Submitted URL: https://m.paypal.theone-entertainment.com/
Effective URL: https://www.nytimes.com/
Submission Tags: @phishunt_io
Submission: On July 18 via api from DE — Scanned from SG

Summary

This website contacted 51 IPs in 8 countries across 46 domains to perform 221 HTTP transactions. The main IP is 151.101.1.164, located in United States and belongs to FASTLY, US. The main domain is www.nytimes.com. The Cisco Umbrella rank of the primary domain is 5941.
TLS certificate: Issued by Thawte RSA CA 2018 on March 22nd 2023. Valid for: a year.
This is the only time www.nytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.212.13.134 16509 (AMAZON-02)
1 192.0.78.27 2635 (AUTOMATTIC)
73 151.101.1.164 54113 (FASTLY)
2 2404:6800:400... 15169 (GOOGLE)
6 44.226.14.255 16509 (AMAZON-02)
3 54.184.86.91 16509 (AMAZON-02)
3 2600:9000:205... 16509 (AMAZON-02)
3 99.86.175.93 16509 (AMAZON-02)
13 151.101.129.164 54113 (FASTLY)
6 99.86.181.129 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
1 12 52.46.130.91 16509 (AMAZON-02)
2 3 104.254.150.228 29990 (ASN-APPNEX)
1 35.227.252.103 15169 (GOOGLE)
5 2602:803:c006... 26667 (RUBICONPR...)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 18.139.131.205 16509 (AMAZON-02)
2 65.8.11.57 16509 (AMAZON-02)
2 4 65.8.11.90 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
1 2 142.251.10.149 15169 (GOOGLE)
1 2600:9000:217... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
10 10 15.197.193.217 16509 (AMAZON-02)
9 10 172.253.118.155 15169 (GOOGLE)
5 5 18.143.106.89 16509 (AMAZON-02)
1 11 67.199.150.86 62713 (AS-PUBMATIC)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 4 96.17.188.24 16625 (AKAMAI-AS)
2 8 139.5.84.243 27381 (CASALE-MEDIA)
2 184.51.240.213 16625 (AKAMAI-AS)
1 7 35.244.159.8 15169 (GOOGLE)
3 4 35.71.178.8 16509 (AMAZON-02)
1 1 124.146.215.51 2514 (INFOSPHER...)
2 2 65.8.11.99 16509 (AMAZON-02)
1 34.200.79.221 14618 (AMAZON-AES)
2 67.199.150.81 3257 (GTT-BACKB...)
1 2 151.101.2.49 54113 (FASTLY)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 2 54.251.17.22 16509 (AMAZON-02)
1 2 119.9.108.180 45187 (RACKSPACE...)
1 1 35.230.38.116 396982 (GOOGLE-CL...)
2 2406:da18:929... 16509 (AMAZON-02)
1 1 54.165.154.245 14618 (AMAZON-AES)
1 2 52.33.228.203 16509 (AMAZON-02)
1 1 23.106.127.164 59253 (LEASEWEB-...)
1 20.40.202.2 8075 (MICROSOFT...)
5 2404:6800:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
3 207.65.33.76 62713 (AS-PUBMATIC)
2 2 182.161.73.146 55569 (CRITEO-AS...)
2 23.72.44.21 16625 (AKAMAI-AS)
5 5 35.213.12.39 15169 (GOOGLE)
2 2 52.220.50.50 16509 (AMAZON-02)
2 2 2a02:fa8:c411... 399104 (CNVR-APAC)
1 2 185.84.60.20 198622 (ADFORM)
1 1 198.8.71.131 54312 (ROCKETFUEL)
1 1 2620:116:800e... 16509 (AMAZON-02)
2 3 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 1 51.255.68.171 16276 (OVH)
221 51
Apex Domain
Subdomains
Transfer
52 nytimes.com
www.nytimes.com — Cisco Umbrella Rank: 5941
a.et.nytimes.com — Cisco Umbrella Rank: 7573
samizdat-graphql.nytimes.com — Cisco Umbrella Rank: 7790
als-svc.nytimes.com — Cisco Umbrella Rank: 12034
dd.nytimes.com — Cisco Umbrella Rank: 12252
purr.nytimes.com — Cisco Umbrella Rank: 10155
a.nytimes.com — Cisco Umbrella Rank: 8575
static.nytimes.com — Cisco Umbrella Rank: 15941
static01.nytimes.com — Cisco Umbrella Rank: 10792
mwcm.nytimes.com — Cisco Umbrella Rank: 12896
3 MB
45 nyt.com
g1.nyt.com — Cisco Umbrella Rank: 10376
static01.nyt.com — Cisco Umbrella Rank: 7826
a1.nyt.com — Cisco Umbrella Rank: 9795
vp.nyt.com — Cisco Umbrella Rank: 23489
1 MB
21 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 438
s.amazon-adsystem.com — Cisco Umbrella Rank: 333
73 KB
18 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 797
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 812
image2.pubmatic.com — Cisco Umbrella Rank: 1036
simage4.pubmatic.com — Cisco Umbrella Rank: 1338
image4.pubmatic.com — Cisco Umbrella Rank: 1305
28 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
5290727.fls.doubleclick.net — Cisco Umbrella Rank: 10973
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
165 KB
15 googlesyndication.com
d29b016a62780903a89fb88215e1360b.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
197 KB
10 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 603
match.adsrvr.org — Cisco Umbrella Rank: 383
6 KB
8 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 485
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635
7 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 982
u.openx.net — Cisco Umbrella Rank: 769
us-u.openx.net — Cisco Umbrella Rank: 496
jp-u.openx.net — Cisco Umbrella Rank: 9654
nytimes-d.openx.net — Cisco Umbrella Rank: 14715
2 KB
7 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 338
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481
3 KB
7 media.net
prebid.media.net — Cisco Umbrella Rank: 1429
cs.media.net — Cisco Umbrella Rank: 1653
contextual.media.net — Cisco Umbrella Rank: 675
4 KB
6 iteratehq.com
platform.iteratehq.com — Cisco Umbrella Rank: 8969
iteratehq.com — Cisco Umbrella Rank: 7574
32 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 359
3 KB
5 google.com
accounts.google.com — Cisco Umbrella Rank: 67
adservice.google.com — Cisco Umbrella Rank: 113
www.google.com — Cisco Umbrella Rank: 10
79 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
110 KB
5 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 646
eb2.3lift.com — Cisco Umbrella Rank: 422
2 KB
5 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 552
6 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 162
1 KB
4 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1915
gw.geoedge.be — Cisco Umbrella Rank: 2107
190 KB
3 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 428
899 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 524
1 KB
3 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3412
collector.brandmetrics.com — Cisco Umbrella Rank: 3847
18 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
9 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 926
882 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
1 KB
2 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 11807
669 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1044
1 KB
2 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 608
937 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 218
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1361
856 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 955
854 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 796
772 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 19518
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
175 KB
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3678
566 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4818
390 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 862
594 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 977
795 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 922
347 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 813
1 KB
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 981
661 B
1 chartbeat.net
pnytimes.chartbeat.net — Cisco Umbrella Rank: 9611
201 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1109
853 B
1 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1447
24 KB
1 href.li
href.li — Cisco Umbrella Rank: 95176
320 B
1 theone-entertainment.com
m.paypal.theone-entertainment.com
993 B
221 46
Domain Requested by
31 static01.nyt.com www.nytimes.com
rumcdn.geoedge.be
16 static.nytimes.com www.nytimes.com
15 www.nytimes.com href.li
www.nytimes.com
rumcdn.geoedge.be
12 s.amazon-adsystem.com 1 redirects rumcdn.geoedge.be
s.amazon-adsystem.com
u.openx.net
ads.pubmatic.com
ssum-sec.casalemedia.com
11 g1.nyt.com www.nytimes.com
g1.nyt.com
10 cm.g.doubleclick.net 9 redirects u.openx.net
9 match.adsrvr.org 9 redirects
9 tpc.googlesyndication.com www.nytimes.com
rumcdn.geoedge.be
8 samizdat-graphql.nytimes.com www.nytimes.com
6 simage2.pubmatic.com 1 redirects www.nytimes.com
ads.pubmatic.com
6 aax.amazon-adsystem.com c.amazon-adsystem.com
6 a.et.nytimes.com www.nytimes.com
5 x.bidswitch.net 5 redirects
5 pagead2.googlesyndication.com www.nytimes.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 image2.pubmatic.com ads.pubmatic.com
5 ups.analytics.yahoo.com 5 redirects
5 cdn.ampproject.org rumcdn.geoedge.be
5 fastlane.rubiconproject.com www.nytimes.com
4 iteratehq.com platform.iteratehq.com
4 eb2.3lift.com 3 redirects
4 cs.media.net 1 redirects
4 sb.scorecardresearch.com 2 redirects www.nytimes.com
4 securepubads.g.doubleclick.net rumcdn.geoedge.be
securepubads.g.doubleclick.net
www.nytimes.com
3 idsync.rlcdn.com 2 redirects
3 pixel.tapad.com 2 redirects ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
3 accounts.google.com rumcdn.geoedge.be
accounts.google.com
3 ib.adnxs.com 2 redirects www.nytimes.com
3 c.amazon-adsystem.com www.nytimes.com
c.amazon-adsystem.com
3 rumcdn.geoedge.be www.nytimes.com
rumcdn.geoedge.be
href.li
2 pippio.com 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 medianet-match.dotomi.com 2 redirects
2 pm.w55c.net 2 redirects
2 contextual.media.net
2 dis.criteo.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 platform.iteratehq.com href.li
platform.iteratehq.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync.crwdcntrl.net 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 us-u.openx.net u.openx.net
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 ads.pubmatic.com s.amazon-adsystem.com
ads.pubmatic.com
2 cdn.brandmetrics.com www.googletagmanager.com
rumcdn.geoedge.be
2 a1.nyt.com href.li
www.googletagmanager.com
2 5290727.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 dd.nytimes.com href.li
dd.nytimes.com
2 www.googletagmanager.com www.nytimes.com
www.googletagmanager.com
1 image4.pubmatic.com
1 dsp.nrich.ai 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 nytimes-d.openx.net
1 www.google.com rumcdn.geoedge.be
1 collector.brandmetrics.com cdn.brandmetrics.com
1 ssbsync.smartadserver.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 um.simpli.fi 1 redirects
1 pnytimes.chartbeat.net www.nytimes.com
1 tg.socdm.com 1 redirects
1 vp.nyt.com www.nytimes.com
1 adservice.google.com 5290727.fls.doubleclick.net
1 mwcm.nytimes.com www.nytimes.com
1 insight.adsrvr.org 1 redirects
1 static.chartbeat.com href.li
1 static01.nytimes.com www.nytimes.com
1 a.nytimes.com www.nytimes.com
1 purr.nytimes.com www.nytimes.com
1 gw.geoedge.be rumcdn.geoedge.be
1 tlx.3lift.com www.nytimes.com
1 prebid.media.net www.nytimes.com
1 rtb.openx.net www.nytimes.com
1 d29b016a62780903a89fb88215e1360b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 als-svc.nytimes.com www.nytimes.com
1 href.li
1 m.paypal.theone-entertainment.com 1 redirects
221 84
Subject Issuer Validity Valid
tls.automattic.com
R3
2023-07-01 -
2023-09-29
3 months crt.sh
nytimes.com
Thawte RSA CA 2018
2023-03-22 -
2024-04-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
a.et.nytimes.com
R3
2023-07-15 -
2023-10-13
3 months crt.sh
als-svc.nytimes.com
R3
2023-06-05 -
2023-09-03
3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01
2023-02-21 -
2023-10-10
8 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-17
a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
prebid.media.net
GTS CA 1D4
2023-07-05 -
2023-10-03
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
dd.nytimes.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-08 -
2024-04-06
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
purr.nytimes.com
R3
2023-07-07 -
2023-10-05
3 months crt.sh
a.nytimes.com
R3
2023-06-16 -
2023-09-14
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1
2023-05-16 -
2024-06-06
a year crt.sh
brandmetrics.com
GTS CA 1P5
2023-07-08 -
2023-10-06
3 months crt.sh
accounts.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2022-12-19 -
2023-12-30
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-11-07 -
2023-12-09
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
*.brandmetrics.com
Go Daddy Secure Certificate Authority - G2
2023-05-10 -
2024-06-10
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-06 -
2024-05-04
a year crt.sh
www.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-20 -
2023-09-20
a year crt.sh

This page contains 22 frames:

Primary Page: https://www.nytimes.com/
Frame ID: E871D513266B98BB079D667BB6D37324
Requests: 147 HTTP requests in this frame

Frame: https://d29b016a62780903a89fb88215e1360b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4C7E9570EAF470D500C879A023D14812
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Frame ID: EF92CEAA36B5D7DC793E00746FFDFB5D
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Frame ID: 19F9A932DAD1D08D96F327CF88E0DDA4
Requests: 15 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 716BBE2994CB96A17A0495F32139E7B5
Requests: 2 HTTP requests in this frame

Frame: https://5290727.fls.doubleclick.net/activityi;dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F
Frame ID: B4ED1CB6BBE3E9AB7A62B1C854767F77
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 5C9766DE3E06F7125FFE5D1C3D52768F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 8FB173C0BBAD1BD6EA5BFD4176DA57B0
Requests: 17 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hQ2YzVXJORTJ1THR3YURTOU93OUpQN0JYRXN6bFBkOH5B
Frame ID: DBED37B41EC56EDF01751C9E79BBE26C
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 56C93A7A8489BB720D0A68C25F441CD7
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8695301728596976653&ex=appnexus.com
Frame ID: 9E91811265578BA599246DF05ED1A0D0
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3740136503475865830517
Frame ID: 5309473AF328B77275D46CEFAA7A1668
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLYV9gABrY5hWAAN
Frame ID: 0AC8C536D490AF5808E824A5849AAAFC
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD0B7084A-866C-4B13-A97A-14019B69ECF7
Frame ID: 8507DEE8378D6F4E3BAC2B92B1C8C4EC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F650286369ED7EA311D1D16AAA6739E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 025576046A5FA500BCE129B10EC5BA82
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=
Frame ID: 98C7485E9CB1545EDFFE8675B3825D63
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054392889098014
Frame ID: 41BF4BBCC18C762087780837554F7643
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8695301728596976653&gdpr=0&gdpr_consent=
Frame ID: A0B6CC24854CAAFD5DE8E3FDE860CF1E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm
Frame ID: 0D93D7D904C5D55F30020E661EF8D80B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B28A9075BAB4E6AE0C01ED614BE3FF84
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD0B7084A-866C-4B13-A97A-14019B69ECF7
Frame ID: 3F937E18039E4169D233068782C53097
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

The New York Times - Breaking News, US News, World News and VideosGroupGroupGroup

Page URL History Show full URLs

  1. https://m.paypal.theone-entertainment.com/ HTTP 302
    https://href.li/?https://www.nytimes.com/ Page URL
  2. https://www.nytimes.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

221
Requests

86 %
HTTPS

27 %
IPv6

46
Domains

84
Subdomains

51
IPs

8
Countries

5017 kB
Transfer

10100 kB
Size

110
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://m.paypal.theone-entertainment.com/ HTTP 302
    https://href.li/?https://www.nytimes.com/ Page URL
  2. https://www.nytimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://m.paypal.theone-entertainment.com/ HTTP 302
  • https://href.li/?https://www.nytimes.com/
Request Chain 39
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Request Chain 54
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1689654771904&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fwww.nytimes.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1689654771904&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fwww.nytimes.com%2F&c9=
Request Chain 124
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F HTTP 302
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F
Request Chain 129
  • https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1029118888 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OThhZjFmYzItODEwMi00MGQ0LWE1ZWYtODBiODNiZmYyNjc2&gdpr=0&gdpr_consent=&ttd_tdid=98af1fc2-8102-40d4-a5ef-80b83bff2676 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=98af1fc2-8102-40d4-a5ef-80b83bff2676&google_gid=CAESEAUC_K4YiLihyH3R7VwWbF0&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=98af1fc2-8102-40d4-a5ef-80b83bff2676&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-2K3ZFLZE2uL5pctGBuqk_DJIpvZGvKk-~A&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
Request Chain 140
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3326563733878670000V10
Request Chain 142
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 144
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hQ2YzVXJORTJ1THR3YURTOU93OUpQN0JYRXN6bFBkOH5B
Request Chain 145
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 146
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8695301728596976653&ex=appnexus.com
Request Chain 147
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3740136503475865830517
Request Chain 151
  • https://match.adsrvr.org/track/cmf/openx?oxid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0&gdpr_consent=
Request Chain 152
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZLYV9cCo8XYAALianuoAAAAA
Request Chain 153
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWA9Ut6XBm1wks8AD7MOvTwm6s8AAAGJZ0XHtw
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKDBoeMWU9YMuJT2Ga41M8M&google_cver=1
Request Chain 161
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLYV9gABrY5hWAAN
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0LcISoZsSxOpehQBm2ns9w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 164
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D0B7084A-866C-4B13-A97A-14019B69ECF7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D0B7084A-866C-4B13-A97A-14019B69ECF7 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0eb7a94f-8108-4670-880d-fa04651f664c%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=0eb7a94f-8108-4670-880d-fa04651f664c%2C%2C
Request Chain 165
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=&ct=y
Request Chain 166
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D0B7084A-866C-4B13-A97A-14019B69ECF7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D0B7084A-866C-4B13-A97A-14019B69ECF7&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDBCNzA4NEEtODY2Qy00QjEzLUE5N0EtMTQwMTlCNjlFQ0Y3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOxsXatKCLM5jBhgfUOedok&google_cver=1
Request Chain 169
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2268D34E7E594BC5ACFB75E1E589DEDF
Request Chain 171
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
Request Chain 172
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEODS3fxDfEE1w6wqvk-fQpI&google_cver=1
Request Chain 174
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&expiration=1692246773&gdpr=0&gdpr_consent=
Request Chain 175
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLYV9bNZeeuZO.7ZaD2iKwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEQtEcHcwHsSRyW3LlnFsnQ&google_cver=1&google_hm=2
Request Chain 176
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RNaxqJVvWzNMwq1Ts5lo5mf-meI
Request Chain 177
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB
Request Chain 178
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZLYV9bNZeeuZO.7ZaD2iKwAA%264736?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZLYV9bNZeeuZO.7ZaD2iKwAA%264736
Request Chain 179
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4699845187637072123&gdpr=0&gdpr_consent=
Request Chain 189
  • https://sb.scorecardresearch.com/c2/3005403/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Request Chain 204
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=e7f553f4-eb82-4bfe-af53-caa62fbd0ef6
Request Chain 205
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=ca07384b-66a2-4fb9-a981-d6bfe726bf33&google_hm=Y2EwNzM4NGItNjZhMi00ZmI5LWE5ODEtZDZiZmU3MjZiZjMz HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMiUbzremjj55F2wOe3Iuy4&google_cver=1&ssp=medianet&bsw_param=ca07384b-66a2-4fb9-a981-d6bfe726bf33 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 207
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=98af1fc2-8102-40d4-a5ef-80b83bff2676&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 208
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=sIyri1vd1QlCoo5
Request Chain 209
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=35221be521862072&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID HTTP 302
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAANN0ZLoEX0IwMyQmzkAAAAAAA&expiration=1689741176&is_secure=true
Request Chain 211
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=
Request Chain 212
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054392889098014
Request Chain 213
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8695301728596976653&gdpr=0&gdpr_consent=
Request Chain 214
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm
Request Chain 215
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 217
  • https://idsync.rlcdn.com/420486.gif?partner_uid=D0B7084A-866C-4B13-A97A-14019B69ECF7 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEQwQjcwODRBLTg2NkMtNEIxMy1BOTdBLTE0MDE5QjY5RUNGNxAAGg0I-KvYpQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=deb7e94cfa78d6ec0380e1923d16b1a4e9df6ebc4fc1de256f1bf7b78dc6038c791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkZWI3ZTk0Y2ZhNzhkNmVjMDM4MGUxOTIzZDE2YjFhNGU5ZGY2ZWJjNGZjMWRlMjU2ZjFiZjdiNzhkYzYwMzhjNzkxNDI2YjU0MTdkY2UyMRAAGgwI-avYpQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkZWI3ZTk0Y2ZhNzhkNmVjMDM4MGUxOTIzZDE2YjFhNGU5ZGY2ZWJjNGZjMWRlMjU2ZjFiZjdiNzhkYzYwMzhjNzkxNDI2YjU0MTdkY2UyMRAAGgwI-avYpQYSBAgCEABCAEoA&google_gid=CAESEFv3-94stzZnaX2qUPDXF5E&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=2720082a-206a-4e12-a086-ee71cb7f2537
Request Chain 218
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=47f725cb-3e72-4735-a160-b5f60058a1ef&expires=1&user_group=2&ssp=pubmatic&bsw_param=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 219
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D0B7084A-866C-4B13-A97A-14019B69ECF7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D7ewHoFE2uVO39e38.iHuUcfJEWpQjU-~A&gdpr=0

221 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
href.li/
Redirect Chain
  • https://m.paypal.theone-entertainment.com/
  • https://href.li/?https://www.nytimes.com/
437 B
320 B
Document
General
Full URL
https://href.li/?https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.27 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:32:49 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
2.sin _bur MISS

