV5NQ80aCnSqJem4xpZa4TGD0V_3oWhTby9C24ppYn9-PmCoUoUmL66BpxxH3nk0zl5fiMkrFQ4DvRBlsqGvnK6ULCJXKqLzQXk5EaGOg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E8DB 42 B
64 B 97ms
47ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2CKXYzGlSXPrDEN14aDC8vKSLxEocCdm5kSEbYRxaEWLFwOQiIyM4mUxcI6uJ5lS4X_vLGt2T4NnDdhL1oj6ZV_R8eJI3Jg1uHL7hTNZDHcyRHcGh&sig=Cg0ArKJSzH68PFfYKItXEAE&id=lidar2&mcvt=1005&p=133,0,403,1600&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220725&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=1108970029&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658858806586&rpt=1448&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8DB 43 B
215 B 168ms
167ms Image
image/gif 2600:1f13:800:7780:f624:f845:e5e1:e65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095107&asId=6c8aaf80-72a3-86ee-c514-268585bf0802&tv=%7Bc:juVSLF,pingTime:1,time:2034,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:1600,h:0,t:128%7D,%7Bpiv:100,vs:i,r:,h:270,t:1033%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1002,o:1032,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.1600.0,am:i,cc:NaN.NaN.1600.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B921~0%5D,as:%5B921~1600.0%5D%7D%7D,%7Bsl:i,t:1032,wc:0.0.1600.1200,ac:NaN.NaN.1600.270,am:i,cc:NaN.NaN.1600.270,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~1600.270%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:169,fm:tcIyv0Z+11%7C12%7C13*.1095107-64374589%7C131%7C14%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f624:f845:e5e1:e65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:49 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame E8DB 43 B
215 B 166ms
166ms Image
image/gif 2600:1f13:800:7780:f624:f845:e5e1:e65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1095107&asId=6c8aaf80-72a3-86ee-c514-268585bf0802&tv=%7Bc:juVSLF,pingTime:1,time:2034,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:1600,h:0,t:128%7D,%7Bpiv:100,vs:i,r:,h:270,t:1033%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1002,o:1032,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:128,wc:0.0.1600.1200,ac:NaN.NaN.1600.0,am:i,cc:NaN.NaN.1600.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B921~0%5D,as:%5B921~1600.0%5D%7D%7D,%7Bsl:i,t:1032,wc:0.0.1600.1200,ac:NaN.NaN.1600.270,am:i,cc:NaN.NaN.1600.270,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~1600.270%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:169,fm:tcIyv0Z+11%7C12%7C13*.1095107-64374589%7C131%7C14%7C15%7C16,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:f624:f845:e5e1:e65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Jul 2022 18:06:49 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 48F2 0
210 B 36ms
7ms Ping
text/plain 213.254.244.110
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=80b775c5cee044efa267d0d688f653aa&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=157&eoid=11&msrjs=2930&sdf=2&vit=2&isvelg=1&rmi=16&tltms=0&tetms=9&msltms=55&vltms=157&sei=290&vetms=29&engms=1&engisel=1&dvp_dtcov=2&msrcanlm=328&msrcannum=3&ismms=57&isumms=56&nvr=6&isgmmims=57&isgmv4mims=57&elmtp=2&isbxdms=3057&b0=913&b11=2330&adhgt=270&adwdth=1600&vsos=23&dvp_vsosnmr=16&lftb=3243&sftb=3243&msrdp=0&naral=64&vct=512&vphgt=1200&vpwdth=1600&chgt=270&cwdth=1600&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1757&isuiabvms=1757&isgmpims=56&isgmv4dpims=1757&ispmxpms=1757&engalms=55&dvp_dpr=1&ttfurm=3231&cbust=1658858810506422
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2930.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 26 Jul 2022 18:06:49 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 07/25/2022 18:06:50