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 18 Jul 2023 04:32:49 GMT
location
https://href.li/?https://www.nytimes.com/
server
LiteSpeed
vary
Accept-Encoding
Primary Request /
www.nytimes.com/
500 KB
116 KB
Document
General
Full URL
https://www.nytimes.com/
Requested by
Host: href.li
URL: https://href.li/?https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4070be2af7923069ba718318e1e8de4e6464f6aebc6ad850581cec7dcdebe7a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
s-maxage=30,no-cache
content-encoding
gzip
content-length
117179
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:32:50 GMT
last-modified
Tue, 18 Jul 2023 04:31:45 GMT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/
server
nginx
strict-transport-security
max-age=63072000; preload; includeSubdomains
vary
Accept-Encoding, Fastly-SSL
x-api-version
F-F-VI
x-b3-traceid
da9230fbbf9f4feb981369f50637f0fb
x-cache
MISS, MISS
x-cache-hits
0, 0
x-cloud-trace-context
f2ccfd87153f52a92eec182f3544bde3/18311551670863688159;o=1
x-content-type-options
nosniff
x-frame-options
DENY
x-gdpr
0
x-nyt-app-webview
0
x-nyt-data-last-modified
Tue, 18 Jul 2023 04:31:45 GMT
x-nyt-edge-cache
MISS-MISS
x-nyt-route
homepage
x-origin-time
2023-07-18 04:32:50 UTC
x-pagetype
vi-homepage
x-served-by
cache-lga21969-LGA, cache-fra-etou8220080-FRA
x-timer
S1689654770.258257,VS0,VE463
x-xss-protection
1; mode=block
web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
g1.nyt.com/fonts/css/
60 KB
10 KB
Stylesheet
General
Full URL
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Fri, 19 Jan 2024 14:25:45 GMT
date
Tue, 18 Jul 2023 04:32:50 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
15516424
x-guploader-uploadid
ADPycdu8r8EIkDKHQncby-VxhC4_p_retMia2725uERdqg3x4PWqarMbAFr8Ibt9W3TTJubkfCi_3gQtjgkfPrPzZrZXWJ9J46L7
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9868
x-served-by
cache-fra-etou8220080-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654771.907872,VS0,VE0
etag
"b79308aee772cf8921761a4fdb884fe5"
vary
Accept-Encoding
x-goog-generation
1673991774978541
x-goog-hash
crc32c=ay5bmg==, md5=t5MIrudyz4khdhpP24hP5Q==
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
9868
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
925
global-f449cfd9976ad673ef2b7ab5098b85be.css
www.nytimes.com/vi-assets/static-assets/
6 KB
3 KB
Stylesheet
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
23321374
x-guploader-uploadid
ADPycdvX-ZCr92eVvOnBmM_kXRs7MAoM2CUGFUPF9dapGCYk0OiZSImuIlTAOf-evWYxdHOP8KdbpcVXy_0G4cieuuByuQ
x-goog-stored-content-encoding
identity
x-origin-time
2022-10-21 06:23:16 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.900695,VS0,VE0
etag
"e74f8b7c668251280cf3e52e20455a1c"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1666046870273577
content-type
text/css; charset=utf-8
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/global-f449cfd9976ad673ef2b7ab5098b85be.css
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
911
expires
Sat, 21 Oct 2023 06:23:16 GMT
date
Tue, 18 Jul 2023 04:32:50 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
1968
last-modified
Fri, 21 Oct 2022 04:08:16 GMT
server
UploadServer
x-goog-hash
crc32c=jAKqfw==, md5=50+LfGaCUSgM8+UuIEVaHA==
x-gdpr
0
x-goog-stored-content-length
5656
accept-ranges
bytes
adslot-4d815b6492202d78c7ef.js
www.nytimes.com/vi-assets/static-assets/
23 KB
9 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/adslot-4d815b6492202d78c7ef.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f22b065f74f94e584bc2f5369c7729709126e755139d4380981468865f61952a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
906834
x-guploader-uploadid
ADPycduZmdQcCU314KaiQ1jdGCUOCt-QsVMNe7o9_exSgdpIl81rqtdh0lkE3ZJ3htU12B6vxCId9HCL0ypSXcJ8i78kk8YtN4bk
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-07 16:38:58 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.230138,VS0,VE0
etag
"ebd56236d74102dfef558ac9333f104b"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1688747250820387
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/adslot-4d815b6492202d78c7ef.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
1113
expires
Sat, 06 Jul 2024 16:38:57 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
7958
last-modified
Fri, 07 Jul 2023 16:27:30 GMT
server
UploadServer
x-goog-hash
crc32c=pO4scg==, md5=69ViNtdBAt/vVYrJMz8QSw==
x-gdpr
0
x-goog-stored-content-length
23058
accept-ranges
bytes
17pol-netanyahu1-zpvk-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/17/multimedia/17pol-netanyahu1-zpvk/
23 KB
24 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/17/multimedia/17pol-netanyahu1-zpvk/17pol-netanyahu1-zpvk-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
be3c2e371e0c0915b0754a62ffa3d867d6b4acb090737407aec29f90638824f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 18:56:19 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
34591
x-guploader-uploadid
ADPycduj4bx1OFjszX2ATfeSbd2BoPGOnca1lKxDPtMiTm0OR5qLmK1SGfbAeXt-etm13Era2DrMH4ycDhRBz6zygmN2pQR7VDpn
x-cache
HIT, HIT
fastly-io-info
ifsz=62574 idim=600x400 ifmt=jpeg ofsz=23492 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
23492
x-served-by
cache-iad-kcgs7200096-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654771.242212,VS0,VE0
etag
"2vRKm//NmWcshauicP8XKQuF4w7pQkwpfI1E++szPUo"
vary
Accept
x-goog-generation
1689620174842111
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=9nXqew==, md5=NvHspK+Pm+iwEDe1e+WBcw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
62574
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
38, 4
11DUCHESS-RUTLAND-newtop-vcgw-threeByTwoSmallAt2X-v2.jpg
static01.nyt.com/images/2023/07/13/multimedia/11DUCHESS-RUTLAND-newtop-vcgw/
41 KB
41 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/13/multimedia/11DUCHESS-RUTLAND-newtop-vcgw/11DUCHESS-RUTLAND-newtop-vcgw-threeByTwoSmallAt2X-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
57dca90a16ae03177ac28fbff3cdd53d796b3cae477f49b603af81451e4775fa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 11 Jul 2023 10:16:50 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
584162
x-guploader-uploadid
ADPycdsK3rlk_HRJHyRPjJaKfUrzgSnTUYWTe6AgT4iyOLPC_sVLYB6fweX4CcKL4QXD6rhxfpMcWu1dowaHeCkBwkCxWw
x-cache
HIT, HIT
fastly-io-info
ifsz=91165 idim=600x400 ifmt=jpeg ofsz=41944 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
41944
x-served-by
cache-iad-kcgs7200022-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654771.263708,VS0,VE0
etag
"xjNRwGEplbXd2dh539NMIuUN2vk0uJeUXVEBG9srRRI"
vary
Accept
x-goog-generation
1689070605466555
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=ywr1mQ==, md5=2PHho+f83uymwPwRW5HODw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
91165
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3, 4
12sci-surfing-sea-otter-01-tvgh-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/12/multimedia/12sci-surfing-sea-otter-01-tvgh/
33 KB
34 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/12/multimedia/12sci-surfing-sea-otter-01-tvgh/12sci-surfing-sea-otter-01-tvgh-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a9433f8b070769d1644291a5ce53af9183fbac562b989201968acb5914eeb4f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 12 Jul 2023 09:10:18 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
501753
x-guploader-uploadid
ADPycdu_y918EsGqL2MZvOYm1UjzNkp0-iyzmixSQLY9BTWpteIaZOJmZ23tlLRyAcWfrrH0D3Xe_GjEWlRs1j80ktQM
x-cache
HIT, HIT
fastly-io-info
ifsz=63200 idim=600x400 ifmt=jpeg ofsz=34092 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
34092
x-served-by
cache-iad-kiad7000142-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654771.266799,VS0,VE0
etag
"/wFx0BT0XbJcyFUhegBXofmMn+YjfZC0XwtztGbdLHY"
vary
Accept
x-goog-generation
1689152426279317
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=yKvuJA==, md5=H27DnrK+ErGAUFzuH1lb7g==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
63200
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9913, 4
08GIRL-DINNER-01-qkhm-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/09/multimedia/08GIRL-DINNER-01-qkhm/
41 KB
42 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/09/multimedia/08GIRL-DINNER-01-qkhm/08GIRL-DINNER-01-qkhm-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0a8cea5595d87be4e3a256959f91f7e4f6607ea567dc5211169dfefb6494e398
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 08 Jul 2023 09:05:49 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
242820
x-guploader-uploadid
ADPycdvgB5pU6zj9Fl6rpQyJWp9sJBZFOkzo4KH5ikr-7bryOvUE917qoQTvROnTxLn11hmMIQ5RlTJpuV-v_mica2AU-g
x-cache
HIT, HIT
fastly-io-info
ifsz=72673 idim=600x400 ifmt=jpeg ofsz=42410 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
42410
x-served-by
cache-iad-kiad7000125-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654771.266971,VS0,VE0
etag
"7HcooRy+EeWYm70k0kzeocCYI75VpeLbxI+WXWG3PHo"
vary
Accept
x-goog-generation
1688806811563436
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=zVc+6w==, md5=4swytLYUmffGJ4drU/bBhw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
72673
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4975, 5
vendor-34178772379de2278287.js
www.nytimes.com/vi-assets/static-assets/
179 KB
53 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendor-34178772379de2278287.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
addc472d9cdbbe7b865e216906b388af3d03c577315cb1949fe38d414cb24037
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
983917
x-guploader-uploadid
ADPycdvSlHumWcZfobA458caC5k9DWU_QzXcPF0vQ4ne-RizkfIo9Yn6HEs2j_QpkgzI3cl9zD0p1Kr8vRc1nuDu1av5UUyrVHmq
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-06 19:14:14 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.265583,VS0,VE1
etag
"a8096b736251a2795e566a4fbcf66c07"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1688670802589190
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendor-34178772379de2278287.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
1187
expires
Fri, 05 Jul 2024 19:14:14 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
52973
last-modified
Thu, 06 Jul 2023 19:13:22 GMT
server
UploadServer
x-goog-hash
crc32c=KDZCaA==, md5=qAlrc2JRonleVmpPvPZsBw==
x-gdpr
0
x-goog-stored-content-length
183294
accept-ranges
bytes
home-2b367887e3b42a06820b.js
www.nytimes.com/vi-assets/static-assets/
708 KB
178 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/home-2b367887e3b42a06820b.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
98eaa1edbc96e93687db9b994a662f2f6c59fbcb7659bdefc798db4b3f46b473
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
31050
x-guploader-uploadid
ADPycdttEwZk4rSjA5ciaZxa69Mvuq6e8GxyNYBY81VIjCGOBtkGMIHXThEmP-wsvT5n-f7DOppFNwnpbFD9iLIkkK6uLA
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-17 19:55:21 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.265510,VS0,VE1
etag
"8c1bf2f743269fa1020792ee37e9832d"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1689623675871959
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/home-2b367887e3b42a06820b.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
6
expires
Tue, 16 Jul 2024 19:55:21 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
181496
last-modified
Mon, 17 Jul 2023 19:54:36 GMT
server
UploadServer
x-goog-hash
crc32c=oQOF2Q==, md5=jBvy90Mmn6ECB5LuN+mDLQ==
x-gdpr
0
x-goog-stored-content-length
725157
accept-ranges
bytes
main-ecfd5f264a8ec352e643.js
www.nytimes.com/vi-assets/static-assets/
1 MB
417 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7753d8243589a8ade0618437770f6e1c8cd86906f3fdfff8c36c10a9fc65172a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
35495
x-guploader-uploadid
ADPycdtaNTZ8SPgZsR37mcRGDpK_gS4ImHP82x1JGgsNrIn_T52jGfVPqavBdVzNiZigdrnZf7jsxXjYGCwLhrpYL-ZORQ
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-17 18:41:16 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.265516,VS0,VE1
etag
"7a7271619986e0493339187e37dc68a5"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1689618652982559
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
25
expires
Tue, 16 Jul 2024 18:41:16 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
425894
last-modified
Mon, 17 Jul 2023 18:30:53 GMT
server
UploadServer
x-goog-hash
crc32c=PiCsoA==, md5=enJxYZmG4EkzORh+N9xopQ==
x-gdpr
0
x-goog-stored-content-length
1487876
accept-ranges
bytes
gtm.js
www.googletagmanager.com/
434 KB
117 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3bc0626d4c6419e299f673f39b0d611f0b58a52555193d7bb7da34ec4682d77a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119332
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.14.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-14-255.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

v2
samizdat-graphql.nytimes.com/graphql/
149 B
1008 B
XHR
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
nyt-app-type
project-vi
x-nyt-programming-abtest
.ver=13578.000&HOME_DFP_FirstAd_0723=2_Lower_FirstAd&HOME_Intl-AA-Dry-Run=0_Control&HOME_Intl-AA-Dry-Run-USHOLD=&HOME_Intl-AA-Dry-Run-USHOLD_2=&HOME_Intl2023_Intl-RegiID=1_International
Content-Type
application/json
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
x-nyt-news-tenure
anon_user

Response headers

content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
0
age
0
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
e2e972a2098525fc
samizdat-x-canary
false
x-served-by
cache-fra-etou8220080-FRA
x-graphiti-gateway
0952608e
x-nyt-country
SG
x-timer
S1689654772.746872,VS0,VE385
x-nyt-continent
AS
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
01
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
AS:PM
x-nyt-edge-cache
MISS
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
3ba33b84
x-envoy-upstream-service-time
30
content-length
132
last-modified
Tue, 18 Jul 2023 04:32:51 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
495
content-encoding
gzip
content-length
20
date
Tue, 18 Jul 2023 04:32:51 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
1
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
17
x-nyt-audience-target-flat
AS:PM
x-nyt-continent
AS
x-nyt-country
SG
x-nyt-edge-cache
HIT
x-nyt-meridiem
PM
x-nyt-region
01
x-samizdat-query-exe-id
ba70924a384789ff
x-samizdat-query-field-errors
0
x-served-by
cache-fra-etou8220042-FRA
x-timer
S1689654772.585844,VS0,VE1
als
als-svc.nytimes.com/
679 B
895 B
XHR
General
Full URL
https://als-svc.nytimes.com/als?uri=https%3A%2F%2Fwww.nytimes.com%2Fpages%2Findex.html&typ=&prop=nyt&plat=web
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
a57e80be4a6f3ac8d1781915ba6fd0f999577482f4c1c89deaa8dad524db6b46
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 google
content-encoding
gzip
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
als-svc.nytimes.com:443/*
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
65
access-control-allow-headers
DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Cookie, Accept, x-requested-by, x-api-key, nyt-a
grumi-ip.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/
14 KB
6 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2055:7200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:21:34 GMT
x-amz-version-id
ZeZbQXIiZ8B7xRijiw8G.q9OnSDyuFAm
content-encoding
br
last-modified
Mon, 27 Mar 2023 06:19:38 GMT
server
AmazonS3
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C2
etag
W/"22b4da07003fc88ea067e3f866ea9c5a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
678
x-amz-cf-id
VJ1yT34ROq0u2KBe5IM8eKzYHsszm3dGcTJCcdCYwg0l7enBrIOqzA==
apstag.js
c.amazon-adsystem.com/aax2/
236 KB
58 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.175.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-175-93.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 03:59:48 GMT
content-encoding
gzip
via
1.1 cebe7291f382f643e4ea2329a2d8016a.cloudfront.net (CloudFront), 1.1 1da735789e643081d5969c1b95f23834.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jun 2023 21:03:22 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-P2, KUL50-C1
age
1984
x-amz-server-side-encryption
AES256
etag
W/"7c6a36eb4b73f6b7cf4a63a33418a2c9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
cb3IGMGkMUy2vsKcjnT9A1vi9QCt1VZpT5c0vRZ62rZvlgMTbyoaJQ==
prebid8.1.0.js
www.nytimes.com/ads/
302 KB
96 KB
Script
General
Full URL
https://www.nytimes.com/ads/prebid8.1.0.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
302025
x-guploader-uploadid
ADPycdsUdeFaKXVxFq9sYced9gbCBWviM10gQfQwbxF_yuQulHThWV0Tkd-Fnbve_rcS6N0r3fOIRgFnrhtzD_Bz3WuMjg
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-07 16:39:04 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654771.265686,VS0,VE1
etag
"69d0b1569bbd0b87116d60db3a12cd34"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1687806692468937
content-type
text/javascript
access-control-allow-origin
*
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/ads/prebid8.1.0.js
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-nyt-app-webview
0
x-nyt-route
ads-static-assets
x-nyt-edge-cache
HIT
x-cache-hits
576
expires
Fri, 07 Jul 2023 16:39:04 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
content-length
97611
last-modified
Mon, 26 Jun 2023 19:11:32 GMT
server
UploadServer
x-goog-hash
crc32c=VcerCA==, md5=adCxVpu9C4cRbWDbOhLNNA==
x-gdpr
0
x-goog-stored-content-length
308841
accept-ranges
bytes
truncated
/
148 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73bd4d0f8a3ec1a6b0ec41f111a2b46ba4c242d4dc7bdf0817c4af97a6dfa48e

Request headers

Referer
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-700.91eaf6b5642463af4091160b4bbfdfcb.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 21 Oct 2023 06:23:17 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
23321375
x-guploader-uploadid
ADPycduMMv-8etBF_QLtnaI0Y5YNVqBbkrVTdfH9RKMz8tHhvF73vnZXdkMZmGe8IsVibeYizebgUyzDVX5zx-V8xXLjJAX92dbf
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20276
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 03 May 2022 17:15:51 GMT
server
UploadServer
x-timer
S1689654772.606225,VS0,VE0
etag
"91eaf6b5642463af4091160b4bbfdfcb"
x-goog-generation
1651598151054057
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=teZvhg==, md5=ker2tWQkY69AkRYLS7/fyw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
2113
franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
g1.nyt.com/fonts/family/franklin/
19 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-500.0f4aea3d462cdb64748629efcbbf36bc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 15 May 2024 04:11:20 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
5444490
x-guploader-uploadid
ADPycds1198e7b8ra_egNEgwxV4ogulIZ-p9n29WDoYtHP8p-aX17AcQrVw4mnNiM0-ZtjlnXEQW_a5S0G4FKGUE-y0bpfxdZcM7
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19816
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1689654772.606209,VS0,VE0
etag
"0f4aea3d462cdb64748629efcbbf36bc"
x-goog-generation
1673991776231570
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=bdL0Mw==, md5=D0rqPUYs22R0hinvy782vA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
19816
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
2110
cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
g1.nyt.com/fonts/family/cheltenham/
28 KB
28 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-700.530cfb72378419eedb60da7e266ad5f1.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sun, 14 Jul 2024 00:42:37 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
273014
x-guploader-uploadid
ADPycds27ISF2T-3ic1polM_MoFzDJJRi1I4TzMT9Kl7jlo3cXq4LSYEkgR40_bEXANb8qHZwF_uy6YsdVFL6tuWPSEHMAW3f9XY
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28276
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.606359,VS0,VE0
etag
"530cfb72378419eedb60da7e266ad5f1"
x-goog-generation
1673991775200429
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=O9qQIA==, md5=Uwz7cjeEGe7bYNp+JmrV8Q==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
28276
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1211
imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
g1.nyt.com/fonts/family/imperial/
26 KB
26 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/imperial/imperial-normal-400.6131cd77b6e216c7693ed925f4309ffc.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 25 Jan 2024 00:32:20 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
15048031
x-guploader-uploadid
ADPycdu8EQpQm3V7zdMFkJ8XgnencwVnT2B2YUBtaf-sewkAiBh8gRLsetmgM9V27ohK7R6xXMuURFc3DzPNRarYrc9Kgw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26504
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1689654772.607048,VS0,VE0
etag
"6131cd77b6e216c7693ed925f4309ffc"
x-goog-generation
1673991776736810
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=ZzOuxA==, md5=YTHNd7biFsdpPtkl9DCf/A==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
26504
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
2039
cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
g1.nyt.com/fonts/family/cheltenham/
27 KB
27 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-300.7ea91ebd036309e1fe756ee3aab272da.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 25 Jan 2024 00:37:40 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
15047711
x-guploader-uploadid
ADPycdt38TCVFQs07sap3a_qPNNQhOB-oNJNkUm_5NonsSEFt4KS8xlMhMrghM6zQ_O5kimI_tkdWYmaGFdi_deDSjYNLGG5VM4c
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
27260
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.606727,VS0,VE0
etag
"7ea91ebd036309e1fe756ee3aab272da"
x-goog-generation
1673991775007595
x-goog-hash
crc32c=rNQ9pA==, md5=fqkevQNjCeH+dW7jqrJy2g==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
27260
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1350
franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
g1.nyt.com/fonts/family/franklin/
20 KB
20 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/franklin/franklin-normal-600.75739ac267f076931c6da9740386ee6b.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 07 Mar 2024 01:48:20 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
11414669
x-guploader-uploadid
ADPycdvKYJzdy5tDaRtgbtZSa5oUcsQgjS6NlJhV8y1JpS4GYbnLeuGqT07o35mSIR-QDQxmhV7ZNRWUOiZlCBCztdJiKDV-f8VD
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
20196
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:56 GMT
server
UploadServer
x-timer
S1689654772.606728,VS0,VE0
etag
"75739ac267f076931c6da9740386ee6b"
x-goog-generation
1673991776257702
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=Jc81Jw==, md5=dXOawmfwdpMcbal0A4buaw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
20196
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1310
cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
g1.nyt.com/fonts/family/cheltenham-small/
23 KB
24 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-normal-700.1a0b316424cdebd18086b8dbbc768eef.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 15 Jul 2024 00:40:09 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
186762
x-guploader-uploadid
ADPycdv1MxrqeQUBH0balFnVL6Qu3OF-CF9lwZlrh4bhqN7ZF-QIE0ostboI_ou3b0JtcJSCus4ZbMTO8Pdu-yb62rcMag
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
23704
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.759720,VS0,VE0
etag
"1a0b316424cdebd18086b8dbbc768eef"
x-goog-generation
1673991775396405
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FTq84Q==, md5=GgsxZCTN69GAhrjbvHaO7w==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
23704
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
22
cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
g1.nyt.com/fonts/family/cheltenham-text-cond/
28 KB
29 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham-text-cond/cheltenham-text-cond-normal-700.7e78f9e7e6c2e02d82592c4466929fa3.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 19 Jun 2024 00:58:32 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2432059
x-guploader-uploadid
ADPycdv0Y_XZrbjavKJXYmOYsEY2zJBqpW6vOl91z_ED3FDIB_wRGrW-K0Hc9OtQAnDobPy00d6SahdNj-q3EHlSwjPzvQ
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28868
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.606646,VS0,VE0
etag
"7e78f9e7e6c2e02d82592c4466929fa3"
x-goog-generation
1673991775506403
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=UQFt6w==, md5=fnj55+bC4C2CWSxEZpKfow==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
28868
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
21
cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
g1.nyt.com/fonts/family/cheltenham-small/
23 KB
24 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham-small/cheltenham-small-italic-400.cdfa0ec29cca8c2d2f54c79d898e15c1.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 03 Jul 2024 04:07:53 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1211099
x-guploader-uploadid
ADPycdubXQ2sVa3S6V44A16OLlSRbCstYbyF-J_aoSfYQGRMmEpYWRR3nqvBQvrVsxBoKAs7FOorg60DuJO_tqrUIa2SPOuve2l6
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
24028
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.759709,VS0,VE0
etag
"cdfa0ec29cca8c2d2f54c79d898e15c1"
x-goog-generation
1673991775386814
x-goog-hash
crc32c=2JQyuQ==, md5=zfoOwpzKjC0vVMediY4VwQ==
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
24028
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
17
cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
g1.nyt.com/fonts/family/cheltenham/
26 KB
26 KB
Font
General
Full URL
https://g1.nyt.com/fonts/family/cheltenham/cheltenham-normal-200.40ccfe2cc61a71e6617e56162d49b896.woff2
Requested by
Host: g1.nyt.com
URL: https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://g1.nyt.com/fonts/css/web-fonts.7705b21d4573b168a8aaebc4ff17d395d2458dca.css
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 30 Apr 2024 23:46:34 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
6669977
x-guploader-uploadid
ADPycdsieML4XuwXFGqb9edZuCzrTUFlXDh-P9aDq6_mj1SAPBD_xFNAu5ycd1rrBhr_13xBo5niJr93aODWEUAWKo5O
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26448
x-served-by
cache-fra-eddf8230051-FRA
last-modified
Tue, 17 Jan 2023 21:42:55 GMT
server
UploadServer
x-timer
S1689654772.606711,VS0,VE0
etag
"40ccfe2cc61a71e6617e56162d49b896"
x-goog-generation
1673991775015704
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=kUZRqw==, md5=QMz+LMYaceZhflYWLUm4lg==
access-control-expose-headers
Content-Type
cache-control
public,max-age=31536000,immutable
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
26448
accept-ranges
bytes
x-nyt-pagetype
web-font
timing-allow-origin
*
x-cache-hits
1088
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/
285 KB
92 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2055:7200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34cca514a48181ab00cb3186bf75b6919c3b1872dc393d2cd8b7ddff252e4804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:21:34 GMT
x-amz-version-id
w4fKLKJYjCftMJeOWAmBaPzibwHjcUFK
content-encoding
br
last-modified
Tue, 18 Jul 2023 03:57:39 GMT
server
AmazonS3
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C2
etag
W/"7d1d865810a5fbec5756e3ba240b3aa2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
678
x-amz-cf-id
9BRcEpl8YuhYlM6QlRYD7h7jiWVT00QSn6x0Tvn0clfvBv8pvq1Cqg==
config
c.amazon-adsystem.com/cdn/prod/
0
311 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3030&u=https%3A%2F%2Fwww.nytimes.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.175.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-175-93.kul50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 02:04:55 GMT
via
1.1 1da735789e643081d5969c1b95f23834.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
age
8874
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
4eWeS3QxLQQoVhSN5PGVPKzNwVuy7TXAaQm-hFxnrHnihVKf2fJH4g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.175.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-175-93.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 41c06d8a12e9a33e89f3ec25030f08a2.cloudfront.net (CloudFront)
date
Mon, 17 Jul 2023 08:04:16 GMT
x-amz-cf-pop
KUL50-C1
age
73715
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
-l6bnBFm1K3vvSOrxzvpXSZECKYv_3_DkVaboO9x1l0cva3S2s4vPw==
bid
aax.amazon-adsystem.com/e/dtb/
187 B
522 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F&pid=oKNk9R8pBxGCq&cb=0&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%2C%7B%22sd%22%3A%22top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.181.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-181-129.kul50.r.cloudfront.net
Software
Server /
Resource Hash
ba12a34407540c7d6c1a4ab78d7d566060b1ee92bdce94345bf1749fd2f3e11f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 63dd09b6da14cd3f9fa63d1a65b083ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
187
x-amz-cf-id
LitcdL7E8ccF2PGvdQyauN58glyqC5L8UpCK2Q592WxSWlVFhxLdBQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b2c3a7d02660575588914cc2eac2bc83555f39329550a54e141278528923c719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27639
x-xss-protection
0
server
cafe
etag
871 / 19556 / 31076056 / config-hash: 2841643792367511638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 18 Jul 2023 04:32:51 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/
391 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 15:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
45983
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127551
x-xss-protection
0
server
cafe
etag
11165969021637306507
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 16 Jul 2024 15:46:28 GMT
bid
aax.amazon-adsystem.com/e/dtb/
187 B
520 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F&pid=oKNk9R8pBxGCq&cb=1&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-top_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.181.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-181-129.kul50.r.cloudfront.net
Software
Server /
Resource Hash
99cb5d5dc1814ed3f243d841b718a71ec98da7b244bb118e233c4ea88c2876ba

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:50 GMT
via
1.1 63dd09b6da14cd3f9fa63d1a65b083ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
187
x-amz-cf-id
UpVMvzArgy0lqLmhANziwc2cpI-_IQOo-S-qH0ClB16-An4aYzncUQ==
ads
securepubads.g.doubleclick.net/gampad/
44 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2926828148306979&correlator=4082149580276563&eid=31076056%2C31075028%2C31068825&output=ldjh&gdfp_req=1&vrg=202307120101&ptt=17&impl=fif&iu_parts=29390238%2Cnyt%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x250%7C1605x300&fluid=height&ifi=1&adks=2496155832&sfv=1-0-40&prev_scp=div%3Ddfp-ad-top%26pos%3Dtop%26amznbid%3D1%26amznp%3D1%26request_time%3D759&cust_params=als_test_clientside%3Dempty_empty_empty_20230718043251%26edn%3Dus%26test%3Dprojectvi%26ver%3Dvi%26typ%3Dhp%26prop%3Dnyt%26plat%3Dweb%26abra_dfp%3Dmkt_dfp_hd_paywall_zip_1_zip%252Cdfp_messaging_flexframe_ctr_0_control%252Cdfp_liveads_0323_2_4repupdates%252Cdfp_amzn_0_control%252Cdfp_als_home_1_als%252Cdfp_als_1_als%252Cdfp_adslot4v2_1_external%252Cdfp_adrefresh_0123_1_adrefresh%26sov%3D1%26page_view_id%3DRkzADI-K_5U5KOk9Xtckzn4V%26purr%3Dfull%26vp%3Dlarge%26uap%3Dbrowser%26aid%3DthMiTivLk0kOKouC5ZlvPx&sc=1&cookie_enabled=1&abxe=1&dt=1689654771583&lmt=1689654705&dlt=1689654770804&idt=739&adxs=0&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.nytimes.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=906528895.1689654772&ga_sid=1689654772&ga_hid=448640009&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fc8ffe146920bc95fb53e3164d22a5109d47430ad41b042107db78403aae11c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11039
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d29b016a62780903a89fb88215e1360b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4C7E
6 KB
3 KB
Document
General
Full URL
https://d29b016a62780903a89fb88215e1360b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 04:32:51 GMT
expires
Wed, 17 Jul 2024 04:32:51 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame EF92
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
316 B
1 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
218ba06285163d27e32d76cbb6dffca7c600f544b44f2c7cf93f8f7b0333e853
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
316
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 18 Jul 2023 04:32:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3N6E945WV5V8W9R8FHXZ

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 18 Jul 2023 04:32:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4133A8NN2EYV7T3QG327
prebid
ib.adnxs.com/ut/v3/
26 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
eee0fef74a978b2031fa7c419edb3d1f54f96228f081adbce49821fe2a0594bf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:52 GMT
content-encoding
gzip
an-x-request-uuid
8f0e9b63-51be-42b7-b36e-1657b31d761a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
103.254.153.226; 103.254.153.226; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
258 B
XHR
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
9b47b9d0575c29e333f0cb147ea48da7cf931ce07f206a4d5ca71aa3e5084fe3

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 18 Jul 2023 04:32:52 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/
389 B
905 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088370&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rf=https%3A%2F%2Fwww.nytimes.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F&tg_i.invCode=nyt_home_top&tg_i.pbadslot=%2F29390238%2Fnyt%2Fhomepage&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=14690ce7231baf2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F29390238%2Fnyt%2Fhomepage&slots=1&rand=0.5635982755651694
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0cc50b3398c7c3bfb3a7b5712266da8c6ce16fb5492904fc6db8f1610b93388c

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
389
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
373 B
713 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F&tg_i.invCode=nyt_home_mid1&tg_i.pbadslot=dfp-ad-mid1&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=15ae90d9900315e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17924127606903784
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0f623022fafca6cc4d488fd23f4213c652cd0f172c2972fd2261f4dd215f4f56

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
373
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
4 KB
3 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F&tg_i.invCode=nyt_home_mid2&tg_i.pbadslot=dfp-ad-mid2&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=1697a88ea069a7e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.512088208803698
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
97dc79ff94642477dcfa3e27f0a6de7c8d19d3238942291d8a8889929f5a2ea9

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:52 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
373 B
715 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088372&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F&tg_i.invCode=nyt_home_mid3&tg_i.pbadslot=dfp-ad-mid3&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=17a28521377ad57&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38021395340742803
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4f8126458ff5f43fde539337b09cc3fef210bf0491ff46721342ac0d192b626a

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
373
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
377 B
718 B
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12330&site_id=378266&zone_id=2088374&size_id=2&alt_size_ids=55%2C57&p_pos=btf&rf=https%3A%2F%2Fwww.nytimes.com%2F&kw=news%2Cliveupdates%2Clatestnews%2Cbreakingnews%2Clocalnews%2Ccurrentevents%2Ctopstories%2Clivestream%2Clivevideo%2Cworldnews%2Cusnews&tg_i.domain=nytimes.com&tg_i.page=https%3A%2F%2Fwww.nytimes.com%2F&tg_i.invCode=nyt_home_bottom&tg_i.pbadslot=dfp-ad-bottom&tk_flint=pbjs_lite_v8.1.0&l_pb_bid_id=183be9a21d882e6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16353926601051172
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
de8cf6513a7ca3079135de2d5d6376587ce66764a937ba25e86ccd31dc87fd62

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/
1 KB
1013 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU4WQK98
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b258ffd3a08a017cf3fc0d9f58860e3eb9172589537bdba0ab966ab475e40222

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jul 2023 04:32:51 GMT
auction
tlx.3lift.com/header/
19 B
543 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.1.0&referrer=https%3A%2F%2Fwww.nytimes.com%2F&tmax=10000
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/ads/prebid8.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.139.131.205 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-139-131-205.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:51 GMT
accept-ch
user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~edbcf66a-b08fe428754e522691b2.js
www.nytimes.com/vi-assets/static-assets/
46 KB
15 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~edbcf66a-b08fe428754e522691b2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e874d214ca6f1a79f526f940f1a1be1924e234414385d08bfb021b90468dce4f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
906831
x-guploader-uploadid
ADPycdt4YxElUqY4GFnzkrn9wc7RKnSj3Dwl1egfBRniiI_i7BpEuBRzsMQk4USXS699cNgD3VuzP8bUGYjJlnkz9Xl4cA
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-07 16:39:00 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654772.910126,VS0,VE1
etag
"80cf9f8cef2a4a2004da2ffa5f780a32"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1688747252347463
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~bestsellers~byline~capsule~collections~explainer~home~liveAsset~markets~paidpost~revie~edbcf66a-b08fe428754e522691b2.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
1074
expires
Sat, 06 Jul 2024 16:39:00 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
14432
last-modified
Fri, 07 Jul 2023 16:27:32 GMT
server
UploadServer
x-goog-hash
crc32c=toFZRQ==, md5=gM+fjO8qSiAE2i/6X3gKMg==
x-gdpr
0
x-goog-stored-content-length
46788
accept-ranges
bytes
vendors~audio~burst~clientSideCapsule~home~paidpost~trending~video-26acb1f1695c86c44ce6.js
www.nytimes.com/vi-assets/static-assets/
21 KB
6 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~audio~burst~clientSideCapsule~home~paidpost~trending~video-26acb1f1695c86c44ce6.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4c0d5e9eb4f1ffe7f51d1d5a3fb30f236eb9761a044a802f30fc23b247fe47c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
2940628
x-guploader-uploadid
ADPycdskCaHMzIpLNVYD-c3F7eDGCyQn7rqelK-9KJngilcuRyJnAhA_9fiurqU2X1mPOvpuNbEN1JA7ijCJq2C0gKwlVA
x-goog-stored-content-encoding
identity
x-origin-time
2023-06-14 03:42:24 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654772.910301,VS0,VE1
etag
"1345aed5eea3db1ea189ee8aba726b01"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1686695013606909
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~audio~burst~clientSideCapsule~home~paidpost~trending~video-26acb1f1695c86c44ce6.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
362
expires
Thu, 13 Jun 2024 03:42:24 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
4919
last-modified
Tue, 13 Jun 2023 22:23:33 GMT
server
UploadServer
x-goog-hash
crc32c=5aIr6g==, md5=E0Wu1e6j2x6hie6KunJrAQ==
x-gdpr
0
x-goog-stored-content-length
21714
accept-ranges
bytes
vendors~carddeck~home-aaa2b8f44249d8d5907d.js
www.nytimes.com/vi-assets/static-assets/
32 KB
10 KB
Script
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/vendors~carddeck~home-aaa2b8f44249d8d5907d.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1ecfa9d7346d5873725d2caefa5176c0060bb9cb045f8e668ad81a6fdf47f4cb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
content-encoding
gzip
age
981374
x-guploader-uploadid
ADPycdvDtQfm7buWdrvsRVO4VXGaGb0O7jaHIs1LAHYLBo8DwAgxsrHLP7Ib6dJGbdK7dkpbPoDkqhWw5g6Rl-2jjAyQZw
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-06 19:56:43 UTC
x-served-by
cache-fra-etou8220080-FRA
x-timer
S1689654772.910417,VS0,VE0
etag
"073c24ba22a0b1fb2577a23cb53f6a6a"
vary
Accept-Encoding, Fastly-SSL
x-goog-generation
1688673294008192
content-type
application/javascript
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/vendors~carddeck~home-aaa2b8f44249d8d5907d.js
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-nyt-route
vi-assets
x-nyt-edge-cache
HIT
x-cache-hits
400
expires
Fri, 05 Jul 2024 19:56:38 GMT
date
Tue, 18 Jul 2023 04:32:51 GMT
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
content-length
9416
last-modified
Thu, 06 Jul 2023 19:54:54 GMT
server
UploadServer
x-goog-hash
crc32c=vBvgrg==, md5=BzwkuiKgsfsld6I8tT9qag==
x-gdpr
0
x-goog-stored-content-length
32376
accept-ranges
bytes
gtm.js
www.googletagmanager.com/
167 KB
58 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N5P6T9S&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::61 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b085e9e97f13880495c254ecc8d18df9eae28d2103833e8a52e51711be9b7bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58987
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Jul 2023 04:32:51 GMT
tags.js
dd.nytimes.com/
276 KB
57 KB
Script
General
Full URL
https://dd.nytimes.com/tags.js
Requested by
Host: href.li
URL: https://href.li/?https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-57.kul50.r.cloudfront.net
Software
Apache /
Resource Hash
978473eef5cf50c3a42139e9acc4151c54d55dd3b73f5c1f4489bf4f3ee013c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
via
1.1 9a6874077bfa0c1d361bb204b00f93fa.cloudfront.net (CloudFront)
date
Tue, 18 Jul 2023 04:05:19 GMT
x-amz-cf-pop
KUL50-C2
age
1653
x-cache
Hit from cloudfront
content-length
57540
last-modified
Mon, 05 Jun 2023 12:59:27 GMT
server
Apache
etag
"44e84-5fd6178ff85b9-gzip"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
ySX8_DRcSfhV14WDW-85LeTAmrTYkDvgB0bYlL8BOg-DBfcSR8DkKg==
expires
Tue, 18 Jul 2023 05:05:19 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3005403&ns__t=1689654771904&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2F...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1689654771904&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2...
0
223 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3005403&ns__t=1689654771904&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fwww.nytimes.com%2F&c9=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Server
65.8.11.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-90.kul50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 f55d5e5ea90ce0d90f4f85a890af210c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
KUL50-C2
x-amz-cf-id
HmQ9xxoVi6Jmy_oE1Qei6xVptmNsvh5CFpuIjZHS3lTopl15yHSb8A==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 f55d5e5ea90ce0d90f4f85a890af210c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=3005403&ns__t=1689654771904&ns_c=UTF-8&c8=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&c7=https%3A%2F%2Fwww.nytimes.com%2F&c9=
content-length
0
x-amz-cf-id
OMkclz0wR3TA_sJRaBlDSDOz7NzRh_kXbnuBJZkaOA4zVmKcsgcLjw==
grumi.js
rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/ Frame 19F9
285 KB
92 KB
Script
General
Full URL
https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Requested by
Host: href.li
URL: https://href.li/?https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2055:7200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34cca514a48181ab00cb3186bf75b6919c3b1872dc393d2cd8b7ddff252e4804

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:21:34 GMT
x-amz-version-id
w4fKLKJYjCftMJeOWAmBaPzibwHjcUFK
content-encoding
br
last-modified
Tue, 18 Jul 2023 03:57:39 GMT
server
AmazonS3
via
1.1 cd270bbe12916bdcf1df12e77dff4b40.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C2
etag
W/"7d1d865810a5fbec5756e3ba240b3aa2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
678
x-amz-cf-id
IUlI3pClqkDl6bWFq1fguHBdf9xqaJ2tUTtuHBPdHtT4BwupjO6SKA==
init
gw.geoedge.be/api/
0
218 B
XHR
General
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2055:1400:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 13935e9a2646099caef6302426761de0.cloudfront.net (CloudFront)
x-amz-cf-pop
KUL50-C2
content-length
0
x-amz-cf-id
cWG4yXktUZhtD39wsvljPmDOvfdjIk582wjkEVh1UkjIONYFfZ9Mvw==
x-cache
Miss from cloudfront
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307101730000/ Frame 19F9
222 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307101730000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9648fff1f5c810144a04c577b6421c07c5ac899666b087236880aebd95533c95
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Jul 2023 17:10:08 GMT
age
40964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62002
x-xss-protection
0
server
sffe
etag
"15cd049669795d20"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Jul 2024 17:10:08 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307101730000/v0/ Frame 19F9
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307101730000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97246510a9c47d0a1c0162ef039f3cf032dabf302e9533048f935017c60aa451
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Jul 2023 17:10:08 GMT
age
40964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5213
x-xss-protection
0
server
sffe
etag
"11a54cdc95058ae3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Jul 2024 17:10:08 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307101730000/v0/ Frame 19F9
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307101730000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f6db49f7be643cc7f69ebfa48cab3295a63db0ab353ce7badb98d8335066bc0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Jul 2023 17:10:08 GMT
age
40964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28980
x-xss-protection
0
server
sffe
etag
"bf024d4f1939dbdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Jul 2024 17:10:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307101730000/v0/ Frame 19F9
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307101730000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1fde16c8925229942af454f891dff928d29a468647ffe3a7a928f43b78eb460
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Jul 2023 17:10:08 GMT
age
40964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1907
x-xss-protection
0
server
sffe
etag
"4969f6f0cfa691d4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Jul 2024 17:10:08 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307101730000/v0/ Frame 19F9
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307101730000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b1d9161b1d6227fbbe91742dcf0e2899cbffac41032074a6c2ae3a1603ee949
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 17 Jul 2023 17:10:08 GMT
age
40964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12966
x-xss-protection
0
server
sffe
etag
"4f906d6070e96d53"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 16 Jul 2024 17:10:08 GMT
truncated
/ Frame 19F9
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62b604666d26656ab11d0c313f862dd8df1268a234523c58f369172eef2a4733

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
15794223622989998060
tpc.googlesyndication.com/simgad/ Frame 19F9
76 KB
76 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15794223622989998060?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm-K4Q5bpC-NpXVWobTEWh4fdTiVA
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54aba1e5d614eb5d2ed58953f986694b197128820b37dd7266f4a5ae5a6e50de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:48:09 GMT
x-content-type-options
nosniff
age
341083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77842
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:09:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 05:48:09 GMT
zh_cn.png
tpc.googlesyndication.com/pagead/images/cn/ Frame 19F9
995 B
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/cn/zh_cn.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb8e4f901a4800bd014c125c65d76cfdd48058f0412a1f72ddbd613cd4d1db4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:09:55 GMT
x-content-type-options
nosniff
server
cafe
age
73377
etag
17250068716606301561
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
995
x-xss-protection
0
expires
Tue, 18 Jul 2023 08:09:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/cn/ Frame 19F9
334 B
442 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/cn/icon.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a43ee2cbb716633cd21633b3895bb8dcba40b348f5b3c48080d1d85a98b91521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 19:49:38 GMT
x-content-type-options
nosniff
server
cafe
age
31394
etag
16151473764464638424
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Tue, 18 Jul 2023 19:49:38 GMT
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
496
content-encoding
gzip
content-length
20
date
Tue, 18 Jul 2023 04:32:52 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
2
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
16
x-nyt-audience-target-flat
AS:PM
x-nyt-continent
AS
x-nyt-country
SG
x-nyt-edge-cache
HIT
x-nyt-meridiem
PM
x-nyt-region
01
x-samizdat-query-exe-id
98e3a6e336580701
x-samizdat-query-field-errors
0
x-served-by
cache-fra-etou8220042-FRA
x-timer
S1689654772.245889,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
496
content-encoding
gzip
content-length
20
date
Tue, 18 Jul 2023 04:32:52 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
3
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
16
x-nyt-audience-target-flat
AS:PM
x-nyt-continent
AS
x-nyt-country
SG
x-nyt-edge-cache
HIT
x-nyt-meridiem
PM
x-nyt-region
01
x-samizdat-query-exe-id
a017beded4f8cf67
x-samizdat-query-field-errors
0
x-served-by
cache-fra-etou8220042-FRA
x-timer
S1689654773.528581,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/
105 B
983 B
Fetch
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
x-nyt-programming-abtest
.ver=13578.000&HOME_DFP_FirstAd_0723=2_Lower_FirstAd&HOME_Intl-AA-Dry-Run=0_Control&HOME_Intl-AA-Dry-Run-USHOLD=&HOME_Intl-AA-Dry-Run-USHOLD_2=&HOME_Intl2023_Intl-RegiID=1_International
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
x-nyt-news-tenure
anon_user
x-nyt-internal-meter-override
undefined

Response headers

content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
0
x-nyt-pass-reason
PRVT
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
dad1d639b2ea301d
samizdat-x-canary
false
x-served-by
cache-fra-etou8220080-FRA
x-graphiti-gateway
0952608e
x-nyt-country
SG
x-timer
S1689654772.406472,VS0,VE124
x-nyt-continent
AS
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
01
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
private, no-store
x-nyt-audience-target-flat
AS:PM
x-nyt-edge-cache
MISS
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
d8019aeb
x-envoy-upstream-service-time
33
last-modified
Tue, 18 Jul 2023 04:32:52 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
market
www.nytimes.com/api/
518 B
1 KB
Fetch
General
Full URL
https://www.nytimes.com/api/market
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5ae2a3c7f70582ce3723b2a30991fc7e17846d2e2ab40dd45ae20633f7b6360
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:52 GMT
content-encoding
gzip
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
x-api-version
F-F-X
age
25
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
HIT, HIT
x-origin-time
2023-07-18 04:32:28 UTC
content-length
255
x-served-by
cache-lga21927-LGA, cache-fra-etou8220080-FRA
server
nginx
x-timer
S1689654772.413105,VS0,VE1
vary
Accept-Encoding, Fastly-SSL
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/api/market
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
6d6bf40b940fbe07b198de550766be19/969924799849843816;o=1
cache-control
s-maxage=60,(null)
x-nyt-route
market
x-nyt-app-webview
0
x-gdpr
0
x-nyt-edge-cache
HIT-HIT
accept-ranges
bytes
x-cache-hits
32, 1
vhs.min.js
static01.nyt.com/video-static/vhs3/
504 KB
115 KB
Script
General
Full URL
https://static01.nyt.com/video-static/vhs3/vhs.min.js
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/vendors~audio~burst~clientSideCapsule~home~paidpost~trending~video-26acb1f1695c86c44ce6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0d70a7f9fc8b3472700ace3208931418592c491e6e6b2d1b76a87631608a8fbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 14 Jun 2023 08:02:04 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
505846
x-guploader-uploadid
ADPycduhO76LHSwoh7AQ7iseEAdH2eA8awTPWb9f2GCRumPbA7EwipXmS3z4XkREA8RnFnDIi-r6i4mVixpMieIom5GywH0BLLlv
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
video/vhs3
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
116901
x-served-by
cache-iad-kiad7000153-IAD, cache-fra-etou8220080-FRA
last-modified
Fri, 21 Apr 2023 20:56:33 GMT
server
UploadServer
x-timer
S1689654772.413883,VS0,VE0
etag
"7a1557a0c63c0ee357d4403294f85bc6"
vary
Accept-Encoding
x-goog-generation
1682110593818674
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Eb5cOQ==, md5=ehVXoMY8DuNX1EAylPhbxg==
cache-control
public,max-age=60,s-maxage=604800
x-goog-stored-content-length
515811
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
37810, 807
bid
aax.amazon-adsystem.com/e/dtb/
146 B
481 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F&pid=oKNk9R8pBxGCq&cb=2&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid1_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.181.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-181-129.kul50.r.cloudfront.net
Software
Server /
Resource Hash
8b4c70f6d653a07143d71c8ecdf16240b7981fb307c9662cb2fd0a87eeca1ee7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 63dd09b6da14cd3f9fa63d1a65b083ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
146
x-amz-cf-id
TnXeRwmxTNIdN0ASzj5JymWFVrKLPe7HeNSabLL0ZditTqkF5AFOxw==
bid
aax.amazon-adsystem.com/e/dtb/
146 B
480 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F&pid=oKNk9R8pBxGCq&cb=3&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid2_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.181.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-181-129.kul50.r.cloudfront.net
Software
Server /
Resource Hash
d7b13fb7506f9c636fa218d984c4e8dd5841e393186ac3c83bb408d97acd75a7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:51 GMT
via
1.1 63dd09b6da14cd3f9fa63d1a65b083ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
146
x-amz-cf-id
63-zIznwzRd7qMZ-0UdSmN4rBvt4dJlgnEYwyf2-FaOkkdFBealKIg==
bid
aax.amazon-adsystem.com/e/dtb/
146 B
480 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F&pid=oKNk9R8pBxGCq&cb=4&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-mid3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-mid3_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.181.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-181-129.kul50.r.cloudfront.net
Software
Server /
Resource Hash
b126be6e17385adeac438e0c4c3c7e211553e4443a5ac9df6fa35469922537f2

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 63dd09b6da14cd3f9fa63d1a65b083ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
146
x-amz-cf-id
t1v09vPTLQJk0wAh160jSMHF5RcfDRF3N59-H-VAhuwE_9LlimUn3w==
bid
aax.amazon-adsystem.com/e/dtb/
146 B
480 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3030&u=https%3A%2F%2Fwww.nytimes.com%2F&pid=oKNk9R8pBxGCq&cb=5&ws=1600x1200&v=23.612.1758&t=2000&slots=%5B%7B%22sd%22%3A%22dfp-ad-bottom%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22dfp-ad-bottom_hp_web%22%7D%5D&pj=%7B%22si_section%22%3A%22home%22%7D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.181.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-181-129.kul50.r.cloudfront.net
Software
Server /
Resource Hash
b1f5c5f6f552ab177b23229c4fd560d822fc18ff041ae9eb39a0b1e608e27f4a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 63dd09b6da14cd3f9fa63d1a65b083ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
KUL50-C1
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
146
x-amz-cf-id
psfqDZQVUDM54swdIfY4MCRykAOTvHARz7korK42Vc38N9Modxf30g==
purr-cache
purr.nytimes.com/v1/
0
0
Fetch
General
Full URL
https://purr.nytimes.com/v1/purr-cache
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 google
x-envoy-decorator-operation
purr.nytimes.com:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
server
envoy
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
66f34c16eaeb566ea0accbbafa39e499
access-control-allow-credentials
true
x-envoy-upstream-service-time
84
content-length
0
data-layer
a.nytimes.com/svc/nyt/
1 KB
1 KB
Fetch
General
Full URL
https://a.nytimes.com/svc/nyt/data-layer?assetUrl=https%3A%2F%2Fwww.nytimes.com%2F&caller_id=nyt-vi&jkcb=1689654772363&referrer=&sourceApp=nyt-vi
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.184.86.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-86-91.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
6b829e07c565bc871af6e9acacab9b60d2ed6ca7e5d1c7d5949af7220d03a0ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nyti-upstream
gke
date
Tue, 18 Jul 2023 04:32:52 GMT
x-envoy-decorator-operation
a.nytimes.com:443/*
via
1.1 google
strict-transport-security
max-age=63072000; preload; includeSubdomains
content-encoding
gzip
server
envoy
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.nytimes.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
96
access-control-allow-headers
Content-Type, x-requested-by
v2
samizdat-graphql.nytimes.com/graphql/
18 KB
4 KB
Fetch
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
b07a49ac3c29027eb0dd198c61c7151e928244f289b41720497d6aea73cb44c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
x-nyt-programming-abtest
.ver=13578.000&HOME_DFP_FirstAd_0723=2_Lower_FirstAd&HOME_Intl-AA-Dry-Run=0_Control&HOME_Intl-AA-Dry-Run-USHOLD=&HOME_Intl-AA-Dry-Run-USHOLD_2=&HOME_Intl2023_Intl-RegiID=1_International
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
x-nyt-news-tenure
anon_user
x-nyt-internal-meter-override
undefined