POST
H2 200 track
a.et.nytimes.com/ 0
0 108ms
108ms Ping
application/json 34.192.116.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.et.nytimes.com/track
Requested by: Host: www.nytimes.com
URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.192.116.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-116-222.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nytimes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK int Show response
lm.serving-sys.com/lm/ Frame E8DB 0
230 B 35ms
9ms XHR
text/plain 3.74.200.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/int
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.200.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-200-12.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: als-svc.nytimes.com
URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2Fa8225686-6ca7-572a-bd79-82c08fda0cdf&typ=&prop=nyt&plat=web

Domain: trial-eum-clientnsv4-s.akamaihd.net
URL: https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pwnir2zop

Domain: trial-eum-clienttons-s.akamaihd.net
URL: https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pwnir2zop

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nytimes.com/	1970-01-20 13:33:14	Name: nyt-a Value: 0trb6V2bYqULFEwQxXqiIe
.nytimes.com/	1970-01-20 04:48:00	Name: nyt-gdpr Value: 1
.nytimes.com/	1970-01-20 13:33:14	Name: nyt-purr Value: cfhspnahhudn
.nytimes.com/	1970-01-20 04:48:00	Name: nyt-us Value: 0
.nytimes.com/	1970-01-20 04:48:00	Name: nyt-geo Value: DE
.nytimes.com/	1969-12-31 23:59:59	Name: nyt-b3-traceid Value: a5f0c4356ae8478c9bc5aec69b373ec1
.et.nytimes.com/	1970-01-20 04:47:40	Name: sessionActive Value: true
.et.nytimes.com/	1970-01-20 13:33:14	Name: sessionIndex Value: 1\|1658858805210\|0trb6V2bYqULFEwQxXqiIe\|1658858805210
.nytimes.com/	1970-01-20 14:17:08	Name: purr-cache Value: <K0<r<C_<G_<S0
.nytimes.com/	1970-01-22 00:37:05	Name: nyt-m Value: 0895A767BB879F0BF9F33B5394B4C125&ica=i.0&ird=i.0&uuid=s.cfe221cc-7d5e-4208-a008-1bf330ac0c89&t=i.0&fv=i.0&iue=i.0&iub=i.0&igd=i.0&imv=i.0&er=i.1658858806&prt=i.0&e=i.1659340800&imu=i.1&ier=i.0&igu=i.1&igf=i.0&n=i.2&cav=i.1&vr=l.4.0.0.0.0&iga=i.0&iir=i.0&g=i.0&rc=i.1&pr=l.4.0.0.0.0&vp=i.0&iru=i.1&ira=i.0&ifv=i.0&s=s.core&v=i.0&ft=i.0
.nytimes.com/	1970-01-20 13:33:14	Name: nyt-jkidd Value: uid=0&lastRequest=1658858806246&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon
.a.nytimes.com/	1969-12-31 23:59:59	Name: jkidd-s Value: referrer=&landing=&start=1658858806246&isNew=1&pageIndex=1
.a.nytimes.com/	1970-01-20 13:33:14	Name: jkidd-p Value: prevPage=&currPage=
.nytimes.com/	1970-01-20 04:47:59	Name: b2b_cig_opt Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/	1970-01-20 04:47:59	Name: edu_cig_opt Value: %7B%22isEduUser%22%3Afalse%7D
.doubleclick.net/	1970-01-20 14:09:14	Name: IDE Value: AHWqTUnoVtJx0EmFzMJ1b8XpgxtKLvymJexIfJttCaEprES8ctmpWvOFSMunVVhBtnc
.nytimes.com/	1970-01-20 14:09:14	Name: __gads Value: ID=cb815dbffb595aed:T=1658858806:S=ALNI_MaNQ2XVzdUZwEN63788OKbID3hIdg
.nytimes.com/	1970-01-20 06:57:14	Name: _gcl_au Value: 1.1.1960796568.1658858807
.nytimes.com/	1970-01-20 22:18:50	Name: walley Value: GA1.2.449409441.1658858806
.nytimes.com/	1970-01-20 04:49:05	Name: walley_gid Value: GA1.2.747675271.1658858807
.nytimes.com/	1970-01-20 04:47:38	Name: _gat_UA-58630905-2 Value: 1
.fonts.net/	1970-01-20 04:47:40	Name: __cf_bm Value: L7Ja.BDHY46ujCCB_6XMdWCt2NRjlgdeEQZPjfAOl.4-1658858806-0-AVROGee/T/COUuuHJw+QQq+CldUYw8Mg3DWiUPiFgge6NCgCvBM78EYkjjDb1lIRvfsmgSqACwVK/Klhr+4luUQ=
.nytimes.com/	1970-01-20 14:16:26	Name: _cb Value: DQwc10C8Fq8PDyXsi7
.nytimes.com/	1970-01-20 14:16:26	Name: _chartbeat2 Value: .1658858806977.1658858806977.1.D2KFb5Dy3cVFuuIaQBYtg10CQujp9.1
.nytimes.com/	1970-01-20 04:47:40	Name: _cb_svref Value: null
.serving-sys.com/	1970-01-20 06:57:14	Name: A6 Value: 10ReRzxfd+1005Rc000010000
.serving-sys.com/	1970-01-20 06:57:14	Name: u2 Value: cab354a8-4641-481a-9c38-c67ffb02ea0c4H.06g
.et.nytimes.com/	1970-01-20 04:49:05	Name: et-ppvid Value: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html=dF1w0eAaSQEC1f2fk5wQfvte^https://myaccount.nytimes.com/auth/iframe/enter-email=Bk5_QJ7p0vQZxThimxso1ziV
.nytimes.com/	1970-01-20 13:33:14	Name: datadome Value: 76ISBFqRochvHDdw1YY3~ZunfUf2VFzerwqrWOOxjQYY_dqxE1VClS940VERMAAnjHSH9v1_ANjU77YKz~3uRH7AQWtGOPd_TlF1GHLGtTWRURwglmcCZvgX9X2xjIm
.nytimes.com/	1970-01-20 04:57:43	Name: RT Value: "z=1&dm=nytimes.com&si=7598d39d-cab2-4e64-977a-9c304d4b4708&ss=l62hpbc3&sl=1&tt=py&bcn=%2F%2F684dd328.akstat.io%2F&ld=q3"
.serving-sys.com/	1970-01-20 06:57:14	Name: eyeblaster Value: RES=32
.nytimes.com/	1970-01-23 20:23:38	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2MmUwMmQzODg1M2FmODAwMDFmNmQ2MzEiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjU4ODU4ODA4fQ.F99WnpyZQM17V0A0Pjwi8cJUlSmmWexFFwCO6GiZkqg