Response headers

content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
0
x-nyt-pass-reason
PRVT
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
618a051203bc0754
samizdat-x-canary
false
x-served-by
cache-fra-etou8220080-FRA
x-graphiti-gateway
0952608e
x-nyt-country
SG
x-timer
S1689654773.688934,VS0,VE356
x-nyt-continent
AS
vary
Accept-Encoding, Samizdat-X-Personalize, x-nyt-is-anonymous, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
01
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
private, no-store
x-nyt-audience-target-flat
AS:PM
x-nyt-edge-cache
MISS
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
1f2520bc
x-envoy-upstream-service-time
264
last-modified
Tue, 18 Jul 2023 04:32:52 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1
access-control-allow-credentials
true
x-datadog-trace-id
0
accept-ranges
bytes
timing-allow-origin
*
nested-nav.json
static01.nyt.com/newsgraphics/sujo/
2 KB
1 KB
Fetch
General
Full URL
https://static01.nyt.com/newsgraphics/sujo/nested-nav.json
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ee148aca81868279571989a328eb505329e7939136e349a481c6644d0ed87d04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 15:29:22 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
3
x-guploader-uploadid
ADPycdswZuqh-Qx2StGlW_TZAGYDWkUlk-cM1m-HQAbbCQ-a9ey2z6vujzas17-Uk6l7CckJT6XUjrU1Z_HdAFdQyyMWW0MoADO1
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
821
x-served-by
cache-iad-kcgs7200030-IAD, cache-fra-eddf8230051-FRA
x-amz-meta-checksum
last-modified
Mon, 17 Jul 2023 15:29:13 GMT
server
UploadServer
x-timer
S1689654773.621894,VS0,VE1
etag
"9a031d5ce3438f2b69f9e6439daf8eb2"
vary
Origin, Accept-Encoding
x-goog-generation
1689607753326438
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=MlVmEQ==, md5=mgMdXONDjytp+eZDna+Osg==
cache-control
max-age=5
x-goog-stored-content-length
2106
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
139355, 1
nested-nav.json
static01.nyt.com/newsgraphics/sujo/
2 KB
905 B
Fetch
General
Full URL
https://static01.nyt.com/newsgraphics/sujo/nested-nav.json
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ee148aca81868279571989a328eb505329e7939136e349a481c6644d0ed87d04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 15:29:22 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
3
x-guploader-uploadid
ADPycdswZuqh-Qx2StGlW_TZAGYDWkUlk-cM1m-HQAbbCQ-a9ey2z6vujzas17-Uk6l7CckJT6XUjrU1Z_HdAFdQyyMWW0MoADO1
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
821
x-served-by
cache-iad-kcgs7200030-IAD, cache-fra-eddf8230051-FRA
x-amz-meta-checksum
last-modified
Mon, 17 Jul 2023 15:29:13 GMT
server
UploadServer
x-timer
S1689654773.622134,VS0,VE1
etag
"9a031d5ce3438f2b69f9e6439daf8eb2"
vary
Origin, Accept-Encoding
x-goog-generation
1689607753326438
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=MlVmEQ==, md5=mgMdXONDjytp+eZDna+Osg==
cache-control
max-age=5
x-goog-stored-content-length
2106
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
139355, 2
17dc-fed-softlanding-01-gvzf-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/17/multimedia/17dc-fed-softlanding-01-gvzf/
13 KB
14 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/17/multimedia/17dc-fed-softlanding-01-gvzf/17dc-fed-softlanding-01-gvzf-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
097e76c5004f0958f07d74c7647cbe899ec6a8ff954875a918fa8e66c7d1a4b7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 18:21:50 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
36661
x-guploader-uploadid
ADPycdtKbi3qHlhTuB3FNv1csz-01n_FBC2sQmmHTJTWVh17h0al6C4WxlMakbbsEDog7k6HoJo4ZRKMzpTFrBWDLUUwtQ
x-cache
HIT, HIT
fastly-io-info
ifsz=42665 idim=600x400 ifmt=jpeg ofsz=13160 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
13160
x-served-by
cache-iad-kjyo7100055-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.633252,VS0,VE0
etag
"lMfGWcyPSw5CUWiAagv+Taz5BZanmiXyVi3AZk706mk"
vary
Accept
x-goog-generation
1689617997070079
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=MKbNcg==, md5=83fC7Q0/wlAp/Ls6yVlZpQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
42665
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
21, 8
10trustee1-bjvg-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/18/multimedia/10trustee1-bjvg/
75 KB
75 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/18/multimedia/10trustee1-bjvg/10trustee1-bjvg-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
619b65aa4b75d2ca6a2dc75ac70c3da027aa220ac52f2140d0799111cf936161
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 16:46:54 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
42358
x-guploader-uploadid
ADPycdsnQ9ZdrWMzbZ1JBC8uuL5St087p6BorAoMqwejVEgyxdKKXmOIOiSrlFjwLVVWi7tygbpWiex13ePnSsY0KsNndQ
x-cache
MISS, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
76450
x-served-by
cache-iad-kcgs7200170-IAD, cache-fra-etou8220080-FRA
last-modified
Mon, 17 Jul 2023 16:46:38 GMT
server
UploadServer
x-timer
S1689654773.634023,VS0,VE0
etag
"37743ed83b12e75a86efbb36514f76e7"
vary
Accept
x-goog-generation
1689612398672704
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=OcFLqw==, md5=N3Q+2DsS51qG77s2UU925w==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
76450
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 2
17pol-trump-2025-fjpk-hp-threeByTwoSmallAt2X-v2.jpg
static01.nyt.com/images/2023/07/17/multimedia/17pol-trump-2025-fjpk-hp/
75 KB
76 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/17/multimedia/17pol-trump-2025-fjpk-hp/17pol-trump-2025-fjpk-hp-threeByTwoSmallAt2X-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a1533194a09207235ccccb1e3429f86b31fed80301a1b2296cf12d8a0127a417
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 10:06:10 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
66401
x-guploader-uploadid
ADPycdvOIYwhXd9FaajHXvt5tYsGoHt_rh01M64ZDvaV2bEGJ_oVVGb-3jO2TeAK2YUV9ZObhekMphyJeBMizvZTyfKpN9c17bL1
x-cache
MISS, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
76822
x-served-by
cache-iad-kiad7000135-IAD, cache-fra-etou8220080-FRA
last-modified
Mon, 17 Jul 2023 10:06:06 GMT
server
UploadServer
x-timer
S1689654773.633608,VS0,VE0
etag
"28170d811ebbf13384debd8f8020abcd"
vary
Accept
x-goog-generation
1689588366157216
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=YI7zpQ==, md5=KBcNgR678TOE3r2PgCCrzQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
76822
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 2
17rikers-hearing-1-d800-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2022/11/17/multimedia/17rikers-hearing-1-d800/
43 KB
43 KB
Image
General
Full URL
https://static01.nyt.com/images/2022/11/17/multimedia/17rikers-hearing-1-d800/17rikers-hearing-1-d800-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4833285dd4e3e441d3f4a613f3c0567567403622e4d84f5f78ff9b1cb89d72cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 22:01:02 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
23510
x-guploader-uploadid
ADPycdtElgmOj-IoP6MgSRGV0CAdiXdEVyqBKAmT4JamJGyzOrxyoCOedqYPDfGx1qze4C76iphpwTO4nFjasfwUqF5Qjxhl1zkO
x-cache
HIT, HIT
fastly-io-info
ifsz=89789 idim=600x400 ifmt=jpeg ofsz=43798 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
43798
x-served-by
cache-iad-kcgs7200092-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.633594,VS0,VE0
etag
"yyhQ5BxLvIkukJtyvilGQZkT5NEyDyChImFIHIDwgX4"
vary
Accept
x-goog-generation
1689631213085337
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=vWYAQw==, md5=fZktzZLLDSR0pnyA+N8gUQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
89789
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
11, 13
TAMC-071723-carlos-alcaraz-rival-for-djokovic-threeByTwoSmallAt2X-v3.jpg
static01.nyt.com/images/2023/07/17/multimedia/TAMC-071723-carlos-alcaraz-rival-for-djokovic/
26 KB
26 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/17/multimedia/TAMC-071723-carlos-alcaraz-rival-for-djokovic/TAMC-071723-carlos-alcaraz-rival-for-djokovic-threeByTwoSmallAt2X-v3.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
40aa33d90d2483cff89056015213356a765105e83856ffe8f3f7b5aafa98878e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 15:34:22 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
46710
x-guploader-uploadid
ADPycdtEHBrluI8iMz9nUpo1muXRPmQKwWlSqvzR9AN3ghPQHR-XZXkJ-xpU-Lfc5mVD1WrcLwvvUjuZzE9GmRCArKAtAQ
x-cache
HIT, HIT
fastly-io-info
ifsz=55416 idim=600x400 ifmt=jpeg ofsz=26594 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
26594
x-served-by
cache-iad-kiad7000064-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.783932,VS0,VE0
etag
"sgflWqz/S534PbM2m0ODb7l9MykdTeQ9maUXEfiXgjI"
vary
Accept
x-goog-generation
1689608059427325
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=+qYQgg==, md5=wpvnW91PfnGSkYbhE5paMw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
55416
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
15, 4
17NAT-IOWA-ABORTION-COURT-1-bglf-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/17/multimedia/17NAT-IOWA-ABORTION-COURT-1-bglf/
62 KB
63 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/17/multimedia/17NAT-IOWA-ABORTION-COURT-1-bglf/17NAT-IOWA-ABORTION-COURT-1-bglf-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bcea2e144ea2c4aafa5a3e3d30dd0b9080adb24cb2b1c2b9d7dfa9ad9c79244c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 22:59:27 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
20006
x-guploader-uploadid
ADPycduSYiQYTeHvn8loihZbgv59Ln0MyaZWmVfNgr6c0TzSA5LaqFBj7P3N9zY_8-h58ts4_-sAHao_yFT-cGmP5Azd9OruGKgu
x-cache
HIT, HIT
fastly-io-info
ifsz=122402 idim=600x400 ifmt=jpeg ofsz=63440 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
63440
x-served-by
cache-iad-kcgs7200021-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.793568,VS0,VE0
etag
"GTfoIHF+VqGrw2GkwV0/VkEP78XOZhoSVpNgBZADKR8"
vary
Accept
x-goog-generation
1689634743423112
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=9Q+IHg==, md5=pmh8jWL44zwOL49eQV3T+Q==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
122402
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8, 6
17nat-murdaugh-settlement-1-jwvg-threeByTwoSmallAt2X.jpg
static01.nyt.com/images/2023/07/17/multimedia/17nat-murdaugh-settlement-1-jwvg/
27 KB
27 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/17/multimedia/17nat-murdaugh-settlement-1-jwvg/17nat-murdaugh-settlement-1-jwvg-threeByTwoSmallAt2X.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
153be1d30a02066773a037281f6aae3837a41a1044d27f1fb3e12b6bbec1d990
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 23:09:44 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
19389
x-guploader-uploadid
ADPycdsKVTauj-qr_ZGS0P6BP7ATNWwpw6w_txOICKB7fJuS89ST71r0VSQn-T9yecBh9d4hcWc7jbEXXLFZ7RRF6YAkxQ
x-cache
HIT, HIT
fastly-io-info
ifsz=67178 idim=600x400 ifmt=jpeg ofsz=27642 odim=600x400 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
27642
x-served-by
cache-iad-kiad7000136-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.797344,VS0,VE0
etag
"FDzotcRRWMRypVBFpUPCCMPSVPRTR43M2Ay7s0qjsOI"
vary
Accept
x-goog-generation
1689635345176438
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=IEUxcA==, md5=w/iaExPAJSy/HGZwtPYZ3A==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
67178
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
27, 4
michelle-cottle-circular-thumbLarge-v4.png
static01.nyt.com/images/2019/06/25/opinion/michelle-cottle-circular/
22 KB
23 KB
Image
General
Full URL
https://static01.nyt.com/images/2019/06/25/opinion/michelle-cottle-circular/michelle-cottle-circular-thumbLarge-v4.png?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a02850d90f1195bbf1a0ddd8151512a081d1d4b17d71811d8797ef83bba2666a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 03 Jul 2023 15:28:39 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
47011
x-guploader-uploadid
ADPycdui9AQcP6QCjaTw604nblm0Oipra6oU9hoXvYg3li-_jSzFuvYxoC3OrmagDrYqijEYV8RoZQiac4--B6N27UFPalVpJNKA
x-cache
HIT, HIT
fastly-io-info
ifsz=36204 idim=150x150 ifmt=png ofsz=22498 odim=150x150 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
22498
x-served-by
cache-iad-kiad7000119-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.720670,VS0,VE0
etag
"E4jY51R34Yh+oicLos3pNKKhGt4nF0a/IY0GNrJnHIk"
vary
Accept
x-goog-generation
1683668233585652
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=HrrwFQ==, md5=yUZ6BePmb5Ktb30+YlIMZA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
36204
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
105, 10
17bird1-square320-v2.jpg
static01.nyt.com/images/2023/07/18/opinion/17bird1/
13 KB
14 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/18/opinion/17bird1/17bird1-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9c10004f09158911237b997628ccd710106bd9b03c8fc1a680c39c129523e39c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 18:31:32 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
36079
x-guploader-uploadid
ADPycduozyiPzAf21Hhw-SdaYIBXhMUMYjDivAco-Aw_Vyp9HGBWgtg7f3qjiR9C1P2ltRDY0fk03oMSU4lznYLP4NsJcQ
x-cache
HIT, HIT
fastly-io-info
ifsz=23045 idim=320x320 ifmt=jpeg ofsz=13424 odim=320x320 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
13424
x-served-by
cache-iad-kiad7000056-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.802735,VS0,VE0
etag
"B1vIZD5isDIsqMI5bT7fIXsjyZp1moJLmvmhpxSsYZQ"
vary
Accept
x-goog-generation
1689618692756545
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=GJoM+Q==, md5=3CB1F7jjldaXkJuFDOKj6A==
cache-control
public, max-age=604800, stale-if-error=86400, stale-while-revalidate=30
x-goog-stored-content-length
23045
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6, 7
paul-krugman-thumbLarge.png
static01.nyt.com/images/2018/04/02/opinion/paul-krugman/
21 KB
22 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/04/02/opinion/paul-krugman/paul-krugman-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fb177985ebe75561e65bcb91d425186017f2017e70c5c7f8cf8915ef7e403181
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 08 Jul 2023 06:11:29 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
253284
x-guploader-uploadid
ADPycdtRTyVRty-Beu4j45L4U_HJwS7lxEdlUkTD4OUUvYEMli-U_bSQ4sDxqOPG8B7CVCW7Mw7N9bLCTOQlTDhxWffEVw
x-cache
HIT, HIT
fastly-io-info
ifsz=35334 idim=150x150 ifmt=png ofsz=21898 odim=150x150 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
21898
x-served-by
cache-iad-kcgs7200107-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.807593,VS0,VE0
etag
"BxaxH5yGTPhYD7tn7p0QMXcRjIjM793d+dInmek+sv8"
vary
Accept
x-goog-generation
1522683526678420
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=qhevTQ==, md5=m29KXnfO3NU0MLAVICO8qQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
35334
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1885, 9
michelle-goldberg-thumbLarge.png
static01.nyt.com/images/2018/04/02/opinion/michelle-goldberg/
21 KB
22 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/04/02/opinion/michelle-goldberg/michelle-goldberg-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b72897a3747ac80f6b731cd205f1ca1fac51c58898b8b43ec7fdd026da2efc34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 12 Jul 2023 11:11:37 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
494475
x-guploader-uploadid
ADPycdtlctS2_GEpU10GJpn2c0X9TzQq4Bl6xPM_Y3-IQjordAecn5QPtGmqDSK5CBF4079ztFan7ZDk6B6IaHkL05NQwA
x-cache
HIT, HIT
fastly-io-info
ifsz=36799 idim=150x150 ifmt=png ofsz=21518 odim=150x150 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
21518
x-served-by
cache-iad-kiad7000033-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.883825,VS0,VE0
etag
"E5bE3u5kET+7jGHqXv8c5ytNcCj1pdXRh+C6DOvv7h4"
vary
Accept
x-goog-generation
1582283066123601
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=DH13Xw==, md5=b6JQYyRbR+BFBQ9IziYRmg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
36799
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1421, 9
17stjames-square320-v2.jpg
static01.nyt.com/images/2023/07/17/opinion/17stjames/
12 KB
13 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/17/opinion/17stjames/17stjames-square320-v2.jpg?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c2ad39a397469fa7875cb5d1941241ebdca4f75096babc62fb872e68b6bbfc53
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 09:53:19 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
67174
x-guploader-uploadid
ADPycdvYryUDGOd1WhCITVdjUqFPrQImi0NTBY9dFWwmXA1c5KOptPRUF-vrztKHA22uN07b-eBaW77xQYYFjghFHZZaJw
x-cache
HIT, HIT
fastly-io-info
ifsz=35667 idim=320x320 ifmt=jpeg ofsz=12564 odim=320x320 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
12564
x-served-by
cache-iad-kjyo7100147-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.945168,VS0,VE0
etag
"XdV02VHTK1PhaZdzLEvEM8UyD98EInJay785B3F3siA"
vary
Accept
x-goog-generation
1689584408164209
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=QP0E7Q==, md5=6ubciGZCXUo7vd/qK4OXDw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
35667
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
731, 2
robinson-meyer-thumbLarge.png
static01.nyt.com/images/2023/06/23/opinion/robinson-meyer/
19 KB
20 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/06/23/opinion/robinson-meyer/robinson-meyer-thumbLarge.png?format=pjpg&quality=75&auto=webp&disable=upscale
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4759add7777263fab04aac8fc245fc6d17ec48c924142c34c03c99652c8cf939
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 09:53:18 GMT
date
Tue, 18 Jul 2023 04:32:52 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
67175
x-guploader-uploadid
ADPycdsLq696TkuRppJi_yX5dg6BorPV9dHpYRukEOfhkaGMHGYuJs-RUFe21wR_hIl4Keb6z9S--U8W90vVUlBWwEfB4g
x-cache
HIT, HIT
fastly-io-info
ifsz=31915 idim=150x150 ifmt=png ofsz=19662 odim=150x150 ofmt=webp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
fastly-stats
io=1
content-length
19662
x-served-by
cache-iad-kjyo7100057-IAD, cache-fra-etou8220080-FRA
server
UploadServer
x-timer
S1689654773.957090,VS0,VE0
etag
"Cg2RSIlYa0cEyJPJIadeUNtHbyHrPfkETR/9ft41qro"
vary
Accept
x-goog-generation
1687564407019324
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=Sezl/w==, md5=aHOVyX//bLfJFFRgCxdlXw==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
31915
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
905, 8
/
dd.nytimes.com/js/
235 B
619 B
XHR
General
Full URL
https://dd.nytimes.com/js/
Requested by
Host: dd.nytimes.com
URL: https://dd.nytimes.com/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.11.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-57.kul50.r.cloudfront.net
Software
DataDome /
Resource Hash
5ddee1e34eba103f16837876d798f61a458c97b9aff7500721369d017c4ab8ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 4c947ae19ee1a0db2122a6150bc123bc.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
DataDome
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
235
x-amz-cf-id
Og6w5ltRN2QFCN4rZ4pCRTh59EccflHPeuC21pV1-_tho5WWUe2pDQ==
expires
0
pr
s.amazon-adsystem.com/v3/ Frame 716B
2 KB
2 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4cfad6b2bbe25583d4fe6417b159b9fef86507b6b74592d6addd1879d35ec0b9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1910
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 18 Jul 2023 04:32:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZX87RCEGJSBRXDNE9BD2
NYT-Newsletters-TheMorning-Icon-500px.jpg
static.nytimes.com/email-images/
44 KB
45 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-TheMorning-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
12963c41dffbae547d3bd8f1fb42bcdb32012d02ffa988f34bf4a8068ac5b5bf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 08 Jul 2023 07:31:35 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
3575
x-guploader-uploadid
ADPycdsvVoWzTW4LMw4GS2wX5vEt8uBRV2skwKrLSwu4Z1aaSfws_VvPc3cETfZkeiD3GsLplIXio8gAdAgrkxsyo7PW7Fc5J97n
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
45281
x-served-by
cache-iad-kcgs7200135-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:32 GMT
server
UploadServer
x-timer
S1689654773.279426,VS0,VE1
etag
"e77f5972ac472d54b68ae257a4d4e622"
x-goog-generation
1674764252920029
content-type
image/jpeg
x-goog-hash
crc32c=Qlf3Ew==, md5=539ZcqxHLVS2iuJXpNTmIg==
cache-control
public, max-age=3600
x-goog-stored-content-length
45281
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
62780, 1
NYT-Newsletters-TheUpshot-Icon-500px.jpg
static.nytimes.com/email-images/
18 KB
19 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-TheUpshot-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bb1907757a4e2ac40a7b0b09b83110848727dbdac48023e8eb1da4d3f951bdcc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 28 Jun 2023 13:02:54 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1575
x-guploader-uploadid
ADPycdt9pbsTNtLRvJSOwLwBD1NGdSdB3rWKjdMb32ZGtVSaPfhCTCqa1gZ9N2sM_ECdZwp3jAHPdwj2lwXi-NN3149Utw
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
18627
x-served-by
cache-iad-kcgs7200160-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:33 GMT
server
UploadServer
x-timer
S1689654773.279173,VS0,VE1
etag
"a723809a820ff49587eea388273794de"
x-goog-generation
1674764253541169
content-type
image/jpeg
x-goog-hash
crc32c=zqLMlA==, md5=pyOAmoIP9JWH7qOIJzeU3g==
cache-control
public, max-age=3600
x-goog-stored-content-length
18627
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
195581, 1
the-daily-album-art-square320-v5.jpg
static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/
16 KB
16 KB
Image
General
Full URL
https://static01.nyt.com/images/2017/01/29/podcasts/the-daily-album-art/the-daily-album-art-square320-v5.jpg?
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
55f5d7753bfd32edfa04bb28d297638ca4d694540f73d88e9ef6f596554a198e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 16 May 2023 10:39:05 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
582812
x-guploader-uploadid
ADPycdvBEZTvoLz_Ol_kMSi_-Zqw-hUz-1PMn4AsBBpyBHmeVq7-baX2QZp_io0CSIxZDaFmz0Aj-VtBQGB3Q9S79UBwwA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
15986
x-served-by
cache-iad-kiad7000063-IAD, cache-fra-etou8220080-FRA
last-modified
Wed, 15 Feb 2023 17:14:19 GMT
server
UploadServer
x-timer
S1689654773.276405,VS0,VE1
etag
"3df0d7c3ab68376650be938ac48947ba"
x-goog-generation
1676481259772829
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=JiXB7Q==, md5=PfDXw6toN2ZQvpOKxIlHug==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
15986
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
94882, 1
the-run-up-album-art-thumbLarge.jpg
static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/
13 KB
14 KB
Image
General
Full URL
https://static01.nyt.com/images/2022/08/29/podcasts/the-run-up-album-art/the-run-up-album-art-thumbLarge.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d9840098d938c09fe3c3995e19c54bffba606c15f094699e2241da0f70aaf4cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 27 Jun 2023 09:29:29 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
587002
x-guploader-uploadid
ADPycds57MtQajYx4S-KZuSNSVQrfkeb4sQ3QQ4Hdx0og2RSnhiUSSfIFxglIZkoFDFucqANyslg0yIYc6Giba8KHlaZjKFV6yX7
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
13823
x-served-by
cache-iad-kiad7000040-IAD, cache-fra-etou8220080-FRA
last-modified
Mon, 03 Apr 2023 13:34:58 GMT
server
UploadServer
x-timer
S1689654773.276532,VS0,VE1
etag
"55596999c9261437b8fa3ce8377b6d5d"
x-goog-generation
1680528898528125
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=10HhSg==, md5=VVlpmckmFDe4+jzoN3ttXQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
13823
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
60019, 1
NYT-Newsletters-Europe-Icon-500px.jpg
static.nytimes.com/email-images/
33 KB
34 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-Europe-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
bf8be97d9fc18f543554ee21bf549242614644bb76678d624bfdbc327565da90
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 03 Jul 2023 12:45:57 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2652
x-guploader-uploadid
ADPycdu9Sdq2H42bCW5Jrh7XWttlpoThb0jSS5M9cdn2ZuoGaLIoqohqqEpdCY2-B_Iz0P75Jp5uT_HkEt6u2EUS277pPQ
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
34106
x-served-by
cache-iad-kjyo7100073-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:14 GMT
server
UploadServer
x-timer
S1689654773.279169,VS0,VE1
etag
"84c5b128d8a40ad11ff57a21c78ae98f"
x-goog-generation
1674764234562175
content-type
image/jpeg
x-goog-hash
crc32c=aeK9EQ==, md5=hMWxKNikCtEf9Xohx4rpjw==
cache-control
public, max-age=3600
x-goog-stored-content-length
34106
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
146512, 1
NYT-Newsletters-SONL-TheInterpreter-Icon-500px.jpg
static.nytimes.com/email-images/
55 KB
55 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-SONL-TheInterpreter-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
522ae3ec74ed1439b18121a59bc547ccc5ba8f272e2bfd8f7d23735bebc524d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 08 Jul 2023 07:29:51 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
55
x-guploader-uploadid
ADPycductEzeHLeIUPz-L3RVPU5oSC73-Hu8ip7wrEovM4T1GaBEeSDTy5VejGItTxLi0Kj_7WF3hCCDCZHdbyl7Z3Xecw
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
56166
x-served-by
cache-iad-kiad7000068-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:28 GMT
server
UploadServer
x-timer
S1689654773.279452,VS0,VE1
etag
"7a7169546b1db6d41464cd559c688cff"
x-goog-generation
1674764248705379
content-type
image/jpeg
x-goog-hash
crc32c=EakWMg==, md5=enFpVGsdttQUZM1VnGiM/w==
cache-control
public, max-age=3600
x-goog-stored-content-length
56166
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
81897, 1
NYT-Newsletters-AustraliaLetter-Icon-500px.jpg
static.nytimes.com/email-images/
31 KB
32 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-AustraliaLetter-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
df62bdce35e1c96fbbac865101bf22e43bb8532ab331f1a146e36ec30a89ad49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 21 Jun 2023 06:37:26 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2980
x-guploader-uploadid
ADPycdt65Jak60eEQWdP68Wqdqj7gwIXnmoseC4K1fs-O4MSjlxLE71xCDQs33X9rJ6EM_YHs2fe3R8W7ajMs9zTFu0-rA
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
31992
x-served-by
cache-iad-kjyo7100062-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:08 GMT
server
UploadServer
x-timer
S1689654773.279152,VS0,VE1
etag
"a5710edf3ca964eb9821bca5e7d29a70"
x-goog-generation
1674764228279404
content-type
image/jpeg
x-goog-hash
crc32c=BNCO2g==, md5=pXEO3zypZOuYIbyl59KacA==
cache-control
public, max-age=3600
x-goog-stored-content-length
31992
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
258734, 1
NYT-Newsletters-CanadaLetter-Icon-500px.jpg
static.nytimes.com/email-images/
31 KB
31 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-CanadaLetter-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
caa32aba4a21d6d11890097a32a34fad58f6db74c904c5b11d9903831f6488ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 04 Jul 2023 11:53:16 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2218
x-guploader-uploadid
ADPycduHVazN1UStIqlmiCxCA8cKqKxJbarT6odLD91TYAJ-zdFu4BwW0x4VbX929kMKEd7oh9KyKeAynH-uraqSI1vbuw
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
31625
x-served-by
cache-iad-kjyo7100097-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:10 GMT
server
UploadServer
x-timer
S1689654773.278677,VS0,VE1
etag
"75018ee1d16688efd0f841bccacc0cef"
x-goog-generation
1674764230398499
content-type
image/jpeg
x-goog-hash
crc32c=4Klbcw==, md5=dQGO4dFmiO/Q+EG8yswM7w==
cache-control
public, max-age=3600
x-goog-stored-content-length
31625
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
125470, 1
NYT-Newsletters-DealBook-Icon-500px.jpg
static.nytimes.com/email-images/
19 KB
20 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-DealBook-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
81ad1c33fafc4f1931e2936406de341dbb217bdf14e86af20cd53cf94b3f2c17
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 13 Jun 2023 07:21:52 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
247
x-guploader-uploadid
ADPycdsTo9LY5OvdHxQ-3EwuDQfxH03YOjntVac6cnsoQtlcUOIPk3JaBU6kRvfN22lQzGnEub8cB0haMhZymhELowB5I4lYd7cW
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19941
x-served-by
cache-iad-kiad7000171-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:12 GMT
server
UploadServer
x-timer
S1689654773.468773,VS0,VE11
etag
"041a6377595944934058c31091f93c6e"
x-goog-generation
1674764232924515
content-type
image/jpeg
x-goog-hash
crc32c=+Cpi5Q==, md5=BBpjd1lZRJNAWMMQkfk8bg==
cache-control
public, max-age=3600
x-goog-stored-content-length
19941
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
346503, 1
hard-fork-album-art-square320-v2.png
static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/
168 KB
169 KB
Image
General
Full URL
https://static01.nyt.com/images/2022/09/28/podcasts/hard-fork-album-art/hard-fork-album-art-square320-v2.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
88523cede4105fd43f40b3afa851416f61ff389f399ac10ffa969542d12e8005
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 13 Jul 2023 20:57:17 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
372936
x-guploader-uploadid
ADPycdtAm-GJdRtco-YW43XJYTJCC6Oo8IhvREvc0Pm_RwDUcGtEphhMZDV5TQJLU9p4kgFkgk2wbJVb9__FwPO9mN1xgQ
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
171964
x-served-by
cache-iad-kiad7000054-IAD, cache-fra-etou8220080-FRA
last-modified
Mon, 17 Oct 2022 14:56:04 GMT
server
UploadServer
x-timer
S1689654773.276871,VS0,VE2
etag
"41c3c0825136e330faf83d435d22de75"
x-goog-generation
1666018564084320
content-type
image/png
access-control-allow-origin
*
x-goog-hash
crc32c=rwW/FQ==, md5=QcPAglE24zD6+D1DXSLedQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
171964
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
20052, 1
NYT-Newsletters-SONL-ReadLikeTheWind-Icon-500px.jpg
static.nytimes.com/email-images/
28 KB
29 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-SONL-ReadLikeTheWind-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c63895ae1bb928e25466c9f7f49870de78034d4a2c5021be43e9aa4e7da7be1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Fri, 30 Jun 2023 17:48:00 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2494
x-guploader-uploadid
ADPycduSvsNmRi1eZys5tb_nNSac-tIgCjkg7NNRkVx5HM-9bk-T_uT2nGd51cwHFK9Hj3pE380Tr80hSvwg5XyKt8b8cg
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28932
x-served-by
cache-iad-kcgs7200027-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:27 GMT
server
UploadServer
x-timer
S1689654773.471113,VS0,VE1
etag
"70a3a9e46cca6b532124cb27e65f7b7a"
x-goog-generation
1674764247748521
content-type
image/jpeg
x-goog-hash
crc32c=GTByog==, md5=cKOp5GzKa1MhJMsn5l97eg==
cache-control
public, max-age=3600
x-goog-stored-content-length
28932
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
164307, 1
NYT-Newsletters-SONL-Watching-Icon-500px.jpg
static.nytimes.com/email-images/
19 KB
19 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-SONL-Watching-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
664c6fc5a3e948675e46eea65f90c96b2fc04391006005ebae85490095e95f7b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 14:17:58 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
889
x-guploader-uploadid
ADPycdtNv8fxw84OjvvhRLg6dw-kiqmjNCGribZmETVaBb1mRq3yv8WAXPl-NEPAAjkZyeXBBPm3a-uDqDvodFwWXn335cuf2B4B
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
19011
x-served-by
cache-iad-kiad7000114-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:29 GMT
server
UploadServer
x-timer
S1689654773.474030,VS0,VE8
etag
"6947efbbf60eb4059f6614d44b533740"
x-goog-generation
1674764249350095
content-type
image/jpeg
x-goog-hash
crc32c=oNkYzQ==, md5=aUfvu/YOtAWfZhTUS1M3QA==
cache-control
public, max-age=3600
x-goog-stored-content-length
19011
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7704, 1
music-popcast-thumbLarge-v3.jpg
static01.nyt.com/images/2011/05/20/multimedia/music-popcast/
24 KB
24 KB
Image
General
Full URL
https://static01.nyt.com/images/2011/05/20/multimedia/music-popcast/music-popcast-thumbLarge-v3.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b7715dcf5357ce23529342ad42c033d198e99b3cc81b4d3ee144d61368cd9361
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 28 Jun 2023 15:16:02 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
479809
x-guploader-uploadid
ADPycdt9MW6fy0ITWGdAInioLp-YNdGMFeuqXN6bJkxK_8uB5-8c1dT-5dc_KTiQ-PED27Pg1qdum14ivfHwnU2ak-o8z9h6VhBC
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
24419
x-served-by
cache-iad-kiad7000140-IAD, cache-fra-etou8220080-FRA
last-modified
Fri, 05 Oct 2018 12:19:42 GMT
server
UploadServer
x-timer
S1689654773.277354,VS0,VE1
etag
"8d24e4b54c13fae09182396a034cbd05"
x-goog-generation
1538741982829422
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=VUkWbw==, md5=jSTktUwT+uCRgjlqA0y9BQ==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
24419
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
61628, 1
book-review-album-art-v2-thumbLarge-v3.jpg
static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/
10 KB
11 KB
Image
General
Full URL
https://static01.nyt.com/images/2018/03/27/books/book-review-album-art-v2/book-review-album-art-v2-thumbLarge-v3.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c1528242dde1e0063750ab6a8e2d09ecee4bbddff42e766a88bc653d3082e2bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 07 Jun 2023 06:13:29 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
503597
x-guploader-uploadid
ADPycdtPXnqWc0ijDynzKum8j8ceRJJ73xqjsdsQMeIDQhB5XsSUTJBx4aayULMOsDOlY2Y2rADAmtCb-VDphnl2vmnGVBZuak25
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
10250
x-served-by
cache-iad-kcgs7200061-IAD, cache-fra-etou8220080-FRA
last-modified
Sun, 11 Sep 2022 10:22:27 GMT
server
UploadServer
x-timer
S1689654773.442215,VS0,VE1
etag
"723130278ddba910835dc0e09c970c9c"
x-goog-generation
1662891747534151
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=EsOybg==, md5=cjEwJ43bqRCDXcDgnJcMnA==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
10250
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
81440, 1
NYT-Newsletters-OpenThread-Icon-500px.jpg
static.nytimes.com/email-images/
42 KB
43 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-OpenThread-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fb8a9ef7fb4a455c183005fd1a1030b0a699c76ccb176495d1f25f1c634fec3e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 19 Jun 2023 15:33:18 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2634
x-guploader-uploadid
ADPycdvNcGv8YBYaRvtvoc2D5TszFFc5-IJrKC39xHQFWqMLnmmy6PXQ5HH6vKbTZtBrRCzf0ro8xUQ3twQrzYsE9as_fA
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
43150
x-served-by
cache-iad-kjyo7100138-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:23 GMT
server
UploadServer
x-timer
S1689654773.478457,VS0,VE1
etag
"699a08c2e2942e43193a63bea77d2649"
x-goog-generation
1674764243099167
content-type
image/jpeg
x-goog-hash
crc32c=2zA1AQ==, md5=aZoIwuKULkMZOmO+p30mSQ==
cache-control
public, max-age=3600
x-goog-stored-content-length
43150
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
280140, 1
NYT-Newsletters-LoveLetter-Icon-500px.jpg
static.nytimes.com/email-images/
38 KB
39 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-LoveLetter-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4c3dbd66fad876a3024518532a3875e56ea54ac5304b463570fbf749f8d23c2d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 13 Jun 2023 14:15:24 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2817
x-guploader-uploadid
ADPycduaJeeivzXqkJ3FL_FIuvEkAGnMKF9D8Afs0bcxn2bjKpUfAKKG-Y6mQm54tSzAouokU45xm05HtN-HGBYkMgKoww
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
39049
x-served-by
cache-iad-kjyo7100159-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:17 GMT
server
UploadServer
x-timer
S1689654773.479946,VS0,VE1
etag
"7311acdfe193a4a6bb52e6057509727a"
x-goog-generation
1674764237018083
content-type
image/jpeg
x-goog-hash
crc32c=9KkLpg==, md5=cxGs3+GTpKa7UuYFdQlyeg==
cache-control
public, max-age=3600
x-goog-stored-content-length
39049
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
291928, 1
modernlove-logo-thumbLarge-v3.jpg
static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/
11 KB
11 KB
Image
General
Full URL
https://static01.nyt.com/images/2020/09/21/podcasts/modernlove-logo/modernlove-logo-thumbLarge-v3.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
27e9350288dbd66f5e32152a9d5c6eb4ddc591d4d8f52b13aa7a225a59a70d1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 14 Jun 2023 06:12:49 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
512402
x-guploader-uploadid
ADPycdsGn3shIVdpb4KBthHvZXg9ZwWETZp49l6rHnYT78ziiB2hZcqh3tEq6SUtgWZy2P8hu28rNY37lSABczAoqEmmUA
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
11068
x-served-by
cache-iad-kjyo7100031-IAD, cache-fra-etou8220080-FRA
last-modified
Wed, 12 Oct 2022 21:09:26 GMT
server
UploadServer
x-timer
S1689654773.442324,VS0,VE1
etag
"a7f951f6008a9ad96241148de9d77f76"
x-goog-generation
1665608966820623
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=BQuLtQ==, md5=p/lR9gCKmtliQRSN6dd/dg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
11068
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
102898, 1
matter-of-opinion-album-art-thumbLarge-v2.jpg
static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/
12 KB
13 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/05/08/podcasts/matter-of-opinion-album-art/matter-of-opinion-album-art-thumbLarge-v2.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
99001c53908d4b4d35ab1dcfdf8e75d2b0625d14fe1dea75f26cee7e8f6c115c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 07 Jun 2023 07:19:43 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
604664
x-guploader-uploadid
ADPycdsoKE8dapDIahB0wRk2PTLyMRHEImOEOQDl0EI2hdxxG09p3yX7x4M3XoUM8aJiAWZNLsrqRNQ-A3AQ2lW0Ot0Nyg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
12674
x-served-by
cache-iad-kcgs7200113-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 25 May 2023 15:12:12 GMT
server
UploadServer
x-timer
S1689654773.457870,VS0,VE1
etag
"69fd087912b0511410a5a6c8b3ae95d5"
x-goog-generation
1685027532007855
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=cBstdQ==, md5=af0IeRKwURQQpabIs66V1Q==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
12674
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
83359, 1
ezra-klein-album-art-square320-v2.jpg
static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/
26 KB
26 KB
Image
General
Full URL
https://static01.nyt.com/images/2021/01/12/podcasts/ezra-klein-album-art/ezra-klein-album-art-square320-v2.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e33f27ca48f4baacb28be9b0e7447ddffce3d30a827351b77e5e190dfe1ea1f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 13 Jun 2023 09:05:51 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
588419
x-guploader-uploadid
ADPycduOpqIEhurx-OhmmEGlUTnhGPC442N9ttbpaf609zCygpUgxX7SYvqHv7m27_qST-AIdQKBSHPEVW_gezuesiq6Jg
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
26546
x-served-by
cache-iad-kjyo7100063-IAD, cache-fra-etou8220080-FRA
last-modified
Mon, 01 Nov 2021 16:41:14 GMT
server
UploadServer
x-timer
S1689654773.468727,VS0,VE1
etag
"8112a1a42d57e0636beaf8f105b85cee"
x-goog-generation
1635784873905458
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=bgL3XA==, md5=gRKhpC1X4GNr6vjxBbhc7g==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
26546
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
70899, 1
NYT-Newsletters-Cooking-Icon-500px.jpg
static.nytimes.com/email-images/
28 KB
28 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-Cooking-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a3c37db5087d58e11ca298b812247f8422aacff1f7f1a8cb2363b0cb82fc5e93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 26 Jun 2023 18:17:54 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
587
x-guploader-uploadid
ADPycdsN3HfXZEmQy9UksSpZlPBlYSSxdNfZnN_PZSM7n2hwySVDAAyexkz8__TWZpQIKw196Hw7MB9FpCApImEltntpyw
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
28541
x-served-by
cache-iad-kjyo7100152-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:11 GMT
server
UploadServer
x-timer
S1689654773.481525,VS0,VE1
etag
"35a2028e91acb22bcd9bcc5a8847d5c4"
x-goog-generation
1674764231973108
content-type
image/jpeg
x-goog-hash
crc32c=S+v8KQ==, md5=NaICjpGssivNm8xaiEfVxA==
cache-control
public, max-age=3600
x-goog-stored-content-length
28541
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
211159, 1
NYT-Newsletters-TheVeggie-Icon-500px.jpg
static.nytimes.com/email-images/
76 KB
76 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-TheVeggie-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
95f30b2acd202a90e206e85682a20c1817a1de12562ec6707b64a33816e324f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 04 Jul 2023 07:45:12 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
2756
x-guploader-uploadid
ADPycdtZS-2uqTahkpEnC9cZvJEaxjZnYvze5XUKgpX5T3kBHEBOxoRj_rf3fXE7oEhODu0R408J4vK_M-zBYSpZh2MxtA
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
77641
x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:33 GMT
server
UploadServer
x-timer
S1689654774.632985,VS0,VE2
etag
"fdd8540e5430d6ff9a0fb7db92e58747"
x-goog-generation
1674764253602244
content-type
image/jpeg
x-goog-hash
crc32c=lEBOtQ==, md5=/dhUDlQw1v+aD7fbkuWHRw==
cache-control
public, max-age=3600
x-goog-stored-content-length
77641
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
145788, 1
NYT-Newsletters-FiveWeeknightDishes-Icon-500px.jpg
static.nytimes.com/email-images/
74 KB
74 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-FiveWeeknightDishes-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
af18e57dfa46a006c87bbeedbcff9a66ea55147976b535ea7aee59ff1185c430
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Fri, 09 Jun 2023 07:14:45 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
676
x-guploader-uploadid
ADPycdtng0h018ODp_QD_5UWZt-8bcYFpj4mTEutEvbh3FdV1odl7RKzN0gZDcckT213_u2LQDj0_k35ty-bPJVvRUrIIg
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
75648
x-served-by
cache-iad-kcgs7200118-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:15 GMT
server
UploadServer
x-timer
S1689654774.640163,VS0,VE1
etag
"a4552c8a95e3aefd68c2b795aa2ae1f4"
x-goog-generation
1674764235404676
content-type
image/jpeg
x-goog-hash
crc32c=hwyX1w==, md5=pFUsipXjrv1owreVqirh9A==
cache-control
public, max-age=3600
x-goog-stored-content-length
75648
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
311893, 1
NYT-Newsletters-Gameplay-Icon-500px.jpg
static.nytimes.com/email-images/
23 KB
23 KB
Image
General
Full URL
https://static.nytimes.com/email-images/NYT-Newsletters-Gameplay-Icon-500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0a6feb1d591f3bcdd5eda5052e0e8487afb00a70984e5f53817316d805e19898
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 27 Jun 2023 17:15:30 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
780
x-guploader-uploadid
ADPycdtZnPUu4b1S2ZEelH7s1sy5XTEXhosuHcWtbsIn3Rlg8FQ04FA3s9d0PcdQxiOtGyU9gJoEoQh-eYMBGoLoQOdLAsoj2U8G
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
23452
x-served-by
cache-iad-kcgs7200100-IAD, cache-fra-etou8220080-FRA
last-modified
Thu, 26 Jan 2023 20:17:16 GMT
server
UploadServer
x-timer
S1689654774.644461,VS0,VE1
etag
"3424e94ae9ceca0c753da87bf0d4f800"
x-goog-generation
1674764236166904
content-type
image/jpeg
x-goog-hash
crc32c=6csltQ==, md5=NCTpSunOygx1Pah78NT4AA==
cache-control
public, max-age=3600
x-goog-stored-content-length
23452
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
213348, 1
20230317_Wirecutter%20Newsletter%20Index%20Page_Icon_500px.jpg
static.nytimes.com/email-images/
35 KB
36 KB
Image
General
Full URL
https://static.nytimes.com/email-images/20230317_Wirecutter%20Newsletter%20Index%20Page_Icon_500px.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b950db85750f4bb0a0a5fad5d439ddee2a06c3c73d6c21913788d7b604a59610
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 27 Jun 2023 17:10:46 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
1034
x-guploader-uploadid
ADPycdvFTjES9MU-rX0BoHyPwoSm7MrWxudaumeuvzEntx3UdfUZ1e5s0TTOWEytcOZ4lm0j_SjfuVqyt00Jrh66CLnn3aZ1F6CY
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
36174
x-served-by
cache-iad-kjyo7100088-IAD, cache-fra-etou8220080-FRA
last-modified
Tue, 04 Apr 2023 19:24:10 GMT
server
UploadServer
x-timer
S1689654774.648542,VS0,VE1
etag
"6ca3630d44c834f4482541fc43a672b5"
x-goog-generation
1680636250620425
content-type
image/jpeg
x-goog-hash
crc32c=WnKtgQ==, md5=bKNjDUTINPRIJUH8Q6ZytQ==
cache-control
public, max-age=3600
x-goog-stored-content-length
36174
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
194433, 1
cleaners-coronavirus-square-7978.jpg
static01.nytimes.com/email-images/
816 KB
817 KB
Image
General
Full URL
https://static01.nytimes.com/email-images/cleaners-coronavirus-square-7978.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
20426e26922c4a942f149765ac9335621741dbcc69efba4900e40f332a05e349
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 26 Jun 2023 15:23:26 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
58
x-guploader-uploadid
ADPycduOAruf5DlhpbrCmjKxlNnfH9u72ySxiKAd2exWeyhDw8Z1ex0QFbA22g6qbAMkE6NzmzzWmjU24SG71-TctTXMtQ
x-cache
HIT, HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
835833
x-served-by
cache-iad-kcgs7200088-IAD, cache-fra-etou8220080-FRA
last-modified
Tue, 02 May 2023 16:34:28 GMT
server
UploadServer
x-timer
S1689654774.622925,VS0,VE2
etag
"c8f5f292c0224af70d6d1f793fcc7e34"
x-goog-generation
1683045268221914
content-type
image/jpeg
x-goog-hash
crc32c=aVwuDA==, md5=yPXyksAiSvcNbR95P8x+NA==
cache-control
public, max-age=3600
x-goog-stored-content-length
835833
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
171183, 1
icon-athletic-pulse-5c4aa39b82261caf0a635d3e9b55f280.png
www.nytimes.com/vi-assets/static-assets/
39 KB
40 KB
Image
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/icon-athletic-pulse-5c4aa39b82261caf0a635d3e9b55f280.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
03dfcd45330153f31dfcd23f806dca33e8005d16b9e5db965a77d1e6d85a23c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 11 Jun 2024 23:19:05 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
age
3042829
x-guploader-uploadid
ADPycduUAP7KMt-vAzVrWJY-U5Asx4RVpYBY-3AFH66ZEL1hexHQLajBkYiY3sBBM7sXsNTXM-fGh336R7yim8Y2MiR6A0r5uTLQ
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-origin-time
2023-06-12 23:19:05 UTC
content-length
39718
x-served-by
cache-fra-etou8220080-FRA
last-modified
Mon, 12 Jun 2023 23:12:27 GMT
server
UploadServer
x-timer
S1689654773.277291,VS0,VE1
etag
"1c64de3de7338deb129969595d23650e"
vary
Fastly-SSL
x-goog-generation
1686611547747386
content-type
image/png
x-goog-hash
crc32c=EbUYUg==, md5=HGTePeczjesSmWlZXSNlDg==
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-goog-stored-content-length
39718
x-gdpr
0
x-nyt-edge-cache
HIT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-pulse-5c4aa39b82261caf0a635d3e9b55f280.png
accept-ranges
bytes
x-nyt-route
vi-assets
x-cache-hits
242
icon-athletic-windup-313852589a1690a33fc179b347db563c.png
www.nytimes.com/vi-assets/static-assets/
48 KB
49 KB
Image
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/icon-athletic-windup-313852589a1690a33fc179b347db563c.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9cadac8e1ac1442817c74a18919d04b66f9b3a9733ce707bc560c394bc443ad3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Sat, 13 Jul 2024 23:35:59 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
age
277014
x-guploader-uploadid
ADPycdtVm4LhRaHupiffeiXu3tMy41esDclF-CieBhusXo_L2ePQBFCOUCUz2ORXoghszVKTkGJCspT3numNXIxAhADv-A
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-14 23:35:59 UTC
content-length
49289
x-served-by
cache-fra-etou8220080-FRA
last-modified
Fri, 14 Jul 2023 22:45:58 GMT
server
UploadServer
x-timer
S1689654773.277273,VS0,VE1
etag
"2cb1cc1bf2d55a245b1fb3a4abe7f146"
vary
Fastly-SSL
x-goog-generation
1689374757997286
content-type
image/png
x-goog-hash
crc32c=3jxUUw==, md5=LLHMG/LVWiRbH7Okq+fxRg==
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-goog-stored-content-length
49289
x-gdpr
0
x-nyt-edge-cache
HIT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-windup-313852589a1690a33fc179b347db563c.png
accept-ranges
bytes
x-nyt-route
vi-assets
x-cache-hits
238
icon-athletic-bounce-26a2c5eff1a5c73548436b9315883f45.png
www.nytimes.com/vi-assets/static-assets/
44 KB
45 KB
Image
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/icon-athletic-bounce-26a2c5eff1a5c73548436b9315883f45.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1361e927c1f3fa18f8488eda0196d64e6fa7863cb88087bfc3f7ea84ed496919
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 29 May 2024 21:28:42 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
age
4172652
x-guploader-uploadid
ADPycdsWortgx6qra2us4SoFckocdWY_Vzm0CNReyYTx-_nCnfyppDxWKkcjws-whbfLKqwEGhNvuru5xuo1-mQnQxuKtv8wUOgO
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-origin-time
2023-05-30 21:28:42 UTC
content-length
45293
x-served-by
cache-fra-etou8220080-FRA
last-modified
Tue, 30 May 2023 21:16:54 GMT
server
UploadServer
x-timer
S1689654773.278079,VS0,VE1
etag
"abbc8a6648ca24eb5643f9c92e8da482"
vary
Fastly-SSL
x-goog-generation
1685481414024444
content-type
image/png
x-goog-hash
crc32c=6rRQ+w==, md5=q7yKZkjKJOtWQ/nJLo2kgg==
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-goog-stored-content-length
45293
x-gdpr
0
x-nyt-edge-cache
HIT
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-bounce-26a2c5eff1a5c73548436b9315883f45.png
accept-ranges
bytes
x-nyt-route
vi-assets
x-cache-hits
247
icon-athletic-primetire-0fe1a780adc1ddcb01a6b3010494385b.png
www.nytimes.com/vi-assets/static-assets/
44 KB
44 KB
Image
General
Full URL
https://www.nytimes.com/vi-assets/static-assets/icon-athletic-primetire-0fe1a780adc1ddcb01a6b3010494385b.png
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
26ac3923f291729d129cc5d795a3ca29b05e5f6cd9054bbb178ec6e93a7cf36a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 15 Jul 2024 02:56:19 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
content-security-policy
upgrade-insecure-requests; default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src data: 'unsafe-inline' https:; img-src data: https: blob: android-webview-video-poster:; font-src data: https:; connect-src https: wss: blob:; media-src data: https: blob:; object-src https:; child-src https: data: blob:; form-action https:; report-uri https://csp.nytimes.com/report;
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-api-version
F-X
age
178594
x-guploader-uploadid
ADPycdsfpFjnUSC09jtyQZzMXLN4DmeWGfJcRieCMMCus47p59T6tJtIsPWBx1VHTr-q8AU2dnqsIJsS6UnKI0byH4Afl1aVXk3h
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-origin-time
2023-07-16 02:56:19 UTC
content-length
44643
x-served-by
cache-fra-etou8220080-FRA
last-modified
Sat, 15 Jul 2023 01:08:34 GMT
server
UploadServer
x-timer
S1689654773.278081,VS0,VE1
etag
"e21ed842943f6365bd918d18fef71905"
vary
Fastly-SSL
x-goog-generation
1689383314461950
x-goog-hash
crc32c=7Fqcmw==, md5=4h7YQpQ/Y2W9kY0Y/vcZBQ==
content-type
image/png
onion-location
https://www.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion/vi-assets/static-assets/icon-athletic-primetire-0fe1a780adc1ddcb01a6b3010494385b.png
cache-control
public,max-age=31536000
x-nyt-app-webview
0
x-goog-stored-content-length
44643
x-gdpr
0
x-nyt-edge-cache
HIT
accept-ranges
bytes
x-nyt-route
vi-assets
x-cache-hits
239
activityi;dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;ua...
5290727.fls.doubleclick.net/ Frame B4ED
Redirect Chain
  • https://5290727.fls.doubleclick.net/activityi;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;...
  • https://5290727.fls.doubleclick.net/activityi;dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes...
503 B
618 B
Document
General
Full URL
https://5290727.fls.doubleclick.net/activityi;dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f149.1e100.net
Software
cafe /
Resource Hash
f516572a2cf63a68349d85f550cbeb47fc707e26af42e376c25590edbba9d813
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
278
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 04:32:53 GMT
expires
Tue, 18 Jul 2023 04:32:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 04:32:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5290727.fls.doubleclick.net/activityi;dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
chartbeat_video.js
static.chartbeat.com/js/
70 KB
24 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: href.li
URL: https://href.li/?https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2179:6000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0744b5a06712d19c1b72db9691015da5567bda61a5a05ed27b60834cd2e6dfcf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 18:31:52 GMT
content-encoding
gzip
via
1.1 992d0bf46adc44efb6ae5182ac41ed86.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:36:52 GMT
server
nginx
x-amz-cf-pop
KUL50-C1
age
36060
etag
W/"649b80a4-11962"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
wZ87zx5zm9QyMNfUq1TkECh4x0vAbaKeMyc5hFBc6xe9560iSSTlzQ==
expires
Tue, 18 Jul 2023 18:31:52 GMT
show-ads.js
a1.nyt.com/analytics/
45 B
589 B
Script
General
Full URL
https://a1.nyt.com/analytics/show-ads.js
Requested by
Host: href.li
URL: https://href.li/?https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Tue, 16 May 2023 23:50:37 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
26548
x-guploader-uploadid
ADPycdtscvtwua-aV23Ie4HH8S1lqi9QidJsXhbEqRNfxkV6tNV1KH0icsZAxhU-HV9bftk4IJw_R0mZhYygMLPaRF9Ba3aD4zym
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
65
x-served-by
cache-fra-etou8220080-FRA
last-modified
Wed, 22 Dec 2021 23:30:41 GMT
server
UploadServer
x-timer
S1689654774.623043,VS0,VE0
etag
"1d291da792456bd015b664ee1119a5e0"
vary
Accept-Encoding
x-goog-generation
1640215841852360
x-goog-hash
crc32c=nM1/Pw==, md5=HSkdp5JFa9AVtmTuERml4A==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
45
accept-ranges
bytes
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
336
comscore-streaming.js
a1.nyt.com/analytics/
103 KB
19 KB
Script
General
Full URL
https://a1.nyt.com/analytics/comscore-streaming.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Thu, 15 Jun 2023 01:26:18 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
12390
x-guploader-uploadid
ADPycdtdMejfVXl_FkgB6Xfaz5FQWf1-TwrQzNFqbYjqAR9vB2EBfz7lEXkLZjYgX7tqI1iJP2FqVkV35Qg-u5fFMDWkaszFCzt-
x-cache
HIT
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
18717
x-served-by
cache-fra-etou8220080-FRA
last-modified
Wed, 22 Dec 2021 23:30:41 GMT
server
UploadServer
x-timer
S1689654774.632876,VS0,VE0
etag
"04e0b9556a78ce5cedf86a34e5483036"
vary
Accept-Encoding
x-goog-generation
1640215841902856
x-goog-hash
crc32c=XkdIyw==, md5=BOC5VWp4zlzt+Go05UgwNg==
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
access-control-allow-methods
GET, OPTIONS
x-goog-stored-content-length
105675
accept-ranges
bytes
x-nyt-pagetype
nyt-dti-analytic
timing-allow-origin
*
x-cache-hits
114
nyt.js
cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/
4 KB
2 KB
Script
General
Full URL
https://cdn.brandmetrics.com/tag/85a1ebf79602421aa1c2c2f24d32cb6c/nyt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P528B3&gtm_auth=tfAzqo1rYDLgYhmTnSjPqw&gtm_preview=env-130&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85bee2e512beeb93c704c13381735ed93c26e12188e1f8225f50c6bce230793c

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 18 Jul 2023 04:05:27 GMT
server
cloudflare
age
1646
cf-polished
origSize=4729
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIkStJXdudPnLi0EWVxPo72ZpSNgO7AE8YO7P2UJzIdtFPt%2BLz0G2jNB8kR4ueVFECBZ52PnfHl8GtaSCYwLL6bbaR%2FN9Z80A83%2FU1FkTR%2FDlMiAL%2BsZM7KELTMwle6NWAK4RQ4m7wccC2dIGOnaw1B6"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7e8800dee8f94d8e-SIN
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://insight.adsrvr.org/track/pxl/?adv=bomn82o&ct=0:s2f54xh&fmt=3&ttl=43200&gtmcb=1029118888
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=OThhZjFmYzItODEwMi00MGQ0LWE1ZWYtODBiODNiZmYyNjc2&gdpr=0&gdpr_consent=&ttd_tdid=98af1fc2-8102-40d4-a5ef-80b83...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=98af1fc2-8102-40d4-a5ef-80b83bff2676&google_gid=CAESEAUC_K4YiLihyH3R7VwWbF0&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=98af1fc2-8102-40d4-a5ef-80b83bff2676&_origin=1&redir=true&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-2K3ZFLZE2uL5pctGBuqk_DJIpvZGvKk-~A&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&r=https%3A%2F%2Fmatch.adsrvr.org%2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
42 B
97 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 18 Jul 2023 04:32:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
15794223622989998060
tpc.googlesyndication.com/simgad/ Frame 19F9
76 KB
76 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15794223622989998060?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm-K4Q5bpC-NpXVWobTEWh4fdTiVA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54aba1e5d614eb5d2ed58953f986694b197128820b37dd7266f4a5ae5a6e50de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 05:48:09 GMT
x-content-type-options
nosniff
age
341084
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77842
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 12:09:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 13 Jul 2024 05:48:09 GMT
zh_cn.png
tpc.googlesyndication.com/pagead/images/cn/ Frame 19F9
995 B
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/cn/zh_cn.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb8e4f901a4800bd014c125c65d76cfdd48058f0412a1f72ddbd613cd4d1db4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 08:09:55 GMT
x-content-type-options
nosniff
server
cafe
age
73378
etag
17250068716606301561
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
995
x-xss-protection
0
expires
Tue, 18 Jul 2023 08:09:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/cn/ Frame 19F9
334 B
398 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/cn/icon.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a43ee2cbb716633cd21633b3895bb8dcba40b348f5b3c48080d1d85a98b91521
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 17 Jul 2023 19:49:38 GMT
x-content-type-options
nosniff
server
cafe
age
31395
etag
16151473764464638424
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
x-xss-protection
0
expires
Tue, 18 Jul 2023 19:49:38 GMT
vhs-plugin-cover-vi-cb257bc040e9e6c17927.min.js
static01.nyt.com/video-static/vhs3/
50 KB
12 KB
Script
General
Full URL
https://static01.nyt.com/video-static/vhs3/vhs-plugin-cover-vi-cb257bc040e9e6c17927.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0d7ccee7c64ea7c455ea02283deaa6a1d0b862d4494cc0e8a5e7f8c4de932943
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 08 Mar 2023 05:44:53 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
286573
x-guploader-uploadid
ADPycdu2l_L_bj4du8HpKRc7Svb6p5PRvK2HyTKjmt4F2MOxA1qoAFuL1gZNkXQsXEalEqZTwoSeW7wg_toXjamJVUs90Tsvf2T_
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
video/vhs3
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
12019
x-served-by
cache-iad-kjyo7100142-IAD, cache-fra-etou8220080-FRA
last-modified
Wed, 15 Feb 2023 21:09:30 GMT
server
UploadServer
x-timer
S1689654774.662288,VS0,VE0
etag
"6193b23f49e49ff96ab0979fc5aca664"
vary
Accept-Encoding
x-goog-generation
1676495370040571
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=fw+YVw==, md5=YZOyP0nkn/lqsJefxaymZA==
cache-control
public,max-age=60,s-maxage=604800
x-goog-stored-content-length
51629
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
41203, 707
truncated
/
5 KB
5 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61987b71501afac79b03e8baa611020d395a37e824fd2360e7831443a305e71d