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://myaccount.nytimes.com/auth/prefetch-assets Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network	error	URL: https://myaccount.nytimes.com/lire_ui/js/common/abra/index.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://www.nytimes.com/2022/07/26/technology/kraken-crypto-iran.html Message: Access to XMLHttpRequest at 'https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2Fa8225686-6ca7-572a-bd79-82c08fda0cdf&typ=&prop=nyt&plat=web' from origin 'https://www.nytimes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://als-svc.nytimes.com/als?uri=nyt%3A%2F%2Farticle%2Fa8225686-6ca7-572a-bd79-82c08fda0cdf&typ=&prop=nyt&plat=web Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com/safeframe/1-0-38/html/mraid.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js(Line 110) Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_221_3_0/ebHtml5PoliteBanner_api.js(Line 110) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security	error	URL: https://s.go-mpulse.net/boomerang/ATH8A-MAMN8-XPXCH-N5KAX-8D239(Line 9) Message: Refused to connect to 'https://684dd328.akstat.io/' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://secure-ds.serving-sys.com/resources/PROD/html5/299/20210521/1075921338/62560120134967147/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js(Line 1) Message: Refused to connect to 'https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pwnir2zop' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
security	error	URL: https://myaccount.nytimes.com/lire_ui/js/sentry.bundle.js(Line 1) Message: Refused to connect to 'https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pwnir2zop' because it violates the following Content Security Policy directive: "connect-src 'self' .nytimes.com https://sentry.io .datadome.co https://*.go-mpulse.net".
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://csp.dev.nytimes.com/report Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security	max-age=63072000; preload; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
als-svc.nytimes.com
bs.serving-sys.com
c.go-mpulse.net
c7513343d179af5f63db8167f02a2076.safeframe.googlesyndication.com
cdn.brandmetrics.com
cdn.doubleverify.com
csp.dev.nytimes.com
dd.nytimes.com
dt.adsafeprotected.com
fast.fonts.net
g1.nyt.com
insight.adsrvr.org
iteratehq.com
lm.serving-sys.com
meter-svc.nytimes.com
mwcm.nytimes.com
myaccount.nytimes.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
platform.iteratehq.com
pnytimes.chartbeat.net
purr.nytimes.com
s.go-mpulse.net
samizdat-graphql.nytimes.com
secure-ds.serving-sys.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
static01.nyt.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
typeface.nyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.nytimes.com
als-svc.nytimes.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
142.250.185.102
151.101.1.164
151.101.129.164
151.101.65.164
172.217.18.2
193.108.153.4
213.254.244.110
2600:1f13:800:7780:f624:f845:e5e1:e65
2600:9000:223c:a800:18:1fcd:351:7bc1
2600:9000:223f:7a00:8:48e:53c0:93a1
2606:4700:20::681a:79b
2606:4700::6811:e04e
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:827::2008
2a00:1450:4001:831::2002
2a00:1450:400e:80f::2013
2a02:26f0:3500:585::4469
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:287::11a6
2a06:98c1:3121::3
3.69.41.135
3.74.200.12
34.192.116.222
35.241.35.241
35.71.131.137
52.207.181.173
52.222.236.105
52.30.25.219
52.72.129.95