Request headers

Referer
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/font-woff
v2
samizdat-graphql.nytimes.com/graphql/ Frame
0
0
Preflight
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,nyt-app-type,nyt-app-version,nyt-token,x-nyt-internal-meter-override,x-nyt-news-tenure,x-nyt-programming-abtest
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.nytimes.com
access-control-expose-headers
x-nyt-audience-target-flat,x-nyt-continent,x-nyt-country,x-nyt-region,x-nyt-meridiem,x-nyt-gmt-offset
access-control-max-age
300
age
497
content-encoding
gzip
content-length
20
date
Tue, 18 Jul 2023 04:32:53 GMT
server
envoy
strict-transport-security
max-age=63072000; preload; includeSubdomains
timing-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Accept-Encoding, Access-Control-Request-Method
via
1.1 google, 1.1 varnish
x-cache
HIT
x-cache-hits
4
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
x-envoy-upstream-service-time
16
x-nyt-audience-target-flat
AS:PM
x-nyt-continent
AS
x-nyt-country
SG
x-nyt-edge-cache
HIT
x-nyt-meridiem
PM
x-nyt-region
01
x-samizdat-query-exe-id
858e706ba555dbf0
x-samizdat-query-field-errors
0
x-served-by
cache-fra-etou8220042-FRA
x-timer
S1689654773.459360,VS0,VE0
v2
samizdat-graphql.nytimes.com/graphql/
3 KB
2 KB
Fetch
General
Full URL
https://samizdat-graphql.nytimes.com/graphql/v2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
eb0b4579627401c51d6b23f93a99c9d60e6a0b4e7cc093bcd95082898109cddd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

nyt-token
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+/oUCTBmD/cLdmcecrnBMHiU/pxQCn2DDyaPKUOXxi4p0uUSZQzsuq1pJ1m5z1i0YGPd1U1OeGHAChWtqoxC7bFMCXcwnE1oyui9G1uobgpm1GdhtwkR7ta7akVTcsF8zxiXx7DNXIPd2nIJFH83rmkZueKrC4JVaNzjvD+Z03piLn5bHWU6+w+rA+kyJtGgZNTXKyPh6EC6o5N+rknNMG5+CdTq35p8f99WjFawSvYgP9V64kgckbTbtdJ6YhVP58TnuYgr12urtwnIqWP9KSJ1e5vmgf3tunMqWNm6+AnsqNj8mCLdCuc5cEB74CwUeQcP2HQQmbCddBy2y0mEwIDAQAB
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
x-nyt-programming-abtest
.ver=13578.000&HOME_DFP_FirstAd_0723=2_Lower_FirstAd&HOME_Intl-AA-Dry-Run=0_Control&HOME_Intl-AA-Dry-Run-USHOLD=&HOME_Intl-AA-Dry-Run-USHOLD_2=&HOME_Intl2023_Intl-RegiID=1_International
nyt-app-type
project-vi
content-type
application/json
accept
*/*
Referer
https://www.nytimes.com/
nyt-app-version
0.0.5
x-nyt-news-tenure
anon_user
x-nyt-internal-meter-override
undefined

Response headers

content-encoding
gzip
x-nyt-meridiem
PM
x-b3-traceid
1
age
0
x-samizdat-query-field-errors
0
x-samizdat-query-exe-id
4970f9f1d44afe49
samizdat-x-canary
false
x-served-by
cache-fra-etou8220080-FRA
x-graphiti-gateway
0952608e
x-nyt-country
SG
x-timer
S1689654774.622930,VS0,VE129
x-nyt-continent
AS
vary
Accept-Encoding, Samizdat-X-Personalize, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-nyt-region
01
access-control-expose-headers
x-nyt-audience-target-flat, x-nyt-continent, x-nyt-country, x-nyt-region, x-nyt-meridiem, x-nyt-gmt-offset
cache-control
max-age=30
x-nyt-audience-target-flat
AS:PM
x-nyt-edge-cache
MISS
x-cache-hits
0
x-samizdat-query-sup-code
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 google, 1.1 varnish
x-envoy-decorator-operation
graphql-v1.samizdat.nyti.nyt.net:443/*
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-cache
MISS
samizdat-x-instance
3ba33b84
x-envoy-upstream-service-time
39
content-length
995
last-modified
Tue, 18 Jul 2023 04:28:58 GMT
server
envoy
samizdat-x-kubernetes-namespace
v1
x-fetch-attempts
1
access-control-allow-credentials
true
x-datadog-trace-id
1
accept-ranges
bytes
timing-allow-origin
*
/
mwcm.nytimes.com/capi/metered_assets/
8 KB
3 KB
Fetch
General
Full URL
https://mwcm.nytimes.com/capi/metered_assets/?plat=web&mc=0&gr=OPEN&mr=1&ma=1&counted=false&granted=true&us=anon&context-type=&areas=barOne&areas=welcomeAd
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/vi-assets/static-assets/main-ecfd5f264a8ec352e643.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
3055d5d68f5674e858058b42ffa0cebb7b895da68b3607b96c60a43f8156bd80
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
content-encoding
gzip
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
x-envoy-decorator-operation
capi-prd.growth-mc.nyti.nyt.net:443/*
x-cache
MISS
x-envoy-upstream-service-time
141
x-served-by
cache-fra-etou8220080-FRA
server
envoy
x-cmots-campaign-names
{"barOne":"MAG_web","welcomeAd":"MAG-web_all_non-mobile-all_welcome-killset"}
x-timer
S1689654773.473939,VS0,VE233
vary
x-nyt-country, x-nyt-user-status, x-nyt-continent, x-nyt-device, x-nyt-last-known-type, Accept-Encoding, Fastly-SSL, Origin
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
x-cloud-trace-context
0f7ca7744d838b1f3336a1677149a711
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-nyt-route
mwcm-muassets
x-nyt-edge-cache
MISS
accept-ranges
bytes
access-control-allow-headers
Content-Type, x-requested-by, *
x-cache-hits
0
client
accounts.google.com/gsi/
193 KB
76 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3563ad8d0275755716a8df31eb7a4d459844b48608fa6ff9633ecb63fa5c1367
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZHgXLX1NZuyUgo1YEZr0cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZHgXLX1NZuyUgo1YEZr0cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 18 Jul 2023 04:32:53 GMT
dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
adservice.google.com/ddm/fls/z/ Frame B4ED
42 B
401 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=*;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F
Requested by
Host: 5290727.fls.doubleclick.net
URL: https://5290727.fls.doubleclick.net/activityi;dc_pre=CM_MtcS2l4ADFQCNrAId8QQFvw;src=5290727;type=allpa0;cat=nyti-0;ord=1;num=4925521889240;auiddc=1112226155.1689654773;u17=https%3A%2F%2Fwww.nytimes.com%2F;u5=;u18=anon;gtm=45He37c0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.nytimes.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::9b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://5290727.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 716B
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3326563733878670000V10
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3326563733878670000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X7XM9BJ130KV0P3FZ2EB
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:53 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3326563733878670000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Tue, 18 Jul 2023 04:32:53 GMT
110068_1_17vid-crimea-bridge_wg_1080p.vtt
vp.nyt.com/video/2023/07/17/
0
233 B
TextTrack
General
Full URL
https://vp.nyt.com/video/2023/07/17/110068_1_17vid-crimea-bridge_wg_1080p.vtt
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

Referer
https://www.nytimes.com/
Origin
https://www.nytimes.com
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-chi-kigq8000139-CHI, cache-fra-eddf8230051-FRA
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
server
nginx
age
0
x-timer
S1689654774.729689,VS0,VE104
x-cache
HIT, MISS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD, OPTIONS
accept-ranges
bytes
content-length
0
x-cache-hits
15, 0
usermatch
ssum-sec.casalemedia.com/ Frame 5C97
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
a36011222ccfe19db9773b0297dbf55fa32f88a963f7719935c50852bd1d0ede

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1864
Content-Type
text/html
Date
Tue, 18 Jul 2023 04:32:53 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Tue, 18 Jul 2023 04:32:53 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8FB1
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=53175
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 18 Jul 2023 04:32:53 GMT
expires
Tue, 18 Jul 2023 19:19:08 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame DBED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&verify=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hQ2YzVXJORTJ1THR3YURTOU93OUpQN0JYRXN6bFBkOH5B
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hQ2YzVXJORTJ1THR3YURTOU93OUpQN0JYRXN6bFBkOH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 18 Jul 2023 04:32:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
F24EP3TSGPQ2XN1MR457

Redirect headers

age
0
content-length
0
date
Tue, 18 Jul 2023 04:32:53 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1hQ2YzVXJORTJ1THR3YURTOU93OUpQN0JYRXN6bFBkOH5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.64
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 56C9
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
583 B
684 B
Document
General
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d3d5f785bb67d49cc2c3643e14c382fed307dfa11b012d37d20016ae628d966b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
359
content-type
text/html
date
Tue, 18 Jul 2023 04:32:53 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 18 Jul 2023 04:32:53 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 9E91
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8695301728596976653&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=8695301728596976653&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 18 Jul 2023 04:32:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
10QVZX69ADM4BH14HT6P

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
3b4094f7-e21f-47e7-aa64-cca214f3245a
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:32:53 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=8695301728596976653&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
103.254.153.226; 103.254.153.226; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 5309
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3740136503475865830517
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3740136503475865830517
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_pm-db5_n-vmg_n-MediaNet_ox-db5_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 18 Jul 2023 04:32:53 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
T326Q97X18Z52W79SQH1

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 18 Jul 2023 04:32:53 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3740136503475865830517
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
adview
securepubads.g.doubleclick.net/pagead/ Frame 19F9
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cpm5L8xW2ZKn3JsbEowPV54TID5Wc8MZxy_TLwqkRZBABIMjW9RlgnQGgAejG8MICyAEC4AIAqAMByAMIqgSQAk_QQEQOv0o7j0PG_PBcj7ZGJLTfE4r3TMymTAF5QCAYdgoqq5PLbaYKzUlPo-nSwHcXzIbVrMN_8ICN6mWK7tyYzTvFovaG-GFYpi33Us7PjfGsYZmZ5_fd3Rs7fn6SUa0D8Fvn0zptfy18zIx2Xu1X6DkXg_UrfX0WHk7yr-W6EEv8UlpMtDlZgiVDuSO4JXQN2kyAdfedHP8NCjJirzeSdPgKdoqrpUt8renlD0hZn7XCRnIc-VOmJIpUkpa8S_R8wjC0qyuMpXODqDaV2gFz8801P3tRyrEOBHmGAMn5zTBe1LABkJKi56vYoZo2iFgA7MHDk3L3QVrxIhCuos3uJ5HM0q2_1B31m-GY_GakwATg5oKypwTgBAGSBQQIBBgBkgUECAUYBKAGAoAHgLmPvQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCkxwjSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi05NTQyMTI2NDI2OTkzNzE0GJ7nFQ&sigh=8FAHqDqmZ2c&uach_m=[]&cid=CAQSLQBpAlJWQ3dKuscQSwcFKzsbePjC2gIsPXwYWP9CSzeAPPewzBuF_XsU_F-PThgB&cbvp=2
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c01::9c , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

vhs-plugin-nyt-analytics-a2cc762181398b2438c8.min.js
static01.nyt.com/video-static/vhs3/
26 KB
6 KB
Script
General
Full URL
https://static01.nyt.com/video-static/vhs3/vhs-plugin-nyt-analytics-a2cc762181398b2438c8.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
68e9a548a0bbc2ad0662101a9a3511db4611944e3c034f9232f3b3c6274d2add
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 19 Jun 2023 11:45:17 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
60455
x-guploader-uploadid
ADPycdv4KlNxHk6bnTv70a_1Q0EZPkNGfu7w_K0tibJGBZVk8Hvx8GvZDfgxmCFXez-BogihC-KekJsxTy18tMJuvBC3EuRzlDfz
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
video/vhs3
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
5722
x-served-by
cache-iad-kjyo7100071-IAD, cache-fra-etou8220080-FRA
last-modified
Fri, 21 Apr 2023 20:56:33 GMT
server
UploadServer
x-timer
S1689654774.782353,VS0,VE0
etag
"06af9692b81214598efa440e588e549a"
vary
Accept-Encoding
x-goog-generation
1682110593806093
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=wgmstw==, md5=Bq+WkrgSFFmO+kQOWI5Umg==
cache-control
public,max-age=60,s-maxage=604800
x-goog-stored-content-length
26888
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
62956, 645
ecm3
s.amazon-adsystem.com/ Frame 56C9
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=13dd99d8-27b9-8e40-8d09-f73b5ae29ecb
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1NE8FCC023DW7VAHGMDG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 56C9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0&gdpr_consent=
43 B
240 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=4b0be5a5-3b13-35ba-4d07-75ac32d1552b&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 56C9
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZLYV9cCo8XYAALianuoAAAAA
43 B
61 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZLYV9cCo8XYAALianuoAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Tue, 18 Jul 2023 04:32:53 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.254.153.226","key":"ZLYV9cCo8XYAALianuoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad397"}
X-SO-Key
ZLYV9cCo8XYAALianuoAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad397
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZLYV9cCo8XYAALianuoAAAAA
Cache-Control
private
X-SO-HostName
m-ad397.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
m-tgng18.dc4p.scaleout.jp
X-SO-IP
103.254.153.226
sd
jp-u.openx.net/w/1.0/ Frame 56C9
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWA9Ut6XBm1wks8AD7MOvTwm6s8AAAGJZ0XHtw
43 B
97 B
Image
General
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWA9Ut6XBm1wks8AD7MOvTwm6s8AAAGJZ0XHtw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 0305da8cb498bb3ce870f98e8dd1af0a.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWA9Ut6XBm1wks8AD7MOvTwm6s8AAAGJZ0XHtw
cache-control
no-cache
content-length
0
x-amz-cf-id
UIbAguYVQr0P8TGu3WA06g09l1kkOsEGgWtAMYlG0j_BwPbxaeykCA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 56C9
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Njc2NDM2NmYtZjI2NC02YjFlLTU4ZTctMmYxNWY4MzM5YjRi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 56C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKDBoeMWU9YMuJT2Ga41M8M&google_cver=1
43 B
171 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKDBoeMWU9YMuJT2Ga41M8M&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKDBoeMWU9YMuJT2Ga41M8M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
pnytimes.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://pnytimes.chartbeat.net/ping?h=nytimes.com&p=nytimes.com%2F&u=dWy-2iVO78B9AqMX&d=nytimes.com&g=16698&g0=Homepage&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=12626&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.nytimes.com%2F&b=3751&t=zJeMrCnpwOBo635vDIzCYQBHlq1b&V=140&i=The%20New%20York%20Times%20-%20Breaking%20News%2C%20US%20News%2C%20World%20News%20and%20Videos&tz=0&_acct=anon&sn=1&sv=C5QjOfBnmjsBcmc0sDOsC4KBtDHFU&sd=1&im=06672ff3&_
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.79.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-79-221.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 18 Jul 2023 04:32:54 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8FB1
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55354316&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
cafdd99fc21fc6409370730e54a746a5499c853b41eed1eac725b53be21712d6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 18 Jul 2023 04:32:53 GMT
content-length
1656
content-type
text/html; charset=UTF-8
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.14.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-14-255.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

style
accounts.google.com/gsi/
533 B
585 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eo1G47ZjujWx9bHqHMLaLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-eo1G47ZjujWx9bHqHMLaLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 18 Jul 2023 04:32:53 GMT
status
accounts.google.com/gsi/
40 B
527 B
XHR
General
Full URL
https://accounts.google.com/gsi/status?client_id=1005640118348-amh5tgkq641oru4fbhr3psm3gt2tcc94.apps.googleusercontent.com&as=KeBgrB%2FbbYNDFYJGKgHhGg
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c00::54 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
70022d0ac9af3ad82aca7d998570f70715e87927a541b1059f1c7011a7097d48
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FJVGPy6ACD4vCeYTaXZbAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FJVGPy6ACD4vCeYTaXZbAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.nytimes.com
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 0AC8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLYV9gABrY5hWAAN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 18 Jul 2023 04:32:54 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220101-FRA
x-timer
S1689654774.333198,VS0,VE93

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 18 Jul 2023 04:32:54 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZLYV9gABrY5hWAAN
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220101-FRA
x-timer
S1689654774.081157,VS0,VE92
ecm3
s.amazon-adsystem.com/ Frame 8507
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD0B7084A-866C-4B13-A97A-14019B69ECF7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 18 Jul 2023 04:32:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9GH20XQ84ANGY3XD7A8V
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8FB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0LcISoZsSxOpehQBm2ns9w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
184.51.240.213 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=53175
accept-ranges
bytes
content-length
5606
expires
Tue, 18 Jul 2023 19:19:08 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 8FB1
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D0B7084A-866C-4B13-A97A-14019B69ECF7
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D0B7084A-866C-4B13-A97A-14019B69ECF7
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=0eb7a94f-8108-4670-880d-fa04651f664c%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=0eb7a94f-8108-4670-880d-fa04651f664c%2C%2C
95 B
123 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=0eb7a94f-8108-4670-880d-fa04651f664c%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&ttd_puid=0eb7a94f-8108-4670-880d-fa04651f664c%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
qmap
sync.crwdcntrl.net/ Frame 8FB1
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=&ct=y
49 B
545 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
54.251.17.22 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-17-22.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.42.14.100
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.42.9.5
content-length
0
expires
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 8FB1
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=D0B7084A-866C-4B13-A97A-14019B69ECF7&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D0B7084A-866C-4B13-A97A-14019B69ECF7&sInitiator=external&gdpr=0&gdpr_consent=
42 B
220 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=D0B7084A-866C-4B13-A97A-14019B69ECF7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

uip-response-status
FallbackResponse
date
Tue, 18 Jul 2023 04:32:28 GMT
frontend-id
0
content-length
42
routing-server-id
1
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:28 GMT
frontend-id
0
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=D0B7084A-866C-4B13-A97A-14019B69ECF7&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8FB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDBCNzA4NEEtODY2Qy00QjEzLUE5N0EtMTQwMTlCNjlFQ0Y3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 18 Jul 2023 04:32:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8FB1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOxsXatKCLM5jBhgfUOedok&google_cver=1
42 B
299 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOxsXatKCLM5jBhgfUOedok&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 18 Jul 2023 04:32:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEOxsXatKCLM5jBhgfUOedok&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 8FB1
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2268D34E7E594BC5ACFB75E1E589DEDF
42 B
330 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2268D34E7E594BC5ACFB75E1E589DEDF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 18 Jul 2023 04:32:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 18 Jul 2023 04:32:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:2268D34E7E594BC5ACFB75E1E589DEDF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 17 Jul 2023 04:32:54 GMT
D0B7084A-866C-4B13-A97A-14019B69ECF7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 8FB1
43 B
603 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D0B7084A-866C-4B13-A97A-14019B69ECF7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2406:da18:929:5a03:6501:163c:2f11:2df9 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 8FB1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
42 B
115 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 18 Jul 2023 04:32:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=98af1fc2-8102-40d4-a5ef-80b83bff2676&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
usermatchredir
ssum-sec.casalemedia.com/ Frame 5C97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEODS3fxDfEE1w6wqvk-fQpI&google_cver=1
43 B
766 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEODS3fxDfEE1w6wqvk-fQpI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEODS3fxDfEE1w6wqvk-fQpI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5C97
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6RQSX23GKDV40R4KQ1EV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5C97
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&expiration=1692246773&gdpr=0&gdpr_consent=
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&expiration=1692246773&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=98af1fc2-8102-40d4-a5ef-80b83bff2676&expiration=1692246773&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 5C97
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZLYV9bNZeeuZO.7ZaD2iKwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEQtEcHcwHsSRyW3LlnFsnQ&google_cver=1&google_hm=2
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEQtEcHcwHsSRyW3LlnFsnQ&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEQtEcHcwHsSRyW3LlnFsnQ&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5C97
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RNaxqJVvWzNMwq1Ts5lo5mf-meI
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RNaxqJVvWzNMwq1Ts5lo5mf-meI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=RNaxqJVvWzNMwq1Ts5lo5mf-meI
Date
Tue, 18 Jul 2023 04:32:54 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5C97
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
2406:da18:929:5a03:6501:163c:2f11:2df9 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB
date
Tue, 18 Jul 2023 04:32:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
demconf.jpg
dpm.demdex.net/ Frame 5C97
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZLYV9bNZeeuZO.7ZaD2iKwAA%264736?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZLYV9bNZeeuZO.7ZaD2iKwAA%264736
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZLYV9bNZeeuZO.7ZaD2iKwAA%264736
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
52.33.228.203 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-228-203.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v046-0a3e2e7da.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/oM5pK8LRE8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v046-09f2bf2df.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
dSin5VlTRZA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZLYV9bNZeeuZO.7ZaD2iKwAA%264736
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 5C97
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4699845187637072123&gdpr=0&gdpr_consent=
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4699845187637072123&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4699845187637072123&gdpr=0&gdpr_consent=
date
Tue, 18 Jul 2023 04:32:53 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 5C97
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZLYV9bNZeeuZO-7ZaD2iKwAAEoAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NDG5V23770DQ177WS7SJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
65568.js
cdn.brandmetrics.com/scripts/bundle/
53 KB
16 KB
Script
General
Full URL
https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4842 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd53d53dae8cdbe7a57eb72f1a7ebffb60dc52573408f833277b7d2951d48fb9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:53 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 18 Jul 2023 04:05:28 GMT
server
cloudflare
age
1645
cf-polished
origSize=55059
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TepTZzOC5DR39jirV0SOnqlG1TlyW%2FzJYkTHPz%2FzSENOqUVNk6FU19jZfzIYcYYLLFdPC2GkbEnwefNN3Byg%2BRY%2FU3hz55nm2oO88JalSpnKJOx0wWNQpwOH9iyApv9NynXPQIa27z2WlToJk2zDER0Z"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7e8800e00b004d8e-SIN
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
17ukraine-briefing-crimea-bridge-gtwq-threeByTwoSmallAt2X-v2.jpg
static01.nyt.com/images/2023/07/17/multimedia/17ukraine-briefing-crimea-bridge-gtwq/
51 KB
51 KB
Image
General
Full URL
https://static01.nyt.com/images/2023/07/17/multimedia/17ukraine-briefing-crimea-bridge-gtwq/17ukraine-briefing-crimea-bridge-gtwq-threeByTwoSmallAt2X-v2.jpg
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.164 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3a2efde7de9e2a15b485f2a3e5602034227cf8ac1de5e23d5b9ad2464c8236a6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; preload; includeSubdomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Mon, 17 Jul 2023 14:06:13 GMT
date
Tue, 18 Jul 2023 04:32:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; preload; includeSubdomains
age
52000
x-guploader-uploadid
ADPycdt9Bp0Y_B_gXLyfI22Ilod44uCcTKFJ7lrKUZWF4MCKWIqUuH857IhCO-2fY3WpgS2ZzphHmkMs5hk24ZwMPKsWV0rX6_yM
x-cache
MISS, HIT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
52035
x-served-by
cache-iad-kiad7000169-IAD, cache-fra-etou8220080-FRA
last-modified
Mon, 17 Jul 2023 14:06:08 GMT
server
UploadServer
x-timer
S1689654774.867812,VS0,VE0
etag
"0605f27483cf2fac6b683c15a901ab82"
x-goog-generation
1689602768900095
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=xmKiOQ==, md5=BgXydIPPL6xraDwVqQGrgg==
cache-control
max-age=604800; stale-if-error=86400; stale-while-revalidate=30, public
x-goog-stored-content-length
52035
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0, 9
c.js
collector.brandmetrics.com/
0
188 B
Script
General
Full URL
https://collector.brandmetrics.com/c.js?siteid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com&rnd=8642984
Requested by
Host: cdn.brandmetrics.com
URL: https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=4486dfe2-780e-4dfa-a60a-2a948887658f&toploc=www.nytimes.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.2 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Request-Context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
Date
Tue, 18 Jul 2023 04:32:53 GMT
Content-Length
0
Content-Type
text/javascript;charset=utf-8
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.14.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-14-255.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 19F9
42 B
404 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuIvkS6Gy2E8tcwclL80xjQ-gekM0zF03yQHCAs-frCn6NyA2ZS6jb_ci3sIB3rlVWUoIiwFkuAqF9FhGePkioW4CgvJzsJcVtN0adQoWS7oQyzVF_coZrog_D43-jpK5_44qLjXnS4w&sai=AMfl-YTHTHeIYgysgtj1TyidsC2Sy1G8tsswlUu4qcSGiIMhUIdmOZml6_Htq84kF_Ig5G2fP-leMamXbm4bZ05jNVF4teWa0vjoegWDzC2G&sig=Cg0ArKJSzIFLeTeqmW-lEAE&cid=CAQSLQBpAlJWQ3dKuscQSwcFKzsbePjC2gIsPXwYWP9CSzeAPPewzBuF_XsU_F-PThgB&id=ampim&o=315,15&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=1534&tls=2534&g=100&h=100&tt=2534&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
.status
a.et.nytimes.com//
0
0
Fetch
General
Full URL
https://a.et.nytimes.com//.status
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.14.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-14-255.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept
*/*
Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
text/plain;charset=UTF-8

Response headers

sodar
pagead2.googlesyndication.com/getconfig/
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a537b6649543b696a6425c0a9f1dc05093226d90a87ebec93d48559ab548cf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11876
x-xss-protection
0
loader.js
platform.iteratehq.com/
1 KB
1 KB
Script
General
Full URL
https://platform.iteratehq.com/loader.js
Requested by
Host: href.li
URL: https://href.li/?https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02e2cd2602a58e40072eb3413408e618dcd43ca4767c1a62ff39b00fe6b4bf19
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:54 GMT
x-amz-version-id
hPl0XrxCioH_Mgdy2C2.tDUyX4Rw8pl.
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
x-amz-request-id
5FN51W58W207H7W2
age
32
x-amz-server-side-encryption
AES256
x-amz-id-2
HXq3J1qQR6Y+Wa+ezbw8+X3wrQ74EFvbsiMQwlS5FsVLJHNG1ivfrGXYT96ho+1wCt3oFRlxbRY=
last-modified
Thu, 13 Jul 2023 16:07:32 GMT
server
cloudflare
etag
W/"8bb7823b057f2f225482f424463f380e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0K6jG8DB0SHnT2qKBDKMvoAt74PSscbfUAtn54n%2FPXr9mcHcq4yQB6DSTw57n6GKMR7RZDOuxqJ5uQ3KxBSDEZD4zxfaivGZ1j%2B73YOXAb8O%2BFG4FP3pEpCMH87B%2BA%2BA2ItqdyZlr4toueVd5Iy%2FNJQI0c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
7e8800e6281c4035-SIN
cs.js
sb.scorecardresearch.com/internal-c2/3005403/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/3005403/cs.js
  • https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
0
382 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/3005403/cs.js
Protocol
H2
Server
65.8.11.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-11-90.kul50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 00:51:06 GMT
via
1.1 f55d5e5ea90ce0d90f4f85a890af210c.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:36 GMT
server
AmazonS3
x-amz-cf-pop
KUL50-C2
age
13336
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
ps7EYWyxz87j0914IXUKfGYjUCt-JAPo8Fk201D5LoPAmzvUNEKJ1w==

Redirect headers

date
Tue, 18 Jul 2023 04:32:54 GMT
via
1.1 f55d5e5ea90ce0d90f4f85a890af210c.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
KUL50-C2
x-cache
Miss from cloudfront
location
/internal-c2/3005403/cs.js
content-length
0
x-amz-cf-id
KV7VqFQZZkbLKZpKv2BHAXGtVZ-z9OoKmffCH1Nlfs0FSxSzxqWKkg==
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Jul 2023 04:32:54 GMT
match-prod-0e9ef30e92e757a9873f.js
platform.iteratehq.com/
85 KB
30 KB
Script
General
Full URL
https://platform.iteratehq.com/match-prod-0e9ef30e92e757a9873f.js
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ecfb409c16fd507165dcc6af7df6779167626f4efeb77f912cde4a3e1c0e81
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:54 GMT
x-amz-version-id
vebvs2ydsUw2iIzkts42SN.UB2RIGvUK
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0; includeSubDomains
x-amz-request-id
EVJY6WCV3X3VXVM3
age
390164
x-amz-server-side-encryption
AES256
x-amz-id-2
Bi4jiY03yZBdZZHBHPfUKqCWJ2BE4VVIykyKtudCQG4S6OCxVQY/EArsww76q0FD9i8L4peE8CE=
last-modified
Thu, 13 Jul 2023 16:07:30 GMT
server
cloudflare
etag
W/"e8358d0b0c82c212f24288c557875b27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7byOLh45AwBIv9BOWDomKIgiyEJ86ohM0cCWrHAjpGDY371tT3QForFimNld4rrxTYyyxy5ue25TdzIW8CHIeaDU0kP5%2FnkG5obA4cOO5t%2B%2F2oUbquk0dgoxeGVuPfD9I6FoMpo7wr3CCtplud91Xr%2FLx4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7e8800e638364035-SIN
embed
iteratehq.com/api/v1/surveys/ Frame
0
0
Preflight
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
7e8800e67f4891b7-SIN
content-length
0
date
Tue, 18 Jul 2023 04:32:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wmo8AW9cYEZSPkcs0QeUHvCysFjWT5P0PttuU%2F1a%2BdMYNYqvfMmzImHOhvqPCntUIQEmSFBQGBOpOpx9FAd018uZSeEbUHitXO%2FpCSAhoGzSQ1U4ZGu5iS1iGrKBgOAssPwi9YKGJTfbi0c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
embed
iteratehq.com/api/v1/surveys/
298 B
549 B
Fetch
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-0e9ef30e92e757a9873f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01f09568a2cab0f382006fa76dc34f60b96263764e5efca7bb17ac072ebf9a2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNTQ0MTI5MzQxfQ.UI13nEXGs0udbZxhjyFLruAEed42XwFO4fZlCqOgY1o
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jul 2023 04:32:55 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYFU6Vez0EWNxcDzjqfsDpcWsgsbBU1kaAxT06x9z9mZDax6ZzN9ZkcMPzK4T7Vya6DQsq3lRS27ERVRvOFWl2%2BYrKOPyH9lsk2KyvIBC%2FGUJvyXbnP0Uc4XHrJwIJd4l4ZypGV4soW8cJc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7e8800e9bc5c91b7-SIN
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F650
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ranges
bytes
age
46405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 17 Jul 2023 15:39:29 GMT
expires
Tue, 16 Jul 2024 15:39:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0255
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c0f::68 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a95d0ba770e5be7ed5ffbbbfcaba0ad46aead8bd39fa359cb96263bc56bb1699
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-D-ZGFJ5ddXEXg7us7dAQjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nytimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-D-ZGFJ5ddXEXg7us7dAQjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 04:32:54 GMT
expires
Tue, 18 Jul 2023 04:32:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
pagead2.googlesyndication.com/bg/ Frame F650
37 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c02::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14789
x-xss-protection
0
last-modified
Mon, 03 Jul 2023 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jul 2024 04:29:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0255
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307120101&jk=2926828148306979&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame F650
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?LNHMrw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::84 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307120101&jk=2926828148306979&bg=!NTalNmLNAAa3SiIRl0o7ADkAdvg8WvSiDjJ8KBGE_CTX-Q5C8eYC32_hn51UGdD4DEfWylSF8hk-q_o5cZymfguAaLnJsi47GxkCAAAAUFIAAAAHaAEHCgBigofOKt8EwtoqFBbsSxkgK09MuRchUCTzBlefOZPeUSDhMMToRyfFxllEnW3Y9DG46A9Lj4duBvc9865eQ2YQewMJ2NR_z5tPg84Bc3lqoV89m7lsKheR0IgtEEPqE_KeeS2ZApxB0F7AMZkrcDbL_RdLCc7U1RKbhN5cFcLJMMa6mPZyL-b2MYyJFBa9KszsQnSwtCb7Sr45cCwKqaZbImZ8qetd6RMXg6Fvh6B8M5XNbHTWNV-ns8NDm3PlgDXiwBurrFkZdM6Dn4cNWMec3_F32fOc9nVZERwMrdGOTPTPz00tu44XjjpRueOvdRbDzdYA6Lj5dnzXbOiOycDfU_A_f6ianbQqIapTR4SpcoVtH5on8vOh_bOJ0sn1Sd8J6lDNW56X5v2k0QeUW3Fb9MHM18nRW--C4Splg48PNWss31xw1nx0IXfYt9vGDRZFSNtwMQNEF4YNOXrm7ScNEhijHLrqgdFJ0AWZ1cPYY_lHVUWmitzxIvMH7537l1AYUO0LeNdFalzlvU_zOXq8zmwLsHi0CtfaHwVKU_R04iI34hhSUWVgA7Vis7nMU5QICfhThhVv0eSoJnW51X7HXRwTqe9cBIJwxhjaHWFHxPOPLq3Fc42hi2ftmQfOGImT-b7KegC-sVB5-mRhcNkdJbLhPiDLCeZCFsxB6sFIrnKxmZj7ND8Kc_4k7JnFHIoX7CM4twF0vhaQcnsOeVkNTlnmZ5DnhzMsxFOLgyO-yOVJdPEO-lzeLPvVNWTXqS56jHYnt_O5JzikfDob0cXouCgk8wu30TH_XkMcBlgS3CYjq6744CPgo6DYGQjtxWyI4IayXPQX5BKq2Lap5Mzn3xrr7X7FjFSsb19iMyQiuh0zJ2gt7kEkwEg7Dp_3LEpuPZl7ArU3R5zz4ciC5Rv0GzH3y7SxUS7hSHxGsDeSkl8xqhwca_wH0THPfnKhM20w6QtpLvzoqwSTAJNQAVfICrl_HnFzisQS2EfpxqcHeeHz79JvQ4ooRIxSiH8RUwXDtw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4003:c02::9a , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

embed
iteratehq.com/api/v1/surveys/
64 B
363 B
Fetch
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Requested by
Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-0e9ef30e92e757a9873f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NGI2MTVmNzM2MzIxNjAwMDE4OTRlM2YiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjg5NjU0Nzc1fQ.k5GbZi1inEcE1Cp86wIiJ6bWKC9pX8vJ4dCMsiC0OAY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Jul 2023 04:32:56 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eb5f1l9qVCQdSSkXYDaXOgmTK1KutZAKmPgglptuDV2lggfbueFFJc2JP9p3XO2QI4I0XICZDCn0aIt0oKVEKTL6i%2BVunZUsAhELzlBty7QTqrT3KWTnnrPPzVoeqnRWt2Syo0fqJCloy1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7e8800ed191791b7-SIN
embed
iteratehq.com/api/v1/surveys/ Frame
0
0
Preflight
General
Full URL
https://iteratehq.com/api/v1/surveys/embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.nytimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
7e8800eb6ea091b7-SIN
content-length
0
date
Tue, 18 Jul 2023 04:32:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KjbruhjMm9NVypMhfkk5VzDnqGloh7tp8m0SWn9%2BVnK62oy%2FnE6K0GqJCdYsnIne8GzUCMgPMVxJLBsrnhTHBk0BjXvkm5rpF86rYbPyqDiUlQyNjdJQW%2FXbbqUK9YghDbQb%2FBWNlkcnvw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
SPug
simage4.pubmatic.com/AdServer/ Frame 8FB1
0
261 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
cs.media.net/
60 B
426 B
Image
General
Full URL
https://cs.media.net/cksync.php?cs=8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:56 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
60
x-mnet-hl2
E
Expires
Tue, 18 Jul 2023 04:32:56 GMT
cksync.php
contextual.media.net/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=e7f553f4-eb82-4bfe-af53-caa62fbd0ef6
61 B
623 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=e7f553f4-eb82-4bfe-af53-caa62fbd0ef6
Protocol
H2
Server
23.72.44.21 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 04:32:56 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Tue, 18 Jul 2023 04:32:56 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:55 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=e7f553f4-eb82-4bfe-af53-caa62fbd0ef6
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
815490
content-length
0
expires
Tue, 18 Jul 2023 00:00:00 GMT
cksync.php
contextual.media.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=ca07384b-66a2-4fb9-a981-d6bfe726bf33&google_hm=Y2EwNzM4NGItNjZhMi00ZmI5LWE5ODEtZDZiZmU3MjZiZjMz
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMiUbzremjj55F2wOe3Iuy4&google_cver=1&ssp=medianet&bsw_param=ca07384b-66a2-4fb9-a981-d6bfe726bf33
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=&gdpr_consent=&gdpr_pd=
61 B
472 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
23.72.44.21 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 18 Jul 2023 04:32:56 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Tue, 18 Jul 2023 04:32:56 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 18 Jul 2023 04:32:56 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pd
nytimes-d.openx.net/w/1.0/
43 B
114 B
Image
General
Full URL
https://nytimes-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=98af1fc2-8102-40d4-a5ef-80b83bff2676&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=98af1fc2-8102-40d4-a5ef-80b83bff2676&dongle=0cfd&gdpr=0&gdpr_consent=
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 18 Jul 2023 04:32:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=98af1fc2-8102-40d4-a5ef-80b83bff2676&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
cksync.php
cs.media.net/
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_
  • https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=sIyri1vd1QlCoo5
61 B
639 B
Image
General
Full URL
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=sIyri1vd1QlCoo5
Protocol
HTTP/1.1
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:56 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
61
x-mnet-hl2
E
Expires
Tue, 18 Jul 2023 04:32:56 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:56 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-783-g46ba6fe#rel-ec2-master i-0e77206c36595f110@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=sIyri1vd1QlCoo5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
cs.media.net/
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovsid%3D%24UID
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=35221be521862072&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Dcon%26ovs...
  • https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAANN0ZLoEX0IwMyQmzkAAAAAAA&expiration=1689741176&is_secure=true
61 B
651 B
Image
General
Full URL
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAANN0ZLoEX0IwMyQmzkAAAAAAA&expiration=1689741176&is_secure=true
Protocol
HTTP/1.1
Server
96.17.188.24 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-188-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://www.nytimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 18 Jul 2023 04:32:56 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
61
x-mnet-hl2
E
Expires
Tue, 18 Jul 2023 04:32:56 GMT

Redirect headers

pragma
no-cache
date
Tue, 18 Jul 2023 04:32:56 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cs.media.net/cksync.php?cs=8&type=con&ovsid=AAANN0ZLoEX0IwMyQmzkAAAAAAA&expiration=1689741176&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 8FB1
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10879585&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.81 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
233632416729ef588cbf0997cd2e969ab7d33c4008405055a0000bd3134a6b5b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 18 Jul 2023 04:32:56 GMT
content-length
1357
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 98C7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=
35 B
591 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 18 Jul 2023 04:32:57 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 18 Jul 2023 04:32:57 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=D0B7084A-866C-4B13-A97A-14019B69ECF7&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 41BF
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054392889098014
42 B
275 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054392889098014
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 18 Jul 2023 04:32:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 18 Jul 2023 04:32:57 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1974054392889098014
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame A0B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8695301728596976653&gdpr=0&gdpr_consent=
42 B
219 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8695301728596976653&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 18 Jul 2023 04:32:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7ad8c1c0-4b5b-4127-9b5c-60cf35c6d556
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:32:56 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8695301728596976653&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
103.254.153.226; 103.254.153.226; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 0D93
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm
42 B
420 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 18 Jul 2023 04:32:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 18 Jul 2023 04:32:56 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame B28A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 18 Jul 2023 04:32:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 18 Jul 2023 04:32:56 GMT
expires
Tue, 18 Jul 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
657172
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
ecm3
s.amazon-adsystem.com/ Frame 3F93
43 B
479 B
Document
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDD0B7084A-866C-4B13-A97A-14019B69ECF7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 18 Jul 2023 04:32:56 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
HANVAS45PKF55FX6F54P
458249.gif
idsync.rlcdn.com/ Frame 8FB1
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=D0B7084A-866C-4B13-A97A-14019B69ECF7
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEQwQjcwODRBLTg2NkMtNEIxMy1BOTdBLTE0MDE5QjY5RUNGNxAAGg0I-KvYpQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=deb7e94cfa78d6ec0380e1923d16b1a4e9df6ebc4fc1de256f1bf7b78dc6038c791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBkZWI3ZTk0Y2ZhNzhkNmVjMDM4MGUxOTIzZDE2YjFhNGU5ZGY2ZWJjNGZjMWRlMjU2ZjFiZjdiNzhkYzYwMzhjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBkZWI3ZTk0Y2ZhNzhkNmVjMDM4MGUxOTIzZDE2YjFhNGU5ZGY2ZWJjNGZjMWRlMjU2ZjFiZjdiNzhkYzYwMzhjNzkxNDI2YjU0MTdkY2UyMRAAGgwI-avYpQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=2720082a-206a-4e12-a086-ee71cb7f2537
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=2720082a-206a-4e12-a086-ee71cb7f2537
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=2720082a-206a-4e12-a086-ee71cb7f2537
date
Tue, 18 Jul 2023 04:32:57 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 8FB1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=47f725cb-3e72-4735-a160-b5f60058a1ef&expires=1&user_group=2&ssp=pubmatic&bsw_param=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
185 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 18 Jul 2023 04:32:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ca07384b-66a2-4fb9-a981-d6bfe726bf33&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Tue, 18 Jul 2023 04:32:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
SPug
image4.pubmatic.com/AdServer/ Frame 8FB1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D0B7084A-866C-4B13-A97A-14019B69ECF7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D7ewHoFE2uVO39e38.iHuUcfJEWpQjU-~A&gdpr=0
0
129 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D7ewHoFE2uVO39e38.iHuUcfJEWpQjU-~A&gdpr=0
Protocol
H2
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-D7ewHoFE2uVO39e38.iHuUcfJEWpQjU-~A&gdpr=0
date
Tue, 18 Jul 2023 04:32:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.14.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-14-255.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

SPug
simage4.pubmatic.com/AdServer/ Frame 8FB1
0
129 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 04:32:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track
a.et.nytimes.com/
0
0
Ping
General
Full URL
https://a.et.nytimes.com/track
Requested by
Host: www.nytimes.com
URL: https://www.nytimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.226.14.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-14-255.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.nytimes.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| event boolean| credentialless object| onbeforetoggle object| onscrollend number| viHeadScriptSize object| NYTD object| vi boolean| hybrid function| initWebview function| nyt_et object| UnifiedTracking function| Abra object| swgUserInfoXhrObject object| dataLayer object| userXhrObject function| userXhrRefresh object| _interactiveRegistry function| registerInteractive function| getInteractiveBridge function| onInitNativeAds object| webpackJsonp object| adClientUtils object| googletag object| AdSlot4 object| grumi object| apstag object| __preloadedData object| _aps boolean| apstagLOADED object| apscustom string| sov object| AdSlot object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| gaGlobal string| slotElement object| pbjsChunk object| pbjs object| mnet object| regeneratorRuntime function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet object| __SECRET_LIGHTS__ boolean| canTrackPerformance object| google_tag_manager object| nytAnalytics string| ddjskey object| ddoptions boolean| VHS_PLAYER_DEPS_LOADING boolean| NYT_VI_RENDERED boolean| initialDeviceTypeResizeCallback object| selection function| _0x4860b6 object| _0x71b1dd object| _0x9fb528 object| _0x5a010d function| _0x4a2f object| _0x1e58e9 object| _0xb521b6 object| _0x360167 object| _0x24fe77 function| _0x3057 object| _0x18e046 object| _0x267338 boolean| dataDomeProcessed object| dataDomeOptions boolean| DataDomeCaptchaDisplayed boolean| hasStoppedMeasuringUserStateRequest object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AIQ_DATA object| regex object| _sf_async_config object| _cbq number| _sf_endpt object| firstScript object| cbScript object| webpackJsonpVHS function| __VHS__ function| VHS boolean| hasStoppedMeasuringMessageSelectionRequest object| meter object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| default_gsi object| google object| closure_lm_249713 object| __G_ID_CLIENT__ boolean| adBlockDetected object| ns_ object| brandmetrics function| __spreadArray object| _brandmetrics boolean| hasStoppedMeasuringOfferPresentationRequest object| iterateSettings string| IterateObjectName function| Iterate string| subscriberInfo string| uType string| eduSubscriber string| userType string| surveyTriggerCookie object| params object| GoogleGcLKhOms function| setImmediate function| clearImmediate undefined| Raven object| google_image_requests