006d33a3bbcf5f5751367d4a5b0820f8ac3523e50dfbb35beca1b92f208f6aa5
027507fe405df2ac9c2d6963bf1ae713bc53c217c3f5815f79ebd249363554d2
047f8320113e7e94f79d166cb814544ffa558608e2b1d706d3bcba0a3034b209
078a5d6e227e8d58076090356e2b36a3999c610e88ca735fe3eceeeb72a4477c
082086fa8aadd53998ab416fdf7cfcd6ab7d2a29ade47b19135addb8b5aa9d10
092d28c633f21d01e59a047232ee30944fda555284d4b8b3f194baa321fa8514
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
109e731eaa022551feafd54074658e3842801e7396efb9119747edbe4f86fa79
112e0add5c7b4150fdcc345ed2aedacee08d70c0247a8e8f89e92631f5a6a08c
18ddec635c94f0004919a4c299f1e5bdf1e5cc0efc263669fc343d5cfc6144f3
19a2950e84fe8dd03147256fe069fe44be7ac77a762bbedbd0814785826e0313
1a4921877a651d0873db28503f132aed42da17b71b686c676d5067d239b1e389
1bc1eaee4de33b5ace5db5ba3ed858b4bfe60c37ec0a18ead7cc5388d8e90332
1c80ac01827e533d07537931c9bb185fbb72e48757d7612206b792d3dde7d5e8
1dbfddf2f5777f8a67f9ebc450ae4b1d2313c77719a994f10a9a734bdbdb98c5
1e8f653cafd04ab5db661928b4c87574e6ef6b02dc3d43217532bbd681269076
1ec47a94c5cabc7f7c04e29404c221a41dd670f5e6df08d597c069c7cb9c9d05
20d1866774c1ffec0093fe5ff1c7b34bdab94d629ef5f75ff0f3633a2453b560
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
284b0236a4042298beab7fbd92e85285533473c1316488a1fd2e0aa3522f607a
2ccd0ce11738369585c6f39ed2cde7b3b3b1c25c12fc30047218aa201d6add76
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
2f0a57695ab42ed82e75096d595c41d4db7dc8169e90abfc7827aa3fc75e0948
2f373524cea87a1603daa05d473a93069066422320438f5842d71af55e3e56e3
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
392303be6fa4410a6aafdbba0a6924c956e474c446c5c178ea97ffca7a69a8fd
3afd3efe52eab74116e3c046b9e45ca75db634b92061c0807d6d0eb1dba1cc7f
3b35c001f2045923f7d33ac096c17e56194cd6f2208d1b5a2cfebe4486f5f805
3fe11a8ed1f92e3f831a60c4b7fdb8aad6cc47417c5537eb55812a5f7f9e2413
48c17df8a89e5c3acb4127a265cce50218716f0dfdf7ad265267d4a013f01b2f
49a31d33e77c3cb1fe7a7af1d493a5220269a1ecb838b1f0eff7a1b3b1f93665
4ba1b9960f6bcc2d49080931ddd405a8fda579f905c7094d567d2b5823ae7970
4db7cc0f624e7da8059124eb4a91d02e09c7add55d76696762c0b67116ed5572
5221f1f39bc13b88d679f40f32058b9ebcf8fb3b8b7d034fd9b415a998656872
52f7bff0ccdd80dc36d123955c81195ea7173af8eb7c5be8a863e8e0ecfd5954
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
5a30797bca0c52bae45a819a099cabf0f29aef7a49b84e6be1303c680b538a61
5a80e180023eb02d1fd31a8fa28ed7307eded43c8a2df9f1467ce632418bb11c
5b081ae2dd2a6b8a38cadf8fc949afbd5bd50d20377e935b4a9631f6b9ff0a8e
60994a4c022df26635bb5ccdb7a22cf32a6486ee25a4648cebdfce0ef398a0fa
60befd6c654fc23383d84462ddd92471e0ca8a0aaacaf5af2a785c2352e7f5dd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b43768cc86f7a303643accfa9366ad7f3cca886a6e95add3f0f207f6b22e48
654dfd63e3c77ac4fdbd91be58b268505025c6de339419bd3fff995ef670bb77
66d7342ef06ec98cc99c2577448c414cb4e4d4b9954ac5a696d186253363de77
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef254cf106054d987fdf95daa728de7c9f99cd2c6a2b41ea5d45e2ca071a5e2
6f18dd91d5ad66be8c7e11ae391fdb867a9a26578aa6f120e06243a167094941
709767002328b15009dc50ec0a405e385afeeb9bb3c8515f3cf6ecc350246733
774a9fb7754dc80bba84333f1e05902c3c37e8c5a888896c2b3c37cbf59ff069
7a09493f02c721c7da3e052ef25b795e29c2de806cfc9135e0bc7a6710134c41
7a1a85b6439254f36f7a99b7cdc9096c26df6f85f379c264fbdd1396d293ac54
7d1bb44f4a9afc5526b5478d0ea17271cdec11651a7b7a6486dbb07965a73c76
7e600a56d48ef1c596bf57dab35afecd2d31a8d2672b045efdde1fec1a0f0f07
805798cbaec33aa9b7c7428cf373d2e8d1649be6d30f5215d7595d62ccb33240