110 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgkIOhCEope6ljE=
m.paypal.theone-entertainment.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImoySi8yUDZXWUlSTSs5bCtWaDBaQXc9PSIsInZhbHVlIjoiSm5sVHFjOCt3ZTEwdEpMRjZLcG0wSUVJLzJLcktuM0F1eTU4ekkrVFA4YXpBdEF5Y1FJQXo5VVUvNWNLUlVoY3VoZ29nQ0FJcFJraUE5ZVEyR2trdWl3QlR0MytPUDhCRjZoTGEzMmRYWXdvRTI2ZmNhOGJCQ1VTVWxiL21Say8iLCJtYWMiOiI0OWE4Y2U2Y2FlZDA2M2M3NzQyNTYyYTNlMzM5ZWVhZjY5NmE4MTUyNGRlMTM0ZDBlMzUyMGZmMDM0NzMxZDI4In0%3D
m.paypal.theone-entertainment.com/ Name: laravel_session
Value: eyJpdiI6IjRRQ3Z2QWNvbEZEVjduQVZrZlNKU0E9PSIsInZhbHVlIjoiODdJUTBPeHJ5NnJtU2pGWDJTcnlwNHBzWXp5TnZaNXdwQldtQm92YTRqelpaNzJWN3FYSUpmZndFTVg3UlZkUWQvdHhJZzJMTW11d1JEbUc2Kyt4c0lNK0tyVVBTZnlsdlc4a1JSSjByRldUTTlpcnExM3VBOXhaUmlqVStjYksiLCJtYWMiOiI0ZWUwY2NkMjdkODVmMjdjMjE5NjZkNzAwMGZhZGNjOWEyNWIzNDI3MzUyYmI0NzhlYWMyNTA0NWQ0N2JhNzk5In0%3D
.nytimes.com/ Name: nyt-a
Value: thMiTivLk0kOKouC5ZlvPx
.nytimes.com/ Name: nyt-gdpr
Value: 0
.nytimes.com/ Name: nyt-purr
Value: cfhhcfhhhckfhcfs
.nytimes.com/ Name: nyt-geo
Value: SG
.nytimes.com/ Name: nyt-b3-traceid
Value: da9230fbbf9f4feb981369f50637f0fb
.et.nytimes.com/ Name: sessionActive
Value: true
.et.nytimes.com/ Name: sessionIndex
Value: 1|1689654771661|thMiTivLk0kOKouC5ZlvPx|1689654771661
.et.nytimes.com/ Name: et-ppvid
Value: https://www.nytimes.com/=RkzADI-K_5U5KOk9Xtckzn4V
.nytimes.com/ Name: __gads
Value: ID=25cc631011cbca98:T=1689654771:RT=1689654771:S=ALNI_MYScTmUvjKo34gYSe-rPxKH5Ax9kQ
.nytimes.com/ Name: __gpi
Value: UID=00000c21c266fb35:T=1689654771:RT=1689654771:S=ALNI_MYeBOzFesayqWYd8TfjTHCSyxV5rg
.scorecardresearch.com/ Name: UID
Value: 143868c9704b3da903bab9d1689654772
.adnxs.com/ Name: icu
Value: ChgIkbx3EAoYASABKAEw9KvYpQY4AUABSAEQ9KvYpQYYAA..
.adnxs.com/ Name: uuid2
Value: 8695301728596976653
.rubiconproject.com/ Name: khaos
Value: LK7STQE5-2-43J1
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJYcSa3DsWvhGHpDPrT40mPuNe9KgcK9NSwzJX7nV1bkmTFA96Z9YN1FCk82AJz/nLKLRefRouw4SYbB5SW5XQ3NEsL7BcpsSwijy0RC4Zd8Ri5j99IjSR+
.amazon-adsystem.com/ Name: ad-id
Value: A9H_pi8UrEz-mN_4TDLgw9w
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.nytimes.com/ Name: purr-cache
Value: <K0<r<C_<G_<S0<a0
a.nytimes.com/ Name: jkidd-s
Value: referrer=&landing=&start=1689654772910&isNew=1&pageIndex=1
a.nytimes.com/ Name: jkidd-p
Value: prevPage=&currPage=
.nytimes.com/ Name: b2b_cig_opt
Value: %7B%22isCorpUser%22%3Afalse%7D
.nytimes.com/ Name: edu_cig_opt
Value: %7B%22isEduUser%22%3Afalse%7D
.nytimes.com/ Name: nyt-jkidd
Value: uid=0&lastRequest=1689654772910&activeDays=%5B0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C1%5D&adv=1&a7dv=1&a14dv=1&a21dv=1&lastKnownType=anon&newsStartDate=&entitlements=
.www.nytimes.com/ Name: datadome
Value: 0Fd0IalDMRQW96SiYXm9U25haj2scIAaz1NITmdIl8GANRU5h_5reYZcmywvlp-br~2JTfVge9L4cbd5kM4FNcrlasRDLdGAs_qr8GObs2NdFZ9vFJS~6A2RJaZeLD5n
.nytimes.com/ Name: _gcl_au
Value: 1.1.1112226155.1689654773
.doubleclick.net/ Name: IDE
Value: AHWqTUkQXAVWcb6uZtlOu7v6TZvRxgBLrzVazSYOME5yxgnhfqSbkveTATb8FgI0CJk
.3lift.com/ Name: tluid
Value: 3740136503475865830517
.openx.net/ Name: i
Value: 98a7dafc-9294-0a4d-17d1-bd4456f666d6|1689654773
.yahoo.com/ Name: A3
Value: d=AQABBPUVtmQCECYkyuYkZLvzcfD0n_Mg4x0FEgEBAQFnt2S_ZK9E8HgB_eMAAA&S=AQAAAtOFur3hSKarrN5sUqRtzkQ
.openx.net/ Name: pd
Value: v2|1689654773|jElYiuvOhI
.adsrvr.org/ Name: TDID
Value: 98af1fc2-8102-40d4-a5ef-80b83bff2676
.openx.net/ Name: univ_id
Value: 537072971|98af1fc2-8102-40d4-a5ef-80b83bff2676|1689654773560577
.nytimes.com/ Name: _cb
Value: dWy-2iVO78B9AqMX
.nytimes.com/ Name: _chartbeat2
Value: .1689654773588.1689654773588.1.C5QjOfBnmjsBcmc0sDOsC4KBtDHFU.1
.nytimes.com/ Name: _cb_svref
Value: null
.nytimes.com/ Name: _v__chartbeat3
Value: BKo0ZdDQ5TShhr9rI
.ladsp.com/ Name: cr
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D0B7084A-866C-4B13-A97A-14019B69ECF7
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-98af1fc2-8102-40d4-a5ef-80b83bff2676&KRTB&22918-98af1fc2-8102-40d4-a5ef-80b83bff2676&KRTB&23031-98af1fc2-8102-40d4-a5ef-80b83bff2676
.casalemedia.com/ Name: CMID
Value: ZLYV9bNZeeuZO.7ZaD2iKwAA
.casalemedia.com/ Name: CMPS
Value: 4736
.casalemedia.com/ Name: CMPRO
Value: 4736
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEOxsXatKCLM5jBhgfUOedok&KRTB&16514-CAESEOxsXatKCLM5jBhgfUOedok&KRTB&23025-CAESEOxsXatKCLM5jBhgfUOedok&KRTB&23386-CAESEOxsXatKCLM5jBhgfUOedok
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 75d1363816047c67f8312f2c7239e453
.ladsp.com/ Name: smn_uid
Value: pLqUS-WpKWWoyuOOUOZtDg-zDr08Juo
.ladsp.com/ Name: lum
Value: CLePl7qWMRIFCAMQ0AU
.tapad.com/ Name: TapAd_TS
Value: 1689654773720
.tapad.com/ Name: TapAd_DID
Value: 0eb7a94f-8108-4670-880d-fa04651f664c
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjg5NjU0NzczfQ
.media.net/ Name: visitor-id
Value: 3326563733878670000V10
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4780
.smartadserver.com/ Name: pid
Value: 4699845187637072123
.simpli.fi/ Name: suid
Value: 2268D34E7E594BC5ACFB75E1E589DEDF
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:2268D34E7E594BC5ACFB75E1E589DEDF&KRTB&23489-uid:2268D34E7E594BC5ACFB75E1E589DEDF
.semasio.net/ Name: SEUNCY
Value: 435C693543E6A8AF
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZLYV9gABrY5hWAAN
.demdex.net/ Name: demdex
Value: 86371416800028435990143416804611646160
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-44d6b1a8-956f-5b33-4cc2-ad53b39968e6.AbxT2%2BA41xIBrFlsp3lrrDgv8DvZxhT7Ucto8FCKYQM
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-44d6b1a8-956f-5b33-4cc2-ad53b39968e6.AbxT2%2BA41xIBrFlsp3lrrDgv8DvZxhT7Ucto8FCKYQM
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ARNaxqJVvWzNMwq1Ts5lo5mf-meI.WetFvGxQ3Um34KBe18Ui7VEESFZ14TU2hYxKdpdEHho
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ARNaxqJVvWzNMwq1Ts5lo5mf-meI.WetFvGxQ3Um34KBe18Ui7VEESFZ14TU2hYxKdpdEHho
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIC3vSA0cpseYo_a-VZLhyvG2Rs1YV50HfXhNw5svYeVcEHwYBCD2q9ilBjABOgQUeniFQgT10jF6.N0EbF3SfwleXhEz%2BqLaaDTeYTqd9NOnC68EWohar698
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIC3vSA0cpseYo_a-VZLhyvG2Rs1YV50HfXhNw5svYeVcEHwYBCD2q9ilBjABOgQUeniFQgT10jF6.N0EbF3SfwleXhEz%2BqLaaDTeYTqd9NOnC68EWohar698
.dpm.demdex.net/ Name: dpm
Value: 86371416800028435990143416804611646160
.nytimes.com/ Name: iter_id
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NGI2MTVmNzM2MzIxNjAwMDE4OTRlM2YiLCJjb21wYW55X2lkIjoiNWMwOThiM2QxNjU0YzEwMDAxMmM2OGY5IiwiaWF0IjoxNjg5NjU0Nzc1fQ.k5GbZi1inEcE1Cp86wIiJ6bWKC9pX8vJ4dCMsiC0OAY
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIvoDx28LUgzwQBRIZCgpyaWdodG1lZGlhEgsIvoDx28LUgzwQBRIXCghwdWJtYXRpYxILCJbWzNzC1IM8EAUSFQoGY2FzYWxlEgsI4riL3cLUgzwQBRIUCgV0YXBhZBILCLLR193C1IM8EAUSFgoHc3Z4OXQ1MBILCPL1ovPC1IM8EAUYASABKAIyCwjy7aWg2dSDPBAFOAFaB3N2eDl0NTBgAg..
.criteo.com/ Name: uid
Value: e7f553f4-eb82-4bfe-af53-caa62fbd0ef6
.w55c.net/ Name: wfivefivec
Value: sIyri1vd1QlCoo5
.w55c.net/ Name: matchmedianet
Value: 5
.media.net/ Name: data-xu
Value: sIyri1vd1QlCoo5~~8
.bidswitch.net/ Name: tuuid
Value: ca07384b-66a2-4fb9-a981-d6bfe726bf33
.bidswitch.net/ Name: c
Value: 1689654776
.bidswitch.net/ Name: tuuid_lu
Value: 1689654776
.dotomi.com/ Name: DotomiTest
Value: 35221be521862072
.media.net/ Name: data-c
Value: e7f553f4-eb82-4bfe-af53-caa62fbd0ef6~~1
.media.net/ Name: data-c-ts
Value: 1689654776
.media.net/ Name: data-bs
Value: ca07384b-66a2-4fb9-a981-d6bfe726bf33~~1
.media.net/ Name: data-co
Value: AAANN0ZLoEX0IwMyQmzkAAAAAAA~~8
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156011:4
.pubmatic.com/ Name: DPSync3
Value: 1690243200%3A248_164%7C1690848000%3A197_226_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1690848000%3A71_21_46_3_8_13_22_54_220%7C1690502400%3A63%7C1690934400%3A35%7C1690243200%3A223
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2cu4:1769~2cu4:175w~2cu4:18z8~2cu4"
.pubmatic.com/ Name: SPugT
Value: 1689654776
.quantserve.com/ Name: d
Value: ENYBCwG_KfijAA
.quantserve.com/ Name: mc
Value: 64b615f8-beb0f-c8613-0fb3a
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm&KRTB&19420-6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm&KRTB&22979-6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm&KRTB&23403-6hn-Fe0Y-hvxT_lB7EuxQOQbrRDxHfpB70wGgTJm
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8695301728596976653&KRTB&23339-8695301728596976653
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8737917020332930807
.rlcdn.com/ Name: rlas3
Value: 3/8KTk9aEYZko4JSu3z84nS3HO65KwilGB4rvN87fHU=
.rlcdn.com/ Name: pxrc
Value: CPmr2KUGEgUI6AcQABIFCOhHEAA=
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFpZmpibm5uZGoJAKxEOJ4QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTG2NLKwsDSwtDAwNBHiM9StyvAIzgnyNvYxyfEGAApM94MlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzEwNTG2NLKwsDSwtDAwNBHiM9StyvAIzgnyNvYxyfEGAApM94MlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1974054392889098014
.pubmatic.com/ Name: PugT
Value: 1689654777
.pippio.com/ Name: did
Value: oZzRETKGpk42jtTz
.pippio.com/ Name: didts
Value: 1689654777
.pippio.com/ Name: nnls
Value:
.nrich.ai/ Name: _nauid
Value: 47f725cb-3e72-4735-a160-b5f60058a1ef
.pippio.com/ Name: pxrc
Value: CPmr2KUGEgQIAhAAEgYI7OsBEAA=
.linksynergy.com/ Name: rmuid
Value: 2720082a-206a-4e12-a086-ee71cb7f2537
.linksynergy.com/ Name: icts
Value: 2023-07-18T04:32:57Z
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ca07384b-66a2-4fb9-a981-d6bfe726bf33

2 Console Messages

Source Level URL
Text
network error URL: https://vp.nyt.com/video/2023/07/17/110068_1_17vid-crimea-bridge_wg_1080p.vtt
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://www.nytimes.com/
Message:
The resource https://rumcdn.geoedge.be/b3960cc6-bfd2-4adc-910c-6e917e8a6a0e/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5290727.fls.doubleclick.net
a.et.nytimes.com
a.nytimes.com
a1.nyt.com
aax.amazon-adsystem.com
accounts.google.com
ads.pubmatic.com
adservice.google.com
als-svc.nytimes.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.brandmetrics.com
cm.g.doubleclick.net
cms.quantserve.com
collector.brandmetrics.com
contextual.media.net
cr-p3.ladsp.com
cs.media.net
d29b016a62780903a89fb88215e1360b.safeframe.googlesyndication.com
dd.nytimes.com
dis.criteo.com
dpm.demdex.net
dsp.nrich.ai
dsum-sec.casalemedia.com
eb2.3lift.com
fastlane.rubiconproject.com
g1.nyt.com
gw.geoedge.be
href.li
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
iteratehq.com
jp-u.openx.net
m.paypal.theone-entertainment.com
match.adsrvr.org
medianet-match.dotomi.com
mwcm.nytimes.com
nytimes-d.openx.net
p.rfihub.com
pagead2.googlesyndication.com
pippio.com
pixel.tapad.com
platform.iteratehq.com
pm.w55c.net
pnytimes.chartbeat.net
pr-bh.ybp.yahoo.com
prebid.media.net
purr.nytimes.com
rtb.openx.net
rumcdn.geoedge.be
s.amazon-adsystem.com
samizdat-graphql.nytimes.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.chartbeat.com
static.nytimes.com
static01.nyt.com
static01.nytimes.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.srv.stackadapt.com
tags.rd.linksynergy.com
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vp.nyt.com
www.google.com
www.googletagmanager.com
www.nytimes.com
x.bidswitch.net
104.254.150.228
107.178.254.65
119.9.108.180
124.146.215.51
13.212.13.134
139.5.84.243
142.251.10.149
15.197.193.217
151.101.1.164
151.101.129.164
151.101.2.49
172.253.118.155
18.139.131.205
18.143.106.89
182.161.73.146
184.51.240.213
185.84.60.20
192.0.78.27
198.8.71.131
20.40.202.2
207.65.33.76
23.106.127.164
23.72.44.21
2404:6800:4003:c00::54
2404:6800:4003:c00::9b
2404:6800:4003:c01::9c
2404:6800:4003:c02::84
2404:6800:4003:c02::9a
2404:6800:4003:c03::61
2404:6800:4003:c05::84
2404:6800:4003:c0f::68
2406:da18:929:5a03:6501:163c:2f11:2df9
2600:9000:2055:1400:10:43f:4352:ad61
2600:9000:2055:7200:4:b37b:9440:93a1
2600:9000:2179:6000:18:1fcd:353:c61
2602:803:c006:158::65
2606:4700:20::681a:6e5
2606:4700:20::ac43:479c
2606:4700:20::ac43:4842
2620:116:800e:21:46d:7e81:55ff:4c12
2a02:fa8:c411:11::730
34.111.113.62
34.120.63.153
34.200.79.221
34.98.67.3
35.190.60.146
35.213.12.39
35.227.252.103
35.230.38.116
35.244.159.8
35.71.178.8
44.226.14.255
51.255.68.171
52.220.50.50
52.33.228.203
52.46.130.91
54.165.154.245
54.184.86.91
54.251.17.22
65.8.11.57
65.8.11.90
65.8.11.99
67.199.150.81
67.199.150.86
96.17.188.24
99.86.175.93
99.86.181.129
02e2cd2602a58e40072eb3413408e618dcd43ca4767c1a62ff39b00fe6b4bf19
03dfcd45330153f31dfcd23f806dca33e8005d16b9e5db965a77d1e6d85a23c7
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0744b5a06712d19c1b72db9691015da5567bda61a5a05ed27b60834cd2e6dfcf
097e76c5004f0958f07d74c7647cbe899ec6a8ff954875a918fa8e66c7d1a4b7
09bff184ea094a06e46d7f26512fd7b245304078a27f1ba8084488cbcf7704de
0a6feb1d591f3bcdd5eda5052e0e8487afb00a70984e5f53817316d805e19898
0a8cea5595d87be4e3a256959f91f7e4f6607ea567dc5211169dfefb6494e398
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b904723c5938b523c9ae329ba2b763681cb1de225c8f202d11012cbfd533f1f
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0cc50b3398c7c3bfb3a7b5712266da8c6ce16fb5492904fc6db8f1610b93388c
0d70a7f9fc8b3472700ace3208931418592c491e6e6b2d1b76a87631608a8fbd
0d7ccee7c64ea7c455ea02283deaa6a1d0b862d4494cc0e8a5e7f8c4de932943
0f623022fafca6cc4d488fd23f4213c652cd0f172c2972fd2261f4dd215f4f56
12963c41dffbae547d3bd8f1fb42bcdb32012d02ffa988f34bf4a8068ac5b5bf
1361e927c1f3fa18f8488eda0196d64e6fa7863cb88087bfc3f7ea84ed496919
153be1d30a02066773a037281f6aae3837a41a1044d27f1fb3e12b6bbec1d990
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1ecb1f9522433be3adfad377816095c7d5b27d02c1efbbbb793e341b829d83d9
1ecfa9d7346d5873725d2caefa5176c0060bb9cb045f8e668ad81a6fdf47f4cb
20426e26922c4a942f149765ac9335621741dbcc69efba4900e40f332a05e349
218ba06285163d27e32d76cbb6dffca7c600f544b44f2c7cf93f8f7b0333e853
233632416729ef588cbf0997cd2e969ab7d33c4008405055a0000bd3134a6b5b
26ac3923f291729d129cc5d795a3ca29b05e5f6cd9054bbb178ec6e93a7cf36a
27e9350288dbd66f5e32152a9d5c6eb4ddc591d4d8f52b13aa7a225a59a70d1b
29706c4ab8f4d48b33ccb0ea813f8afb5f7ac569f623536b96fba6cf1fc60e9b
29ecfb409c16fd507165dcc6af7df6779167626f4efeb77f912cde4a3e1c0e81
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3055d5d68f5674e858058b42ffa0cebb7b895da68b3607b96c60a43f8156bd80
34cca514a48181ab00cb3186bf75b6919c3b1872dc393d2cd8b7ddff252e4804
3563ad8d0275755716a8df31eb7a4d459844b48608fa6ff9633ecb63fa5c1367
3a2efde7de9e2a15b485f2a3e5602034227cf8ac1de5e23d5b9ad2464c8236a6
3bc0626d4c6419e299f673f39b0d611f0b58a52555193d7bb7da34ec4682d77a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4070be2af7923069ba718318e1e8de4e6464f6aebc6ad850581cec7dcdebe7a7
40aa33d90d2483cff89056015213356a765105e83856ffe8f3f7b5aafa98878e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4759add7777263fab04aac8fc245fc6d17ec48c924142c34c03c99652c8cf939
4833285dd4e3e441d3f4a613f3c0567567403622e4d84f5f78ff9b1cb89d72cf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c0d5e9eb4f1ffe7f51d1d5a3fb30f236eb9761a044a802f30fc23b247fe47c1
4c3dbd66fad876a3024518532a3875e56ea54ac5304b463570fbf749f8d23c2d
4cfad6b2bbe25583d4fe6417b159b9fef86507b6b74592d6addd1879d35ec0b9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6db49f7be643cc7f69ebfa48cab3295a63db0ab353ce7badb98d8335066bc0
4f8126458ff5f43fde539337b09cc3fef210bf0491ff46721342ac0d192b626a
4f837869b80c34ed1a128362a6ed24ff5ebdae743dc55eb3c183ae9c8b5f4ca3
522ae3ec74ed1439b18121a59bc547ccc5ba8f272e2bfd8f7d23735bebc524d7
54aba1e5d614eb5d2ed58953f986694b197128820b37dd7266f4a5ae5a6e50de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f5d7753bfd32edfa04bb28d297638ca4d694540f73d88e9ef6f596554a198e
564385e5dd8a1058fd759445c33b2c554d409528496b9d91533eeb079f6415de
57bc281be64ff5ec8e3c2258640df6097a32f08ac5a2c346f214300eb430f176
57dca90a16ae03177ac28fbff3cdd53d796b3cae477f49b603af81451e4775fa
5b1d9161b1d6227fbbe91742dcf0e2899cbffac41032074a6c2ae3a1603ee949
5ddee1e34eba103f16837876d798f61a458c97b9aff7500721369d017c4ab8ed
61987b71501afac79b03e8baa611020d395a37e824fd2360e7831443a305e71d
619b65aa4b75d2ca6a2dc75ac70c3da027aa220ac52f2140d0799111cf936161
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b604666d26656ab11d0c313f862dd8df1268a234523c58f369172eef2a4733
62ecb2c76b4179b7ae15e6cf85ed81b63fed0e7838897e3171a2af6952948f33
664c6fc5a3e948675e46eea65f90c96b2fc04391006005ebae85490095e95f7b
68e9a548a0bbc2ad0662101a9a3511db4611944e3c034f9232f3b3c6274d2add
6b829e07c565bc871af6e9acacab9b60d2ed6ca7e5d1c7d5949af7220d03a0ba
6cdf5b8d8528713b5a7b3fae738d27e6107afa0cc3a8e691a9d612303f6dfd7a
70022d0ac9af3ad82aca7d998570f70715e87927a541b1059f1c7011a7097d48
73bd4d0f8a3ec1a6b0ec41f111a2b46ba4c242d4dc7bdf0817c4af97a6dfa48e
7753d8243589a8ade0618437770f6e1c8cd86906f3fdfff8c36c10a9fc65172a
7837207f1197c426c0551dcbead6be815beff78431f5c45e84014a94cfde09d5
7dcbc19c68e87e4b23f85027e02ac7f3c89fa259973ec92bbe27e49ad002bf47
7fc8ffe146920bc95fb53e3164d22a5109d47430ad41b042107db78403aae11c
81ad1c33fafc4f1931e2936406de341dbb217bdf14e86af20cd53cf94b3f2c17
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85bee2e512beeb93c704c13381735ed93c26e12188e1f8225f50c6bce230793c
88523cede4105fd43f40b3afa851416f61ff389f399ac10ffa969542d12e8005
8a537b6649543b696a6425c0a9f1dc05093226d90a87ebec93d48559ab548cf3
8aa1e610b22079cb84a89491850b86860036e3f2c9750a367d839b9a6a63d306
8b4c70f6d653a07143d71c8ecdf16240b7981fb307c9662cb2fd0a87eeca1ee7
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
95f30b2acd202a90e206e85682a20c1817a1de12562ec6707b64a33816e324f5
9648fff1f5c810144a04c577b6421c07c5ac899666b087236880aebd95533c95
97246510a9c47d0a1c0162ef039f3cf032dabf302e9533048f935017c60aa451
978473eef5cf50c3a42139e9acc4151c54d55dd3b73f5c1f4489bf4f3ee013c0
97dc79ff94642477dcfa3e27f0a6de7c8d19d3238942291d8a8889929f5a2ea9
98eaa1edbc96e93687db9b994a662f2f6c59fbcb7659bdefc798db4b3f46b473
99001c53908d4b4d35ab1dcfdf8e75d2b0625d14fe1dea75f26cee7e8f6c115c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99cb5d5dc1814ed3f243d841b718a71ec98da7b244bb118e233c4ea88c2876ba
9a43ab8056183a8efcf0e882990c2601381a735e02bba004439e010055c55d47
9b47b9d0575c29e333f0cb147ea48da7cf931ce07f206a4d5ca71aa3e5084fe3
9c10004f09158911237b997628ccd710106bd9b03c8fc1a680c39c129523e39c
9cadac8e1ac1442817c74a18919d04b66f9b3a9733ce707bc560c394bc443ad3
a02850d90f1195bbf1a0ddd8151512a081d1d4b17d71811d8797ef83bba2666a
a1533194a09207235ccccb1e3429f86b31fed80301a1b2296cf12d8a0127a417
a1fde16c8925229942af454f891dff928d29a468647ffe3a7a928f43b78eb460
a36011222ccfe19db9773b0297dbf55fa32f88a963f7719935c50852bd1d0ede
a3c37db5087d58e11ca298b812247f8422aacff1f7f1a8cb2363b0cb82fc5e93
a43ee2cbb716633cd21633b3895bb8dcba40b348f5b3c48080d1d85a98b91521
a57e80be4a6f3ac8d1781915ba6fd0f999577482f4c1c89deaa8dad524db6b46
a9433f8b070769d1644291a5ce53af9183fbac562b989201968acb5914eeb4f6
a95d0ba770e5be7ed5ffbbbfcaba0ad46aead8bd39fa359cb96263bc56bb1699
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
addc472d9cdbbe7b865e216906b388af3d03c577315cb1949fe38d414cb24037
af18e57dfa46a006c87bbeedbcff9a66ea55147976b535ea7aee59ff1185c430
b01f09568a2cab0f382006fa76dc34f60b96263764e5efca7bb17ac072ebf9a2
b07a49ac3c29027eb0dd198c61c7151e928244f289b41720497d6aea73cb44c5
b085e9e97f13880495c254ecc8d18df9eae28d2103833e8a52e51711be9b7bb8
b126be6e17385adeac438e0c4c3c7e211553e4443a5ac9df6fa35469922537f2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f5c5f6f552ab177b23229c4fd560d822fc18ff041ae9eb39a0b1e608e27f4a
b258ffd3a08a017cf3fc0d9f58860e3eb9172589537bdba0ab966ab475e40222
b2c3a7d02660575588914cc2eac2bc83555f39329550a54e141278528923c719
b32e3879c83af441e675efa49587cb894bdd3c10420475f79879fbfb7a69766b
b5221e0636a97505ae38720d4ef182d35be5fb47d2628428db4fc918ab7ee30e
b72897a3747ac80f6b731cd205f1ca1fac51c58898b8b43ec7fdd026da2efc34
b7715dcf5357ce23529342ad42c033d198e99b3cc81b4d3ee144d61368cd9361
b950db85750f4bb0a0a5fad5d439ddee2a06c3c73d6c21913788d7b604a59610
ba12a34407540c7d6c1a4ab78d7d566060b1ee92bdce94345bf1749fd2f3e11f
baabb01c05f5a7a83cf26233fcbb29790b584afb736caa63cb26ed1d051aa78d
bb1907757a4e2ac40a7b0b09b83110848727dbdac48023e8eb1da4d3f951bdcc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcea2e144ea2c4aafa5a3e3d30dd0b9080adb24cb2b1c2b9d7dfa9ad9c79244c
bd53d53dae8cdbe7a57eb72f1a7ebffb60dc52573408f833277b7d2951d48fb9
be3c2e371e0c0915b0754a62ffa3d867d6b4acb090737407aec29f90638824f2
bf8be97d9fc18f543554ee21bf549242614644bb76678d624bfdbc327565da90
c1528242dde1e0063750ab6a8e2d09ecee4bbddff42e766a88bc653d3082e2bb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ad39a397469fa7875cb5d1941241ebdca4f75096babc62fb872e68b6bbfc53
c63895ae1bb928e25466c9f7f49870de78034d4a2c5021be43e9aa4e7da7be1d
caa32aba4a21d6d11890097a32a34fad58f6db74c904c5b11d9903831f6488ed
cafdd99fc21fc6409370730e54a746a5499c853b41eed1eac725b53be21712d6
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db
d3d5f785bb67d49cc2c3643e14c382fed307dfa11b012d37d20016ae628d966b
d7b13fb7506f9c636fa218d984c4e8dd5841e393186ac3c83bb408d97acd75a7
d9840098d938c09fe3c3995e19c54bffba606c15f094699e2241da0f70aaf4cf
ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d
de8cf6513a7ca3079135de2d5d6376587ce66764a937ba25e86ccd31dc87fd62
df62bdce35e1c96fbbac865101bf22e43bb8532ab331f1a146e36ec30a89ad49
e33f27ca48f4baacb28be9b0e7447ddffce3d30a827351b77e5e190dfe1ea1f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444fdaa833e612d239cf21a335b8322ad8cb7c7ba697ec978bdb454f5059519
e874d214ca6f1a79f526f940f1a1be1924e234414385d08bfb021b90468dce4f
ea939bd13d79a17cc436d4c3e102d4060cb7ebf0e8e61918f3d034580dff02b9
eb0b4579627401c51d6b23f93a99c9d60e6a0b4e7cc093bcd95082898109cddd
eb8e4f901a4800bd014c125c65d76cfdd48058f0412a1f72ddbd613cd4d1db4a
ee148aca81868279571989a328eb505329e7939136e349a481c6644d0ed87d04
eee0fef74a978b2031fa7c419edb3d1f54f96228f081adbce49821fe2a0594bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22b065f74f94e584bc2f5369c7729709126e755139d4380981468865f61952a
f516572a2cf63a68349d85f550cbeb47fc707e26af42e376c25590edbba9d813
f5ae2a3c7f70582ce3723b2a30991fc7e17846d2e2ab40dd45ae20633f7b6360
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe
fb177985ebe75561e65bcb91d425186017f2017e70c5c7f8cf8915ef7e403181
fb8a9ef7fb4a455c183005fd1a1030b0a699c76ccb176495d1f25f1c634fec3e
fe8d5a6f12533884b6896dd290e422c830e86e0228d45dbe97ac03c6e86a5b5a