89ae707a435fa393e20af4ad56debd63e44dae84202658eeed4780423bdee996
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8ab64242d94636e6921ee396ebb6f739425c160c7497ae3851ba03e6f4356ee0
8bb32da179ed58195d80738e4efb132b8a7337db0b88539b059fc5f0808a074a
8c8c711ae326e270e5765f36c2400185ac2cb36c150f63dd6aa0a210a6a9bfad
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
96b2fe169da01c822cb71dc7e5171b8b837e9601219777dd71716ecf5208466d
a047140cc174d554a323b1b787199a21c2c976e9991fa0428ac9a94a641190ed
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9794798e80b40e84e88058f9b4d65f6ccfa351207036280384f7a2c36c6edc4
ab0bcd3ff749fcd92bffb06763c1841395e9b4c329b8cbb61f47de69d874e10f
ad7ebe100ce16fcc68440bf92704987a53eb5debbf980629f4593a88cfe0cc29
ae62969b5b189bb28c67dbcee8666abe3e9f498d17a79a68c56e1069d7d63123
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c7b29bc0449c071fe96d182426d66bb03c2b200493b2c6f21cfd5d55960323
b1e34afea99e52435f13a17e9b0f0b5b55202ffe0b9de971f56e0f62a4c3fbaf
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b3ebd1d6dc1f1434fbe035c716b737d23b1942b6c81c2cced468f698992b08b9
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b6197e5d5af4aa79f753226af202da774c71ef212fa2c38ada59abf1bd6a964d
b6c3cebe16410a231e7cce2f2377fc4f504b51e29b0c6e326b6779c41b1e94a0
b8defb7001106e8b95554e18c4bd93b9b054b1a489169d3dfc558ae446048993
b90034f10044a3bc0162aafa5ae731d19f4aacbfdd5db5847a9d96bc83c950cc
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be4e7fe530814818817ef4e09f740982d12335e178ae1a60f1ae8699fb89878c
c25d3c57337f7e1201b78630a52f9a8cffb5eb9ebe879beaef7c68f58b9e4e22
c485a872c922453a3ce44bbe5f2a09c315f4139daf7ba7329b6f9986d44674af
c4da88d903e8ed2209a1d052c424216dc4940e6834327662028acc4fbe634510
c6d1c483f8ffbbafdd878c79bf86907b408e3ae7e95b41af6ee57c51d8f82581
c6d4c27b78a239b40f959630181c2ea11409491f75ae83ab7e8e253a674abeb7
c8bb45401e2ea6746919e3f7c8246d9ecfd13fc417d0198b717eca794ad67f82
c9adbe3472630741bf462a68dff0558820c4ad77d4b4d098191563496330e31d
c9ddd01050c3162ee6185b78d3ee887bba48f34dee1d0107aecc2e9bcb5ac47b
cd2a92268240bf123a90f34d5d040c32d3b292a8ebf29186c8839449a45e8652
cf29b7b3f4476ffb28d021b43731258a9e0f60c73ad623fe8410ef4a4924274f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
e04b094ea2e398503d7148fd6beff0305bf352c5db9e396b0f40a3c5040f8914
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
ea063b0b796cbd28e5ad23a08937d29b2f5792ab4c5bcc9c02717ce7bc1b1390
eb4665582f23b215d81696e9978946bada1f7fb854a31d65b8070a1386873073
ec8aac1a1f74bea844cfa644ebdd236941d9b98e831ddf0b5cd831a7b91fc737
ecd80989b47d0cb123c21cdede0e4c267a8664252adf43ac0fea12571801285a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f74788682032760671cef7f3f92ed2efd3fbed651dce475e9a27d2f9ffe8a8
f5ce8ecc153c4e51d77a8480af2c1ceeb0c94a94f30b78d23151cacef80e6e32
f85c8246355b43852fb27803325aae402644d8d73e095e4aa49fccc5b272a457
f86b482c186b583229d8dcf391acf6280df4e45110d042fea6910de597a866ce
f8e22016d60bf24d45f4f58b9d3327152273916690a3232bdec702a06af8aef1

www.nytimes.com Open in urlscan Pro 151.101.1.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

163 Requests

96 %HTTPS

53 %IPv6

20 Domains

47 Subdomains

35 IPs

3 Countries

4274 kBTransfer

9862 kBSize

32 Cookies

19 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nytimes.com Open in urlscan Pro
151.101.1.164 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

96 %
HTTPS

53 %
IPv6

20
Domains

47
Subdomains

35
IPs

3
Countries

4274 kB
Transfer

9862 kB
Size

32
Cookies

163 HTTP transactions
1 data transactions